From ecb10b6e2bb80691d1f05f7273702ab037284620 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Tue, 16 Jan 2018 13:59:05 -0500
Subject: [PATCH v4 4/5] Use OBJECT_TABLE instead of OBJECT_RELATION for ACL

---
 src/backend/catalog/aclchk.c         | 36 +++++++++++++++++-------------------
 src/backend/catalog/heap.c           |  2 +-
 src/backend/catalog/objectaddress.c  |  1 -
 src/backend/commands/event_trigger.c |  7 ++-----
 src/backend/parser/gram.y            |  8 ++++----
 src/backend/utils/adt/acl.c          |  4 ++--
 src/include/nodes/parsenodes.h       |  1 -
 src/include/utils/aclchk_internal.h  |  2 +-
 8 files changed, 27 insertions(+), 34 deletions(-)

diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index a9cf354357..4eadd1a093 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -247,7 +247,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		case OBJECT_COLUMN:
 			whole_mask = ACL_ALL_RIGHTS_COLUMN;
 			break;
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			whole_mask = ACL_ALL_RIGHTS_RELATION;
 			break;
 		case OBJECT_SEQUENCE:
@@ -445,7 +445,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
 	 */
 	switch (stmt->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			/*
 			 * Because this might be a sequence, we test both relation and
 			 * sequence bits, and later do a more limited test when we know
@@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
 			 */
 			if (privnode->cols)
 			{
-				if (stmt->objtype != OBJECT_RELATION)
+				if (stmt->objtype != OBJECT_TABLE)
 					ereport(ERROR,
 							(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 							 errmsg("column privileges are only valid for relations")));
@@ -574,7 +574,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 {
 	switch (istmt->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 		case OBJECT_SEQUENCE:
 			ExecGrant_Relation(istmt);
 			break;
@@ -643,7 +643,7 @@ objectNamesToOids(ObjectType objtype, List *objnames)
 
 	switch (objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 		case OBJECT_SEQUENCE:
 			foreach(cell, objnames)
 			{
@@ -798,7 +798,7 @@ objectsInSchemaToOids(ObjectType objtype, List *nspnames)
 
 		switch (objtype)
 		{
-			case OBJECT_RELATION:
+			case OBJECT_TABLE:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION);
 				objects = list_concat(objects, objs);
 				objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW);
@@ -993,7 +993,7 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s
 	 */
 	switch (action->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			all_privileges = ACL_ALL_RIGHTS_RELATION;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
@@ -1184,7 +1184,7 @@ SetDefaultACL(InternalDefaultACL *iacls)
 	 */
 	switch (iacls->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			objtype = DEFACLOBJ_RELATION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_RELATION;
@@ -1430,7 +1430,7 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		switch (pg_default_acl_tuple->defaclobjtype)
 		{
 			case DEFACLOBJ_RELATION:
-				iacls.objtype = OBJECT_RELATION;
+				iacls.objtype = OBJECT_TABLE;
 				break;
 			case DEFACLOBJ_SEQUENCE:
 				iacls.objtype = OBJECT_SEQUENCE;
@@ -1471,8 +1471,8 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		switch (classid)
 		{
 			case RelationRelationId:
-				/* it's OK to use RELATION for a sequence */
-				istmt.objtype = OBJECT_RELATION;
+				/* it's OK to use TABLE for a sequence */
+				istmt.objtype = OBJECT_TABLE;
 				break;
 			case DatabaseRelationId:
 				istmt.objtype = OBJECT_DATABASE;
@@ -1862,7 +1862,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 		 * permissions.  The OR of table and sequence permissions were already
 		 * checked.
 		 */
-		if (istmt->objtype == OBJECT_RELATION)
+		if (istmt->objtype == OBJECT_TABLE)
 		{
 			if (pg_class_tuple->relkind == RELKIND_SEQUENCE)
 			{
@@ -1944,7 +1944,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 					old_acl = acldefault(OBJECT_SEQUENCE, ownerId);
 					break;
 				default:
-					old_acl = acldefault(OBJECT_RELATION, ownerId);
+					old_acl = acldefault(OBJECT_TABLE, ownerId);
 					break;
 			}
 			/* There are no old member roles according to the catalogs */
@@ -1988,7 +1988,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 					objtype = OBJECT_SEQUENCE;
 					break;
 				default:
-					objtype = OBJECT_RELATION;
+					objtype = OBJECT_TABLE;
 					break;
 			}
 
@@ -3471,7 +3471,6 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_DEFACL:
 					case OBJECT_DOMCONSTRAINT:
 					case OBJECT_PUBLICATION_REL:
-					case OBJECT_RELATION:
 					case OBJECT_ROLE:
 					case OBJECT_RULE:
 					case OBJECT_TABCONSTRAINT:
@@ -3604,7 +3603,6 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_DEFACL:
 					case OBJECT_DOMCONSTRAINT:
 					case OBJECT_PUBLICATION_REL:
-					case OBJECT_RELATION:
 					case OBJECT_ROLE:
 					case OBJECT_RULE:
 					case OBJECT_TABCONSTRAINT:
@@ -3681,7 +3679,7 @@ pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid,
 			return
 				pg_class_aclmask(table_oid, roleid, mask, how) |
 				pg_attribute_aclmask(table_oid, attnum, roleid, mask, how);
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 		case OBJECT_SEQUENCE:
 			return pg_class_aclmask(table_oid, roleid, mask, how);
 		case OBJECT_DATABASE:
@@ -3895,7 +3893,7 @@ pg_class_aclmask(Oid table_oid, Oid roleid,
 				acl = acldefault(OBJECT_SEQUENCE, ownerId);
 				break;
 			default:
-				acl = acldefault(OBJECT_RELATION, ownerId);
+				acl = acldefault(OBJECT_TABLE, ownerId);
 				break;
 		}
 		aclDatum = (Datum) 0;
@@ -5467,7 +5465,7 @@ get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid)
 	/* Check if object type is supported in pg_default_acl */
 	switch (objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			defaclobjtype = DEFACLOBJ_RELATION;
 			break;
 
diff --git a/src/backend/catalog/heap.c b/src/backend/catalog/heap.c
index fd511ad62e..96234ff5c6 100644
--- a/src/backend/catalog/heap.c
+++ b/src/backend/catalog/heap.c
@@ -1142,7 +1142,7 @@ heap_create_with_catalog(const char *relname,
 			case RELKIND_MATVIEW:
 			case RELKIND_FOREIGN_TABLE:
 			case RELKIND_PARTITIONED_TABLE:
-				relacl = get_user_default_acl(OBJECT_RELATION, ownerid,
+				relacl = get_user_default_acl(OBJECT_TABLE, ownerid,
 											  relnamespace);
 				break;
 			case RELKIND_SEQUENCE:
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index d691b25aa6..d6043f5b66 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -2112,7 +2112,6 @@ pg_get_object_address(PG_FUNCTION_ARGS)
 		case OBJECT_MATVIEW:
 		case OBJECT_INDEX:
 		case OBJECT_FOREIGN_TABLE:
-		case OBJECT_RELATION:
 		case OBJECT_COLUMN:
 		case OBJECT_ATTRIBUTE:
 		case OBJECT_COLLATION:
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index 1dcdb07c29..b9662538df 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -1108,7 +1108,6 @@ EventTriggerSupportsObjectType(ObjectType obtype)
 		case OBJECT_PROCEDURE:
 		case OBJECT_PUBLICATION:
 		case OBJECT_PUBLICATION_REL:
-		case OBJECT_RELATION:
 		case OBJECT_ROUTINE:
 		case OBJECT_RULE:
 		case OBJECT_SCHEMA:
@@ -2195,7 +2194,7 @@ stringify_grantobjtype(ObjectType objtype)
 	{
 		case OBJECT_COLUMN:
 			return "COLUMN";
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			return "TABLE";
 		case OBJECT_SEQUENCE:
 			return "SEQUENCE";
@@ -2251,7 +2250,6 @@ stringify_grantobjtype(ObjectType objtype)
 		case OBJECT_STATISTIC_EXT:
 		case OBJECT_SUBSCRIPTION:
 		case OBJECT_TABCONSTRAINT:
-		case OBJECT_TABLE:
 		case OBJECT_TRANSFORM:
 		case OBJECT_TRIGGER:
 		case OBJECT_TSCONFIGURATION:
@@ -2278,7 +2276,7 @@ stringify_adefprivs_objtype(ObjectType objtype)
 	{
 		case OBJECT_COLUMN:
 			return "COLUMNS";
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			return "TABLES";
 		case OBJECT_SEQUENCE:
 			return "SEQUENCES";
@@ -2334,7 +2332,6 @@ stringify_adefprivs_objtype(ObjectType objtype)
 		case OBJECT_STATISTIC_EXT:
 		case OBJECT_SUBSCRIPTION:
 		case OBJECT_TABCONSTRAINT:
-		case OBJECT_TABLE:
 		case OBJECT_TRANSFORM:
 		case OBJECT_TRIGGER:
 		case OBJECT_TSCONFIGURATION:
diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y
index e79113de51..348bdc77d1 100644
--- a/src/backend/parser/gram.y
+++ b/src/backend/parser/gram.y
@@ -7002,7 +7002,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = OBJECT_RELATION;
+					n->objtype = OBJECT_TABLE;
 					n->objs = $1;
 					$$ = n;
 				}
@@ -7010,7 +7010,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = OBJECT_RELATION;
+					n->objtype = OBJECT_TABLE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7122,7 +7122,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = OBJECT_RELATION;
+					n->objtype = OBJECT_TABLE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7312,7 +7312,7 @@ DefACLAction:
 		;
 
 defacl_privilege_target:
-			TABLES			{ $$ = OBJECT_RELATION; }
+			TABLES			{ $$ = OBJECT_TABLE; }
 			| FUNCTIONS		{ $$ = OBJECT_FUNCTION; }
 			| ROUTINES		{ $$ = OBJECT_FUNCTION; }
 			| SEQUENCES		{ $$ = OBJECT_SEQUENCE; }
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index 42e3f6cc1a..0cfc297b65 100644
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -760,7 +760,7 @@ acldefault(ObjectType objtype, Oid ownerId)
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_NO_RIGHTS;
 			break;
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_RELATION;
 			break;
@@ -871,7 +871,7 @@ acldefault_sql(PG_FUNCTION_ARGS)
 			objtype = OBJECT_COLUMN;
 			break;
 		case 'r':
-			objtype = OBJECT_RELATION;
+			objtype = OBJECT_TABLE;
 			break;
 		case 's':
 			objtype = OBJECT_SEQUENCE;
diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h
index c55c427b13..b0ed8e51d9 100644
--- a/src/include/nodes/parsenodes.h
+++ b/src/include/nodes/parsenodes.h
@@ -1645,7 +1645,6 @@ typedef enum ObjectType
 	OBJECT_PROCEDURE,
 	OBJECT_PUBLICATION,
 	OBJECT_PUBLICATION_REL,
-	OBJECT_RELATION,
 	OBJECT_ROLE,
 	OBJECT_ROUTINE,
 	OBJECT_RULE,
diff --git a/src/include/utils/aclchk_internal.h b/src/include/utils/aclchk_internal.h
index 590ae5eee8..f7c44fcd4b 100644
--- a/src/include/utils/aclchk_internal.h
+++ b/src/include/utils/aclchk_internal.h
@@ -26,7 +26,7 @@
  * Note: 'all_privs' and 'privileges' represent object-level privileges only.
  * There might also be column-level privilege specifications, which are
  * represented in col_privs (this is a list of untransformed AccessPriv nodes).
- * Column privileges are only valid for objtype OBJECT_RELATION.
+ * Column privileges are only valid for objtype OBJECT_TABLE.
  */
 typedef struct
 {
-- 
2.15.1