From cfd7fb7ed4b66da97f88338d991843fa7e2fe59d Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Wed, 14 Jan 2004 23:01:55 +0000 Subject: Fix permission-checking bug reported by Tim Burgess 10-Feb-03 (this time for sure...). Rather than relying on the query context of a rangetable entry to identify what permissions it wants checked, store a full AclMode mask in each RTE, and check exactly those bits. This allows an RTE specifying, say, INSERT privilege on a view to be copied into a derived UPDATE query without changing meaning. Per recent discussion thread. initdb forced due to change of stored rule representation. --- src/include/utils/acl.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'src/include/utils/acl.h') diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h index be34fcce5ce..efe7af30b20 100644 --- a/src/include/utils/acl.h +++ b/src/include/utils/acl.h @@ -7,7 +7,7 @@ * Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/include/utils/acl.h,v 1.65 2003/11/29 22:41:15 pgsql Exp $ + * $PostgreSQL: pgsql/src/include/utils/acl.h,v 1.66 2004/01/14 23:01:55 tgl Exp $ * * NOTES * An ACL array is simply an array of AclItems, representing the union @@ -28,7 +28,12 @@ #include "utils/array.h" -/* typedef AclId is declared in c.h */ +/* + * typedef AclId is declared in c.h + * + * typedef AclMode is declared in parsenodes.h, also the individual privilege + * bit meanings are defined there + */ #define ACL_ID_WORLD 0 /* placeholder for id in a WORLD acl item */ @@ -39,11 +44,6 @@ #define ACL_IDTYPE_UID 0x01 /* user id - from pg_shadow */ #define ACL_IDTYPE_GID 0x02 /* group id - from pg_group */ -/* - * AclMode a bitmask of privilege bits - */ -typedef uint32 AclMode; - /* * AclItem * -- cgit v1.2.3