diff options
| author | Michael Paquier <michael@paquier.xyz> | 2022-09-29 15:05:40 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2022-09-29 15:05:40 +0900 |
| commit | 0823d061b0b7f1e20fbfd48bef3c2e093493dbd4 (patch) | |
| tree | 49b915201d8f0b273a3adc7abfa5ef814fdda17e /src/backend/utils/init/miscinit.c | |
| parent | 5ac9e869191148741539e626b84ba7e77dc71670 (diff) | |
Introduce SYSTEM_USER
SYSTEM_USER is a reserved keyword of the SQL specification that,
roughly described, is aimed at reporting some information about the
system user who has connected to the database server. It may include
implementation-specific information about the means by the user
connected, like an authentication method.
This commit implements SYSTEM_USER as of auth_method:identity, where
"auth_method" is a keyword about the authentication method used to log
into the server (like peer, md5, scram-sha-256, gss, etc.) and
"identity" is the authentication identity as introduced by 9afffcb (peer
sets authn to the OS user name, gss to the user principal, etc.). This
format has been suggested by Tom Lane.
Note that thanks to d951052, SYSTEM_USER is available to parallel
workers.
Bump catalog version.
Author: Bertrand Drouvot
Reviewed-by: Jacob Champion, Joe Conway, Álvaro Herrera, Michael Paquier
Discussion: https://postgr.es/m/7e692b8c-0b11-45db-1cad-3afc5b57409f@amazon.com
Diffstat (limited to 'src/backend/utils/init/miscinit.c')
| -rw-r--r-- | src/backend/utils/init/miscinit.c | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/src/backend/utils/init/miscinit.c b/src/backend/utils/init/miscinit.c index 4d341d3f7f1..dfdcd3d78eb 100644 --- a/src/backend/utils/init/miscinit.c +++ b/src/backend/utils/init/miscinit.c @@ -477,6 +477,7 @@ static Oid AuthenticatedUserId = InvalidOid; static Oid SessionUserId = InvalidOid; static Oid OuterUserId = InvalidOid; static Oid CurrentUserId = InvalidOid; +static const char *SystemUser = NULL; /* We also have to remember the superuser state of some of these levels */ static bool AuthenticatedUserIsSuperuser = false; @@ -549,6 +550,16 @@ SetSessionUserId(Oid userid, bool is_superuser) } /* + * Return the system user representing the authenticated identity. + * It is defined in InitializeSystemUser() as auth_method:authn_id. + */ +const char * +GetSystemUser(void) +{ + return SystemUser; +} + +/* * GetAuthenticatedUserId - get the authenticated user ID */ Oid @@ -818,6 +829,45 @@ InitializeSessionUserIdStandalone(void) SetSessionUserId(BOOTSTRAP_SUPERUSERID, true); } +/* + * Initialize the system user. + * + * This is built as auth_method:authn_id. + */ +void +InitializeSystemUser(const char *authn_id, const char *auth_method) +{ + char *system_user; + + /* call only once */ + Assert(SystemUser == NULL); + + /* + * InitializeSystemUser should be called only when authn_id is not NULL, + * meaning that auth_method is valid. + */ + Assert(authn_id != NULL); + + system_user = psprintf("%s:%s", auth_method, authn_id); + + /* Store SystemUser in long-lived storage */ + SystemUser = MemoryContextStrdup(TopMemoryContext, system_user); + pfree(system_user); +} + +/* + * SQL-function SYSTEM_USER + */ +Datum +system_user(PG_FUNCTION_ARGS) +{ + const char *sysuser = GetSystemUser(); + + if (sysuser) + PG_RETURN_DATUM(CStringGetTextDatum(sysuser)); + else + PG_RETURN_NULL(); +} /* * Change session auth ID while running |