From 9ff42bc49718a2bb03f985aff52f32c629d91c03 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Wed, 11 Oct 2017 18:35:19 -0400 Subject: [PATCH v3 1/2] Replace GrantObjectType with ObjectType There used to be a lot of different *Type and *Kind symbol groups to address objects within different commands, most of which have been replaced by ObjectType, starting with b256f2426433c56b4bea3a8102757749885b81ba. But this conversion was never done for the ACL commands until now. This change ends up being just a plain replacement of the types and symbols, without any code restructuring needed, except deleting some now redundant code. --- src/backend/catalog/aclchk.c | 242 +++++++++++++++++------------------ src/backend/catalog/heap.c | 4 +- src/backend/catalog/objectaddress.c | 1 + src/backend/catalog/pg_namespace.c | 2 +- src/backend/catalog/pg_proc.c | 2 +- src/backend/catalog/pg_type.c | 2 +- src/backend/commands/event_trigger.c | 186 ++++++++++++++++----------- src/backend/parser/gram.y | 54 ++++---- src/backend/tcop/utility.c | 2 +- src/backend/utils/adt/acl.c | 58 ++++----- src/include/commands/event_trigger.h | 1 - src/include/nodes/parsenodes.h | 22 +--- src/include/tcop/deparse_utility.h | 2 +- src/include/utils/acl.h | 6 +- src/include/utils/aclchk_internal.h | 4 +- 15 files changed, 305 insertions(+), 283 deletions(-) diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c index e481cf3d11..06c2086295 100644 --- a/src/backend/catalog/aclchk.c +++ b/src/backend/catalog/aclchk.c @@ -86,7 +86,7 @@ typedef struct Oid nspid; /* namespace, or InvalidOid if none */ /* remaining fields are same as in InternalGrant: */ bool is_grant; - GrantObjectType objtype; + ObjectType objtype; bool all_privs; AclMode privileges; List *grantees; @@ -116,8 +116,8 @@ static void ExecGrant_Type(InternalGrant *grantStmt); static void SetDefaultACLsInSchemas(InternalDefaultACL *iacls, List *nspnames); static void SetDefaultACL(InternalDefaultACL *iacls); -static List *objectNamesToOids(GrantObjectType objtype, List *objnames); -static List *objectsInSchemaToOids(GrantObjectType objtype, List *nspnames); +static List *objectNamesToOids(ObjectType objtype, List *objnames); +static List *objectsInSchemaToOids(ObjectType objtype, List *nspnames); static List *getRelationsInNamespace(Oid namespaceId, char relkind); static void expand_col_privileges(List *colnames, Oid table_oid, AclMode this_privileges, @@ -266,7 +266,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT; break; case ACL_KIND_NAMESPACE: - whole_mask = ACL_ALL_RIGHTS_NAMESPACE; + whole_mask = ACL_ALL_RIGHTS_SCHEMA; break; case ACL_KIND_TABLESPACE: whole_mask = ACL_ALL_RIGHTS_TABLESPACE; @@ -441,68 +441,68 @@ ExecuteGrantStmt(GrantStmt *stmt) /* * Convert stmt->privileges, a list of AccessPriv nodes, into an AclMode - * bitmask. Note: objtype can't be ACL_OBJECT_COLUMN. + * bitmask. Note: objtype can't be OBJECT_COLUMN. */ switch (stmt->objtype) { + case OBJECT_RELATION: /* * Because this might be a sequence, we test both relation and * sequence bits, and later do a more limited test when we know * the object type. */ - case ACL_OBJECT_RELATION: all_privileges = ACL_ALL_RIGHTS_RELATION | ACL_ALL_RIGHTS_SEQUENCE; errormsg = gettext_noop("invalid privilege type %s for relation"); break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: all_privileges = ACL_ALL_RIGHTS_SEQUENCE; errormsg = gettext_noop("invalid privilege type %s for sequence"); break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: all_privileges = ACL_ALL_RIGHTS_DATABASE; errormsg = gettext_noop("invalid privilege type %s for database"); break; - case ACL_OBJECT_DOMAIN: + case OBJECT_DOMAIN: all_privileges = ACL_ALL_RIGHTS_TYPE; errormsg = gettext_noop("invalid privilege type %s for domain"); break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for function"); break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: all_privileges = ACL_ALL_RIGHTS_LANGUAGE; errormsg = gettext_noop("invalid privilege type %s for language"); break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: all_privileges = ACL_ALL_RIGHTS_LARGEOBJECT; errormsg = gettext_noop("invalid privilege type %s for large object"); break; - case ACL_OBJECT_NAMESPACE: - all_privileges = ACL_ALL_RIGHTS_NAMESPACE; + case OBJECT_SCHEMA: + all_privileges = ACL_ALL_RIGHTS_SCHEMA; errormsg = gettext_noop("invalid privilege type %s for schema"); break; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for procedure"); break; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for routine"); break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: all_privileges = ACL_ALL_RIGHTS_TABLESPACE; errormsg = gettext_noop("invalid privilege type %s for tablespace"); break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: all_privileges = ACL_ALL_RIGHTS_TYPE; errormsg = gettext_noop("invalid privilege type %s for type"); break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: all_privileges = ACL_ALL_RIGHTS_FDW; errormsg = gettext_noop("invalid privilege type %s for foreign-data wrapper"); break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: all_privileges = ACL_ALL_RIGHTS_FOREIGN_SERVER; errormsg = gettext_noop("invalid privilege type %s for foreign server"); break; @@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt) */ if (privnode->cols) { - if (stmt->objtype != ACL_OBJECT_RELATION) + if (stmt->objtype != OBJECT_RELATION) ereport(ERROR, (errcode(ERRCODE_INVALID_GRANT_OPERATION), errmsg("column privileges are only valid for relations"))); @@ -574,38 +574,38 @@ ExecGrantStmt_oids(InternalGrant *istmt) { switch (istmt->objtype) { - case ACL_OBJECT_RELATION: - case ACL_OBJECT_SEQUENCE: + case OBJECT_RELATION: + case OBJECT_SEQUENCE: ExecGrant_Relation(istmt); break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: ExecGrant_Database(istmt); break; - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_TYPE: + case OBJECT_DOMAIN: + case OBJECT_TYPE: ExecGrant_Type(istmt); break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: ExecGrant_Fdw(istmt); break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: ExecGrant_ForeignServer(istmt); break; - case ACL_OBJECT_FUNCTION: - case ACL_OBJECT_PROCEDURE: - case ACL_OBJECT_ROUTINE: + case OBJECT_FUNCTION: + case OBJECT_PROCEDURE: + case OBJECT_ROUTINE: ExecGrant_Function(istmt); break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: ExecGrant_Language(istmt); break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: ExecGrant_Largeobject(istmt); break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: ExecGrant_Namespace(istmt); break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: ExecGrant_Tablespace(istmt); break; default: @@ -619,7 +619,7 @@ ExecGrantStmt_oids(InternalGrant *istmt) * the functions a chance to adjust the istmt with privileges actually * granted. */ - if (EventTriggerSupportsGrantObjectType(istmt->objtype)) + if (EventTriggerSupportsObjectType(istmt->objtype)) EventTriggerCollectGrant(istmt); } @@ -634,7 +634,7 @@ ExecGrantStmt_oids(InternalGrant *istmt) * to fail. */ static List * -objectNamesToOids(GrantObjectType objtype, List *objnames) +objectNamesToOids(ObjectType objtype, List *objnames) { List *objects = NIL; ListCell *cell; @@ -643,8 +643,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) switch (objtype) { - case ACL_OBJECT_RELATION: - case ACL_OBJECT_SEQUENCE: + case OBJECT_RELATION: + case OBJECT_SEQUENCE: foreach(cell, objnames) { RangeVar *relvar = (RangeVar *) lfirst(cell); @@ -654,7 +654,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, relOid); } break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: foreach(cell, objnames) { char *dbname = strVal(lfirst(cell)); @@ -664,8 +664,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, dbid); } break; - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_TYPE: + case OBJECT_DOMAIN: + case OBJECT_TYPE: foreach(cell, objnames) { List *typname = (List *) lfirst(cell); @@ -675,7 +675,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, oid); } break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: foreach(cell, objnames) { ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell); @@ -685,7 +685,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, funcid); } break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: foreach(cell, objnames) { char *langname = strVal(lfirst(cell)); @@ -695,7 +695,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, oid); } break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: foreach(cell, objnames) { Oid lobjOid = oidparse(lfirst(cell)); @@ -709,7 +709,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, lobjOid); } break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: foreach(cell, objnames) { char *nspname = strVal(lfirst(cell)); @@ -719,7 +719,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, oid); } break; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: foreach(cell, objnames) { ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell); @@ -729,7 +729,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, procid); } break; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: foreach(cell, objnames) { ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell); @@ -739,7 +739,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, routid); } break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: foreach(cell, objnames) { char *spcname = strVal(lfirst(cell)); @@ -749,7 +749,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, spcoid); } break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: foreach(cell, objnames) { char *fdwname = strVal(lfirst(cell)); @@ -758,7 +758,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, fdwid); } break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: foreach(cell, objnames) { char *srvname = strVal(lfirst(cell)); @@ -783,7 +783,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) * no privilege checking on the individual objects here. */ static List * -objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) +objectsInSchemaToOids(ObjectType objtype, List *nspnames) { List *objects = NIL; ListCell *cell; @@ -798,7 +798,7 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) switch (objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_RELATION: objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION); objects = list_concat(objects, objs); objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW); @@ -810,13 +810,13 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) objs = getRelationsInNamespace(namespaceId, RELKIND_PARTITIONED_TABLE); objects = list_concat(objects, objs); break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: objs = getRelationsInNamespace(namespaceId, RELKIND_SEQUENCE); objects = list_concat(objects, objs); break; - case ACL_OBJECT_FUNCTION: - case ACL_OBJECT_PROCEDURE: - case ACL_OBJECT_ROUTINE: + case OBJECT_FUNCTION: + case OBJECT_PROCEDURE: + case OBJECT_ROUTINE: { ScanKeyData key[2]; int keycount; @@ -835,12 +835,12 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) * When looking for procedures, check for return type ==0. * When looking for routines, don't check the return type. */ - if (objtype == ACL_OBJECT_FUNCTION) + if (objtype == OBJECT_FUNCTION) ScanKeyInit(&key[keycount++], Anum_pg_proc_prorettype, BTEqualStrategyNumber, F_OIDNE, InvalidOid); - else if (objtype == ACL_OBJECT_PROCEDURE) + else if (objtype == OBJECT_PROCEDURE) ScanKeyInit(&key[keycount++], Anum_pg_proc_prorettype, BTEqualStrategyNumber, F_OIDEQ, @@ -993,32 +993,32 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s */ switch (action->objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_RELATION: all_privileges = ACL_ALL_RIGHTS_RELATION; errormsg = gettext_noop("invalid privilege type %s for relation"); break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: all_privileges = ACL_ALL_RIGHTS_SEQUENCE; errormsg = gettext_noop("invalid privilege type %s for sequence"); break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for function"); break; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for procedure"); break; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for routine"); break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: all_privileges = ACL_ALL_RIGHTS_TYPE; errormsg = gettext_noop("invalid privilege type %s for type"); break; - case ACL_OBJECT_NAMESPACE: - all_privileges = ACL_ALL_RIGHTS_NAMESPACE; + case OBJECT_SCHEMA: + all_privileges = ACL_ALL_RIGHTS_SCHEMA; errormsg = gettext_noop("invalid privilege type %s for schema"); break; default: @@ -1184,38 +1184,38 @@ SetDefaultACL(InternalDefaultACL *iacls) */ switch (iacls->objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_RELATION: objtype = DEFACLOBJ_RELATION; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_RELATION; break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: objtype = DEFACLOBJ_SEQUENCE; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_SEQUENCE; break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: objtype = DEFACLOBJ_FUNCTION; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_FUNCTION; break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: objtype = DEFACLOBJ_TYPE; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_TYPE; break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: if (OidIsValid(iacls->nspid)) ereport(ERROR, (errcode(ERRCODE_INVALID_GRANT_OPERATION), errmsg("cannot use IN SCHEMA clause when using GRANT/REVOKE ON SCHEMAS"))); objtype = DEFACLOBJ_NAMESPACE; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) - this_privileges = ACL_ALL_RIGHTS_NAMESPACE; + this_privileges = ACL_ALL_RIGHTS_SCHEMA; break; default: @@ -1430,19 +1430,19 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid) switch (pg_default_acl_tuple->defaclobjtype) { case DEFACLOBJ_RELATION: - iacls.objtype = ACL_OBJECT_RELATION; + iacls.objtype = OBJECT_RELATION; break; case DEFACLOBJ_SEQUENCE: - iacls.objtype = ACL_OBJECT_SEQUENCE; + iacls.objtype = OBJECT_SEQUENCE; break; case DEFACLOBJ_FUNCTION: - iacls.objtype = ACL_OBJECT_FUNCTION; + iacls.objtype = OBJECT_FUNCTION; break; case DEFACLOBJ_TYPE: - iacls.objtype = ACL_OBJECT_TYPE; + iacls.objtype = OBJECT_TYPE; break; case DEFACLOBJ_NAMESPACE: - iacls.objtype = ACL_OBJECT_NAMESPACE; + iacls.objtype = OBJECT_SCHEMA; break; default: /* Shouldn't get here */ @@ -1472,34 +1472,34 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid) { case RelationRelationId: /* it's OK to use RELATION for a sequence */ - istmt.objtype = ACL_OBJECT_RELATION; + istmt.objtype = OBJECT_RELATION; break; case DatabaseRelationId: - istmt.objtype = ACL_OBJECT_DATABASE; + istmt.objtype = OBJECT_DATABASE; break; case TypeRelationId: - istmt.objtype = ACL_OBJECT_TYPE; + istmt.objtype = OBJECT_TYPE; break; case ProcedureRelationId: - istmt.objtype = ACL_OBJECT_ROUTINE; + istmt.objtype = OBJECT_ROUTINE; break; case LanguageRelationId: - istmt.objtype = ACL_OBJECT_LANGUAGE; + istmt.objtype = OBJECT_LANGUAGE; break; case LargeObjectRelationId: - istmt.objtype = ACL_OBJECT_LARGEOBJECT; + istmt.objtype = OBJECT_LARGEOBJECT; break; case NamespaceRelationId: - istmt.objtype = ACL_OBJECT_NAMESPACE; + istmt.objtype = OBJECT_SCHEMA; break; case TableSpaceRelationId: - istmt.objtype = ACL_OBJECT_TABLESPACE; + istmt.objtype = OBJECT_TABLESPACE; break; case ForeignServerRelationId: - istmt.objtype = ACL_OBJECT_FOREIGN_SERVER; + istmt.objtype = OBJECT_FOREIGN_SERVER; break; case ForeignDataWrapperRelationId: - istmt.objtype = ACL_OBJECT_FDW; + istmt.objtype = OBJECT_FDW; break; default: elog(ERROR, "unexpected object class %u", classid); @@ -1682,7 +1682,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname, &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_COLUMN, ownerId); + old_acl = acldefault(OBJECT_COLUMN, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -1838,7 +1838,7 @@ ExecGrant_Relation(InternalGrant *istmt) NameStr(pg_class_tuple->relname)))); /* Used GRANT SEQUENCE on a non-sequence? */ - if (istmt->objtype == ACL_OBJECT_SEQUENCE && + if (istmt->objtype == OBJECT_SEQUENCE && pg_class_tuple->relkind != RELKIND_SEQUENCE) ereport(ERROR, (errcode(ERRCODE_WRONG_OBJECT_TYPE), @@ -1862,7 +1862,7 @@ ExecGrant_Relation(InternalGrant *istmt) * permissions. The OR of table and sequence permissions were already * checked. */ - if (istmt->objtype == ACL_OBJECT_RELATION) + if (istmt->objtype == OBJECT_RELATION) { if (pg_class_tuple->relkind == RELKIND_SEQUENCE) { @@ -1941,10 +1941,10 @@ ExecGrant_Relation(InternalGrant *istmt) switch (pg_class_tuple->relkind) { case RELKIND_SEQUENCE: - old_acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId); + old_acl = acldefault(OBJECT_SEQUENCE, ownerId); break; default: - old_acl = acldefault(ACL_OBJECT_RELATION, ownerId); + old_acl = acldefault(OBJECT_RELATION, ownerId); break; } /* There are no old member roles according to the catalogs */ @@ -2169,7 +2169,7 @@ ExecGrant_Database(InternalGrant *istmt) RelationGetDescr(relation), &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_DATABASE, ownerId); + old_acl = acldefault(OBJECT_DATABASE, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2291,7 +2291,7 @@ ExecGrant_Fdw(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_FDW, ownerId); + old_acl = acldefault(OBJECT_FDW, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2417,7 +2417,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId); + old_acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2541,7 +2541,7 @@ ExecGrant_Function(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_FUNCTION, ownerId); + old_acl = acldefault(OBJECT_FUNCTION, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2672,7 +2672,7 @@ ExecGrant_Language(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId); + old_acl = acldefault(OBJECT_LANGUAGE, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2810,7 +2810,7 @@ ExecGrant_Largeobject(InternalGrant *istmt) RelationGetDescr(relation), &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId); + old_acl = acldefault(OBJECT_LARGEOBJECT, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2894,7 +2894,7 @@ ExecGrant_Namespace(InternalGrant *istmt) ListCell *cell; if (istmt->all_privs && istmt->privileges == ACL_NO_RIGHTS) - istmt->privileges = ACL_ALL_RIGHTS_NAMESPACE; + istmt->privileges = ACL_ALL_RIGHTS_SCHEMA; relation = heap_open(NamespaceRelationId, RowExclusiveLock); @@ -2936,7 +2936,7 @@ ExecGrant_Namespace(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId); + old_acl = acldefault(OBJECT_SCHEMA, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -3060,7 +3060,7 @@ ExecGrant_Tablespace(InternalGrant *istmt) RelationGetDescr(relation), &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId); + old_acl = acldefault(OBJECT_TABLESPACE, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -3178,7 +3178,7 @@ ExecGrant_Type(InternalGrant *istmt) errhint("Set the privileges of the element type instead."))); /* Used GRANT DOMAIN on a non-domain? */ - if (istmt->objtype == ACL_OBJECT_DOMAIN && + if (istmt->objtype == OBJECT_DOMAIN && pg_type_tuple->typtype != TYPTYPE_DOMAIN) ereport(ERROR, (errcode(ERRCODE_WRONG_OBJECT_TYPE), @@ -3744,10 +3744,10 @@ pg_class_aclmask(Oid table_oid, Oid roleid, switch (classForm->relkind) { case RELKIND_SEQUENCE: - acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId); + acl = acldefault(OBJECT_SEQUENCE, ownerId); break; default: - acl = acldefault(ACL_OBJECT_RELATION, ownerId); + acl = acldefault(OBJECT_RELATION, ownerId); break; } aclDatum = (Datum) 0; @@ -3803,7 +3803,7 @@ pg_database_aclmask(Oid db_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_DATABASE, ownerId); + acl = acldefault(OBJECT_DATABASE, ownerId); aclDatum = (Datum) 0; } else @@ -3857,7 +3857,7 @@ pg_proc_aclmask(Oid proc_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_FUNCTION, ownerId); + acl = acldefault(OBJECT_FUNCTION, ownerId); aclDatum = (Datum) 0; } else @@ -3911,7 +3911,7 @@ pg_language_aclmask(Oid lang_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId); + acl = acldefault(OBJECT_LANGUAGE, ownerId); aclDatum = (Datum) 0; } else @@ -3991,7 +3991,7 @@ pg_largeobject_aclmask_snapshot(Oid lobj_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId); + acl = acldefault(OBJECT_LARGEOBJECT, ownerId); aclDatum = (Datum) 0; } else @@ -4054,7 +4054,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid, { if (pg_database_aclcheck(MyDatabaseId, roleid, ACL_CREATE_TEMP) == ACLCHECK_OK) - return mask & ACL_ALL_RIGHTS_NAMESPACE; + return mask & ACL_ALL_RIGHTS_SCHEMA; else return mask & ACL_USAGE; } @@ -4075,7 +4075,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId); + acl = acldefault(OBJECT_SCHEMA, ownerId); aclDatum = (Datum) 0; } else @@ -4131,7 +4131,7 @@ pg_tablespace_aclmask(Oid spc_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId); + acl = acldefault(OBJECT_TABLESPACE, ownerId); aclDatum = (Datum) 0; } else @@ -4193,7 +4193,7 @@ pg_foreign_data_wrapper_aclmask(Oid fdw_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_FDW, ownerId); + acl = acldefault(OBJECT_FDW, ownerId); aclDatum = (Datum) 0; } else @@ -4255,7 +4255,7 @@ pg_foreign_server_aclmask(Oid srv_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId); + acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId); aclDatum = (Datum) 0; } else @@ -4332,7 +4332,7 @@ pg_type_aclmask(Oid type_oid, Oid roleid, AclMode mask, AclMaskHow how) if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_TYPE, ownerId); + acl = acldefault(OBJECT_TYPE, ownerId); aclDatum = (Datum) 0; } else @@ -5301,7 +5301,7 @@ get_default_acl_internal(Oid roleId, Oid nsp_oid, char objtype) * Returns NULL if built-in system defaults should be used */ Acl * -get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid) +get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid) { Acl *result; Acl *glob_acl; @@ -5319,23 +5319,23 @@ get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid) /* Check if object type is supported in pg_default_acl */ switch (objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_RELATION: defaclobjtype = DEFACLOBJ_RELATION; break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: defaclobjtype = DEFACLOBJ_SEQUENCE; break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: defaclobjtype = DEFACLOBJ_FUNCTION; break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: defaclobjtype = DEFACLOBJ_TYPE; break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: defaclobjtype = DEFACLOBJ_NAMESPACE; break; diff --git a/src/backend/catalog/heap.c b/src/backend/catalog/heap.c index 4319fc6b8c..23a08b0a17 100644 --- a/src/backend/catalog/heap.c +++ b/src/backend/catalog/heap.c @@ -1142,11 +1142,11 @@ heap_create_with_catalog(const char *relname, case RELKIND_MATVIEW: case RELKIND_FOREIGN_TABLE: case RELKIND_PARTITIONED_TABLE: - relacl = get_user_default_acl(ACL_OBJECT_RELATION, ownerid, + relacl = get_user_default_acl(OBJECT_RELATION, ownerid, relnamespace); break; case RELKIND_SEQUENCE: - relacl = get_user_default_acl(ACL_OBJECT_SEQUENCE, ownerid, + relacl = get_user_default_acl(OBJECT_SEQUENCE, ownerid, relnamespace); break; default: diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c index 9553675975..0df9c9eac1 100644 --- a/src/backend/catalog/objectaddress.c +++ b/src/backend/catalog/objectaddress.c @@ -2112,6 +2112,7 @@ pg_get_object_address(PG_FUNCTION_ARGS) case OBJECT_MATVIEW: case OBJECT_INDEX: case OBJECT_FOREIGN_TABLE: + case OBJECT_RELATION: case OBJECT_COLUMN: case OBJECT_ATTRIBUTE: case OBJECT_COLLATION: diff --git a/src/backend/catalog/pg_namespace.c b/src/backend/catalog/pg_namespace.c index 3e20d051c2..3be3d88bf8 100644 --- a/src/backend/catalog/pg_namespace.c +++ b/src/backend/catalog/pg_namespace.c @@ -63,7 +63,7 @@ NamespaceCreate(const char *nspName, Oid ownerId, bool isTemp) errmsg("schema \"%s\" already exists", nspName))); if (!isTemp) - nspacl = get_user_default_acl(ACL_OBJECT_NAMESPACE, ownerId, + nspacl = get_user_default_acl(OBJECT_SCHEMA, ownerId, InvalidOid); else nspacl = NULL; diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c index 7d05e4bdb2..2f3912b0e7 100644 --- a/src/backend/catalog/pg_proc.c +++ b/src/backend/catalog/pg_proc.c @@ -582,7 +582,7 @@ ProcedureCreate(const char *procedureName, /* Creating a new procedure */ /* First, get default permissions and set up proacl */ - proacl = get_user_default_acl(ACL_OBJECT_FUNCTION, proowner, + proacl = get_user_default_acl(OBJECT_FUNCTION, proowner, procNamespace); if (proacl != NULL) values[Anum_pg_proc_proacl - 1] = PointerGetDatum(proacl); diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c index e02d312008..e1c6a3602d 100644 --- a/src/backend/catalog/pg_type.c +++ b/src/backend/catalog/pg_type.c @@ -380,7 +380,7 @@ TypeCreate(Oid newTypeOid, else nulls[Anum_pg_type_typdefault - 1] = true; - typacl = get_user_default_acl(ACL_OBJECT_TYPE, ownerId, + typacl = get_user_default_acl(OBJECT_TYPE, ownerId, typeNamespace); if (typacl != NULL) values[Anum_pg_type_typacl - 1] = PointerGetDatum(typacl); diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c index a602c20b41..6a88b2c10f 100644 --- a/src/backend/commands/event_trigger.c +++ b/src/backend/commands/event_trigger.c @@ -159,8 +159,8 @@ static Oid insert_event_trigger_tuple(const char *trigname, const char *eventnam static void validate_ddl_tags(const char *filtervar, List *taglist); static void validate_table_rewrite_tags(const char *filtervar, List *taglist); static void EventTriggerInvoke(List *fn_oid_list, EventTriggerData *trigdata); -static const char *stringify_grantobjtype(GrantObjectType objtype); -static const char *stringify_adefprivs_objtype(GrantObjectType objtype); +static const char *stringify_grantobjtype(ObjectType objtype); +static const char *stringify_adefprivs_objtype(ObjectType objtype); /* * Create an event trigger. @@ -1108,6 +1108,7 @@ EventTriggerSupportsObjectType(ObjectType obtype) case OBJECT_PROCEDURE: case OBJECT_PUBLICATION: case OBJECT_PUBLICATION_REL: + case OBJECT_RELATION: case OBJECT_ROUTINE: case OBJECT_RULE: case OBJECT_SCHEMA: @@ -1199,41 +1200,6 @@ EventTriggerSupportsObjectClass(ObjectClass objclass) return false; } -bool -EventTriggerSupportsGrantObjectType(GrantObjectType objtype) -{ - switch (objtype) - { - case ACL_OBJECT_DATABASE: - case ACL_OBJECT_TABLESPACE: - /* no support for global objects */ - return false; - - case ACL_OBJECT_COLUMN: - case ACL_OBJECT_RELATION: - case ACL_OBJECT_SEQUENCE: - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_FDW: - case ACL_OBJECT_FOREIGN_SERVER: - case ACL_OBJECT_FUNCTION: - case ACL_OBJECT_LANGUAGE: - case ACL_OBJECT_LARGEOBJECT: - case ACL_OBJECT_NAMESPACE: - case ACL_OBJECT_PROCEDURE: - case ACL_OBJECT_ROUTINE: - case ACL_OBJECT_TYPE: - return true; - - /* - * There's intentionally no default: case here; we want the - * compiler to warn if a new ACL class hasn't been handled above. - */ - } - - /* Shouldn't get here, but if we do, say "no support" */ - return false; -} - /* * Prepare event trigger state for a new complete query to run, if necessary; * returns whether this was done. If it was, EventTriggerEndCompleteQuery must @@ -2219,92 +2185,166 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS) } /* - * Return the GrantObjectType as a string, as it would appear in GRANT and + * Return the ObjectType as a string, as it would appear in GRANT and * REVOKE commands. */ static const char * -stringify_grantobjtype(GrantObjectType objtype) +stringify_grantobjtype(ObjectType objtype) { switch (objtype) { - case ACL_OBJECT_COLUMN: + case OBJECT_COLUMN: return "COLUMN"; - case ACL_OBJECT_RELATION: + case OBJECT_RELATION: return "TABLE"; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: return "SEQUENCE"; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: return "DATABASE"; - case ACL_OBJECT_DOMAIN: + case OBJECT_DOMAIN: return "DOMAIN"; - case ACL_OBJECT_FDW: + case OBJECT_FDW: return "FOREIGN DATA WRAPPER"; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: return "FOREIGN SERVER"; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: return "FUNCTION"; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: return "LANGUAGE"; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: return "LARGE OBJECT"; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: return "SCHEMA"; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: return "PROCEDURE"; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: return "ROUTINE"; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: return "TABLESPACE"; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: return "TYPE"; + /* these currently aren't used */ + case OBJECT_ACCESS_METHOD: + case OBJECT_AGGREGATE: + case OBJECT_AMOP: + case OBJECT_AMPROC: + case OBJECT_ATTRIBUTE: + case OBJECT_CAST: + case OBJECT_COLLATION: + case OBJECT_CONVERSION: + case OBJECT_DEFAULT: + case OBJECT_DEFACL: + case OBJECT_DOMCONSTRAINT: + case OBJECT_EVENT_TRIGGER: + case OBJECT_EXTENSION: + case OBJECT_FOREIGN_TABLE: + case OBJECT_INDEX: + case OBJECT_MATVIEW: + case OBJECT_OPCLASS: + case OBJECT_OPERATOR: + case OBJECT_OPFAMILY: + case OBJECT_POLICY: + case OBJECT_PUBLICATION: + case OBJECT_PUBLICATION_REL: + case OBJECT_ROLE: + case OBJECT_RULE: + case OBJECT_STATISTIC_EXT: + case OBJECT_SUBSCRIPTION: + case OBJECT_TABCONSTRAINT: + case OBJECT_TABLE: + case OBJECT_TRANSFORM: + case OBJECT_TRIGGER: + case OBJECT_TSCONFIGURATION: + case OBJECT_TSDICTIONARY: + case OBJECT_TSPARSER: + case OBJECT_TSTEMPLATE: + case OBJECT_USER_MAPPING: + case OBJECT_VIEW: + elog(ERROR, "unsupported object type: %d", (int) objtype); } - elog(ERROR, "unrecognized grant object type: %d", (int) objtype); return "???"; /* keep compiler quiet */ } /* - * Return the GrantObjectType as a string; as above, but use the spelling + * Return the ObjectType as a string; as above, but use the spelling * in ALTER DEFAULT PRIVILEGES commands instead. Generally this is just * the plural. */ static const char * -stringify_adefprivs_objtype(GrantObjectType objtype) +stringify_adefprivs_objtype(ObjectType objtype) { switch (objtype) { - case ACL_OBJECT_COLUMN: + case OBJECT_COLUMN: return "COLUMNS"; - case ACL_OBJECT_RELATION: + case OBJECT_RELATION: return "TABLES"; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: return "SEQUENCES"; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: return "DATABASES"; - case ACL_OBJECT_DOMAIN: + case OBJECT_DOMAIN: return "DOMAINS"; - case ACL_OBJECT_FDW: + case OBJECT_FDW: return "FOREIGN DATA WRAPPERS"; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: return "FOREIGN SERVERS"; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: return "FUNCTIONS"; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: return "LANGUAGES"; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: return "LARGE OBJECTS"; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: return "SCHEMAS"; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: return "PROCEDURES"; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: return "ROUTINES"; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: return "TABLESPACES"; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: return "TYPES"; + /* these currently aren't used */ + case OBJECT_ACCESS_METHOD: + case OBJECT_AGGREGATE: + case OBJECT_AMOP: + case OBJECT_AMPROC: + case OBJECT_ATTRIBUTE: + case OBJECT_CAST: + case OBJECT_COLLATION: + case OBJECT_CONVERSION: + case OBJECT_DEFAULT: + case OBJECT_DEFACL: + case OBJECT_DOMCONSTRAINT: + case OBJECT_EVENT_TRIGGER: + case OBJECT_EXTENSION: + case OBJECT_FOREIGN_TABLE: + case OBJECT_INDEX: + case OBJECT_MATVIEW: + case OBJECT_OPCLASS: + case OBJECT_OPERATOR: + case OBJECT_OPFAMILY: + case OBJECT_POLICY: + case OBJECT_PUBLICATION: + case OBJECT_PUBLICATION_REL: + case OBJECT_ROLE: + case OBJECT_RULE: + case OBJECT_STATISTIC_EXT: + case OBJECT_SUBSCRIPTION: + case OBJECT_TABCONSTRAINT: + case OBJECT_TABLE: + case OBJECT_TRANSFORM: + case OBJECT_TRIGGER: + case OBJECT_TSCONFIGURATION: + case OBJECT_TSDICTIONARY: + case OBJECT_TSPARSER: + case OBJECT_TSTEMPLATE: + case OBJECT_USER_MAPPING: + case OBJECT_VIEW: + elog(ERROR, "unsupported object type: %d", (int) objtype); } - elog(ERROR, "unrecognized grant object type: %d", (int) objtype); return "???"; /* keep compiler quiet */ } diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y index ebfc94f896..3a27f83f83 100644 --- a/src/backend/parser/gram.y +++ b/src/backend/parser/gram.y @@ -115,7 +115,7 @@ typedef struct PrivTarget { GrantTargetType targtype; - GrantObjectType objtype; + ObjectType objtype; List *objs; } PrivTarget; @@ -7002,7 +7002,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_RELATION; + n->objtype = OBJECT_RELATION; n->objs = $1; $$ = n; } @@ -7010,7 +7010,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_RELATION; + n->objtype = OBJECT_RELATION; n->objs = $2; $$ = n; } @@ -7018,7 +7018,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_SEQUENCE; + n->objtype = OBJECT_SEQUENCE; n->objs = $2; $$ = n; } @@ -7026,7 +7026,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_FDW; + n->objtype = OBJECT_FDW; n->objs = $4; $$ = n; } @@ -7034,7 +7034,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_FOREIGN_SERVER; + n->objtype = OBJECT_FOREIGN_SERVER; n->objs = $3; $$ = n; } @@ -7042,7 +7042,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_FUNCTION; + n->objtype = OBJECT_FUNCTION; n->objs = $2; $$ = n; } @@ -7050,7 +7050,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_PROCEDURE; + n->objtype = OBJECT_PROCEDURE; n->objs = $2; $$ = n; } @@ -7058,7 +7058,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_ROUTINE; + n->objtype = OBJECT_ROUTINE; n->objs = $2; $$ = n; } @@ -7066,7 +7066,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_DATABASE; + n->objtype = OBJECT_DATABASE; n->objs = $2; $$ = n; } @@ -7074,7 +7074,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_DOMAIN; + n->objtype = OBJECT_DOMAIN; n->objs = $2; $$ = n; } @@ -7082,7 +7082,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_LANGUAGE; + n->objtype = OBJECT_LANGUAGE; n->objs = $2; $$ = n; } @@ -7090,7 +7090,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_LARGEOBJECT; + n->objtype = OBJECT_LARGEOBJECT; n->objs = $3; $$ = n; } @@ -7098,7 +7098,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_NAMESPACE; + n->objtype = OBJECT_SCHEMA; n->objs = $2; $$ = n; } @@ -7106,7 +7106,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_TABLESPACE; + n->objtype = OBJECT_TABLESPACE; n->objs = $2; $$ = n; } @@ -7114,7 +7114,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_TYPE; + n->objtype = OBJECT_TYPE; n->objs = $2; $$ = n; } @@ -7122,7 +7122,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_RELATION; + n->objtype = OBJECT_RELATION; n->objs = $5; $$ = n; } @@ -7130,7 +7130,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_SEQUENCE; + n->objtype = OBJECT_SEQUENCE; n->objs = $5; $$ = n; } @@ -7138,7 +7138,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_FUNCTION; + n->objtype = OBJECT_FUNCTION; n->objs = $5; $$ = n; } @@ -7146,7 +7146,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_PROCEDURE; + n->objtype = OBJECT_PROCEDURE; n->objs = $5; $$ = n; } @@ -7154,7 +7154,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_ROUTINE; + n->objtype = OBJECT_ROUTINE; n->objs = $5; $$ = n; } @@ -7312,12 +7312,12 @@ DefACLAction: ; defacl_privilege_target: - TABLES { $$ = ACL_OBJECT_RELATION; } - | FUNCTIONS { $$ = ACL_OBJECT_FUNCTION; } - | ROUTINES { $$ = ACL_OBJECT_FUNCTION; } - | SEQUENCES { $$ = ACL_OBJECT_SEQUENCE; } - | TYPES_P { $$ = ACL_OBJECT_TYPE; } - | SCHEMAS { $$ = ACL_OBJECT_NAMESPACE; } + TABLES { $$ = OBJECT_RELATION; } + | FUNCTIONS { $$ = OBJECT_FUNCTION; } + | ROUTINES { $$ = OBJECT_FUNCTION; } + | SEQUENCES { $$ = OBJECT_SEQUENCE; } + | TYPES_P { $$ = OBJECT_TYPE; } + | SCHEMAS { $$ = OBJECT_SCHEMA; } ; diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c index 4da1f8f643..904f5149c8 100644 --- a/src/backend/tcop/utility.c +++ b/src/backend/tcop/utility.c @@ -827,7 +827,7 @@ standard_ProcessUtility(PlannedStmt *pstmt, { GrantStmt *stmt = (GrantStmt *) parsetree; - if (EventTriggerSupportsGrantObjectType(stmt->objtype)) + if (EventTriggerSupportsObjectType(stmt->objtype)) ProcessUtilitySlow(pstate, pstmt, queryString, context, params, queryEnv, dest, completionTag); diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c index 2f2758fe91..04d0390684 100644 --- a/src/backend/utils/adt/acl.c +++ b/src/backend/utils/adt/acl.c @@ -745,7 +745,7 @@ hash_aclitem_extended(PG_FUNCTION_ARGS) * absence of any pg_default_acl entry. */ Acl * -acldefault(GrantObjectType objtype, Oid ownerId) +acldefault(ObjectType objtype, Oid ownerId) { AclMode world_default; AclMode owner_default; @@ -755,56 +755,56 @@ acldefault(GrantObjectType objtype, Oid ownerId) switch (objtype) { - case ACL_OBJECT_COLUMN: + case OBJECT_COLUMN: /* by default, columns have no extra privileges */ world_default = ACL_NO_RIGHTS; owner_default = ACL_NO_RIGHTS; break; - case ACL_OBJECT_RELATION: + case OBJECT_RELATION: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_RELATION; break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_SEQUENCE; break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: /* for backwards compatibility, grant some rights by default */ world_default = ACL_CREATE_TEMP | ACL_CONNECT; owner_default = ACL_ALL_RIGHTS_DATABASE; break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: /* Grant EXECUTE by default, for now */ world_default = ACL_EXECUTE; owner_default = ACL_ALL_RIGHTS_FUNCTION; break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: /* Grant USAGE by default, for now */ world_default = ACL_USAGE; owner_default = ACL_ALL_RIGHTS_LANGUAGE; break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_LARGEOBJECT; break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: world_default = ACL_NO_RIGHTS; - owner_default = ACL_ALL_RIGHTS_NAMESPACE; + owner_default = ACL_ALL_RIGHTS_SCHEMA; break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_TABLESPACE; break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_FDW; break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER; break; - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_TYPE: + case OBJECT_DOMAIN: + case OBJECT_TYPE: world_default = ACL_USAGE; owner_default = ACL_ALL_RIGHTS_TYPE; break; @@ -855,7 +855,7 @@ acldefault(GrantObjectType objtype, Oid ownerId) /* * SQL-accessible version of acldefault(). Hackish mapping from "char" type to - * ACL_OBJECT_* values, but it's only used in the information schema, not + * OBJECT_* values, but it's only used in the information schema, not * documented for general use. */ Datum @@ -863,45 +863,45 @@ acldefault_sql(PG_FUNCTION_ARGS) { char objtypec = PG_GETARG_CHAR(0); Oid owner = PG_GETARG_OID(1); - GrantObjectType objtype = 0; + ObjectType objtype = 0; switch (objtypec) { case 'c': - objtype = ACL_OBJECT_COLUMN; + objtype = OBJECT_COLUMN; break; case 'r': - objtype = ACL_OBJECT_RELATION; + objtype = OBJECT_RELATION; break; case 's': - objtype = ACL_OBJECT_SEQUENCE; + objtype = OBJECT_SEQUENCE; break; case 'd': - objtype = ACL_OBJECT_DATABASE; + objtype = OBJECT_DATABASE; break; case 'f': - objtype = ACL_OBJECT_FUNCTION; + objtype = OBJECT_FUNCTION; break; case 'l': - objtype = ACL_OBJECT_LANGUAGE; + objtype = OBJECT_LANGUAGE; break; case 'L': - objtype = ACL_OBJECT_LARGEOBJECT; + objtype = OBJECT_LARGEOBJECT; break; case 'n': - objtype = ACL_OBJECT_NAMESPACE; + objtype = OBJECT_SCHEMA; break; case 't': - objtype = ACL_OBJECT_TABLESPACE; + objtype = OBJECT_TABLESPACE; break; case 'F': - objtype = ACL_OBJECT_FDW; + objtype = OBJECT_FDW; break; case 'S': - objtype = ACL_OBJECT_FOREIGN_SERVER; + objtype = OBJECT_FOREIGN_SERVER; break; case 'T': - objtype = ACL_OBJECT_TYPE; + objtype = OBJECT_TYPE; break; default: elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec); diff --git a/src/include/commands/event_trigger.h b/src/include/commands/event_trigger.h index 2ce528272c..5b118c34e3 100644 --- a/src/include/commands/event_trigger.h +++ b/src/include/commands/event_trigger.h @@ -50,7 +50,6 @@ extern void AlterEventTriggerOwner_oid(Oid, Oid newOwnerId); extern bool EventTriggerSupportsObjectType(ObjectType obtype); extern bool EventTriggerSupportsObjectClass(ObjectClass objclass); -extern bool EventTriggerSupportsGrantObjectType(GrantObjectType objtype); extern void EventTriggerDDLCommandStart(Node *parsetree); extern void EventTriggerDDLCommandEnd(Node *parsetree); extern void EventTriggerSQLDrop(Node *parsetree); diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h index 2eaa6b2774..14f23ccb9e 100644 --- a/src/include/nodes/parsenodes.h +++ b/src/include/nodes/parsenodes.h @@ -1645,6 +1645,7 @@ typedef enum ObjectType OBJECT_PROCEDURE, OBJECT_PUBLICATION, OBJECT_PUBLICATION_REL, + OBJECT_RELATION, OBJECT_ROLE, OBJECT_ROUTINE, OBJECT_RULE, @@ -1845,31 +1846,12 @@ typedef enum GrantTargetType ACL_TARGET_DEFAULTS /* ALTER DEFAULT PRIVILEGES */ } GrantTargetType; -typedef enum GrantObjectType -{ - ACL_OBJECT_COLUMN, /* column */ - ACL_OBJECT_RELATION, /* table, view */ - ACL_OBJECT_SEQUENCE, /* sequence */ - ACL_OBJECT_DATABASE, /* database */ - ACL_OBJECT_DOMAIN, /* domain */ - ACL_OBJECT_FDW, /* foreign-data wrapper */ - ACL_OBJECT_FOREIGN_SERVER, /* foreign server */ - ACL_OBJECT_FUNCTION, /* function */ - ACL_OBJECT_LANGUAGE, /* procedural language */ - ACL_OBJECT_LARGEOBJECT, /* largeobject */ - ACL_OBJECT_NAMESPACE, /* namespace */ - ACL_OBJECT_PROCEDURE, /* procedure */ - ACL_OBJECT_ROUTINE, /* routine */ - ACL_OBJECT_TABLESPACE, /* tablespace */ - ACL_OBJECT_TYPE /* type */ -} GrantObjectType; - typedef struct GrantStmt { NodeTag type; bool is_grant; /* true = GRANT, false = REVOKE */ GrantTargetType targtype; /* type of the grant target */ - GrantObjectType objtype; /* kind of object being operated on */ + ObjectType objtype; /* kind of object being operated on */ List *objects; /* list of RangeVar nodes, ObjectWithArgs * nodes, or plain names (as Value strings) */ List *privileges; /* list of AccessPriv nodes */ diff --git a/src/include/tcop/deparse_utility.h b/src/include/tcop/deparse_utility.h index 9c4e608934..ce8bfbae6b 100644 --- a/src/include/tcop/deparse_utility.h +++ b/src/include/tcop/deparse_utility.h @@ -97,7 +97,7 @@ typedef struct CollectedCommand /* ALTER DEFAULT PRIVILEGES */ struct { - GrantObjectType objtype; + ObjectType objtype; } defprivs; } d; } CollectedCommand; diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h index 254a811aff..a8a6f35dde 100644 --- a/src/include/utils/acl.h +++ b/src/include/utils/acl.h @@ -163,7 +163,7 @@ typedef ArrayType Acl; #define ACL_ALL_RIGHTS_FUNCTION (ACL_EXECUTE) #define ACL_ALL_RIGHTS_LANGUAGE (ACL_USAGE) #define ACL_ALL_RIGHTS_LARGEOBJECT (ACL_SELECT|ACL_UPDATE) -#define ACL_ALL_RIGHTS_NAMESPACE (ACL_USAGE|ACL_CREATE) +#define ACL_ALL_RIGHTS_SCHEMA (ACL_USAGE|ACL_CREATE) #define ACL_ALL_RIGHTS_TABLESPACE (ACL_CREATE) #define ACL_ALL_RIGHTS_TYPE (ACL_USAGE) @@ -217,8 +217,8 @@ typedef enum AclObjectKind /* * routines used internally */ -extern Acl *acldefault(GrantObjectType objtype, Oid ownerId); -extern Acl *get_user_default_acl(GrantObjectType objtype, Oid ownerId, +extern Acl *acldefault(ObjectType objtype, Oid ownerId); +extern Acl *get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid); extern Acl *aclupdate(const Acl *old_acl, const AclItem *mod_aip, diff --git a/src/include/utils/aclchk_internal.h b/src/include/utils/aclchk_internal.h index 3374edb638..31f4b92c16 100644 --- a/src/include/utils/aclchk_internal.h +++ b/src/include/utils/aclchk_internal.h @@ -26,12 +26,12 @@ * Note: 'all_privs' and 'privileges' represent object-level privileges only. * There might also be column-level privilege specifications, which are * represented in col_privs (this is a list of untransformed AccessPriv nodes). - * Column privileges are only valid for objtype ACL_OBJECT_RELATION. + * Column privileges are only valid for objtype OBJECT_RELATION. */ typedef struct { bool is_grant; - GrantObjectType objtype; + ObjectType objtype; List *objects; bool all_privs; AclMode privileges; base-commit: 7d3583ad9ae54b44119973a9d6d731c9cc74c86e -- 2.15.1