From: | rhaas(at)postgresql(dot)org (Robert Haas) |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: Centralize DML permissions-checking logic. |
Date: | 2010-07-22 00:47:59 |
Message-ID: | 20100722004759.EF51F7541D5@cvs.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Log Message:
-----------
Centralize DML permissions-checking logic.
Remove bespoke code in DoCopy and RI_Initial_Check, which now instead
fabricate call ExecCheckRTPerms with a manufactured RangeTblEntry.
This is intended to make it feasible for an enhanced security provider
to actually make use of ExecutorCheckPerms_hook, but also has the
advantage that RI_Initial_Check can allow use of the fast-path when
column-level but not table-level permissions are present.
KaiGai Kohei. Reviewed (in an earlier version) by Stephen Frost, and by me.
Some further changes to the comments by me.
Modified Files:
--------------
pgsql/src/backend/commands:
copy.c (r1.327 -> r1.328)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/commands/copy.c?r1=1.327&r2=1.328)
pgsql/src/backend/executor:
execMain.c (r1.351 -> r1.352)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execMain.c?r1=1.351&r2=1.352)
pgsql/src/backend/utils/adt:
ri_triggers.c (r1.118 -> r1.119)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/adt/ri_triggers.c?r1=1.118&r2=1.119)
pgsql/src/include/executor:
executor.h (r1.170 -> r1.171)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/executor/executor.h?r1=1.170&r2=1.171)
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2010-07-22 01:22:35 | pgsql: Add options to force quoting of all identifiers. |
Previous Message | Bruce Momjian | 2010-07-20 18:38:53 | pgsql: CVS test: please ignore Does modification just of CVS tag text |