From afbfc02983f86c4d71825efa6befd547fe81a926 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Sun, 13 Nov 2022 08:11:17 +0100 Subject: Refactor ownercheck functions Instead of dozens of mostly-duplicate pg_foo_ownercheck() functions, write one common function object_ownercheck() that can handle almost all of them. We already have all the information we need, such as which system catalog corresponds to which catalog table and which column is the owner column. Reviewed-by: Corey Huinker Reviewed-by: Antonin Houska Discussion: https://www.postgresql.org/message-id/flat/95c30f96-4060-2f48-98b5-a4392d3b6066@enterprisedb.com --- src/backend/commands/functioncmds.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'src/backend/commands/functioncmds.c') diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c index 1f820c93e96..3645216c4b5 100644 --- a/src/backend/commands/functioncmds.c +++ b/src/backend/commands/functioncmds.c @@ -1377,7 +1377,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt) procForm = (Form_pg_proc) GETSTRUCT(tup); /* Permission check: must own function */ - if (!pg_proc_ownercheck(funcOid, GetUserId())) + if (!object_ownercheck(ProcedureRelationId, funcOid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype, NameListToString(stmt->func->objname)); @@ -1554,8 +1554,8 @@ CreateCast(CreateCastStmt *stmt) TypeNameToString(stmt->targettype)))); /* Permission check */ - if (!pg_type_ownercheck(sourcetypeid, GetUserId()) - && !pg_type_ownercheck(targettypeid, GetUserId())) + if (!object_ownercheck(TypeRelationId, sourcetypeid, GetUserId()) + && !object_ownercheck(TypeRelationId, targettypeid, GetUserId())) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("must be owner of type %s or type %s", @@ -1838,7 +1838,7 @@ CreateTransform(CreateTransformStmt *stmt) errmsg("data type %s is a domain", TypeNameToString(stmt->type_name)))); - if (!pg_type_ownercheck(typeid, GetUserId())) + if (!object_ownercheck(TypeRelationId, typeid, GetUserId())) aclcheck_error_type(ACLCHECK_NOT_OWNER, typeid); aclresult = pg_type_aclcheck(typeid, GetUserId(), ACL_USAGE); @@ -1861,7 +1861,7 @@ CreateTransform(CreateTransformStmt *stmt) { fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false); - if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId())) + if (!object_ownercheck(ProcedureRelationId, fromsqlfuncid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname)); aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE); @@ -1887,7 +1887,7 @@ CreateTransform(CreateTransformStmt *stmt) { tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false); - if (!pg_proc_ownercheck(tosqlfuncid, GetUserId())) + if (!object_ownercheck(ProcedureRelationId, tosqlfuncid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname)); aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE); -- cgit v1.2.3