Fix cascading privilege revoke to notice when privileges are still held.

If we revoke a grant option from some role X, but X still holds the option via another grant, we should not recursively revoke the privilege from role(s) Y that X had granted it to. This was supposedly fixed as one aspect of commit 4b2dafcc0b1a579ef5daaa2728223006d1ff98e9, but I must not have tested it, because in fact that code never worked: it forgot to shift the grant-option bits back over when masking the bits being revoked. Per bug #6728 from Daniel German. Back-patch to all active branches, since this has been wrong since 8.0.
author: Tom Lane <tgl@sss.pgh.pa.us> 2012-08-23 17:25:28 -0400
committer: Tom Lane <tgl@sss.pgh.pa.us> 2012-08-23 17:25:28 -0400
commit: bf3b85c6bed2e6b2c104c21d18e78bdb3bcdfb06 (patch)
tree: 8c4121739dc093f1002d5776a099bf3ac32cafee /src/backend/utils
parent: d17cf76bed16029bc930fbf4094d8e8112e22aa7 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index 79ca6c13724..be17019a4ac 100644
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -1163,11 +1163,11 @@ recursive_revoke(Acl *acl,
 	if (grantee == ownerId)
 		return acl;
 
-	/* The grantee might still have the privileges via another grantor */
+	/* The grantee might still have some grant options via another grantor */
 	still_has = aclmask(acl, grantee, ownerId,
 						ACL_GRANT_OPTION_FOR(revoke_privs),
 						ACLMASK_ALL);
-	revoke_privs &= ~still_has;
+	revoke_privs &= ~ACL_OPTION_TO_PRIVS(still_has);
 	if (revoke_privs == ACL_NO_RIGHTS)
 		return acl;
author	Tom Lane <tgl@sss.pgh.pa.us>	2012-08-23 17:25:28 -0400
committer	Tom Lane <tgl@sss.pgh.pa.us>	2012-08-23 17:25:28 -0400
commit	bf3b85c6bed2e6b2c104c21d18e78bdb3bcdfb06 (patch)
tree	8c4121739dc093f1002d5776a099bf3ac32cafee /src/backend/utils
parent	d17cf76bed16029bc930fbf4094d8e8112e22aa7 (diff)