Cause '*' and 'foo.*' notations to mark the referenced RTE(s) as

tglsfdc · tglsfdc · commit 58538a0ffc72 · 2006-08-14T23:39:32.000Z
requiring read permissions.  Up till now there was no possible case
in which the RTEs wouldn't already have ACL_SELECT set ... but now that
you can say something like 'INSERT INTO foo ... RETURNING *' this is
an essential step.  With this commit, a RETURNING clause adds the
requirement for SELECT permissions on the target table if and only if
the clause actually reads the value of at least one target-table column.
diff --git a/src/backend/parser/parse_clause.c b/src/backend/parser/parse_clause.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.156 2006/08/12 20:05:55 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.157 2006/08/14 23:39:32 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -173,8 +173,9 @@ setTargetTable(ParseState *pstate, RangeVar *relation,
 	 * permissions.
 	 *
 	 * If we find an explicit reference to the rel later during parse
-	 * analysis, scanRTEForColumn will add the ACL_SELECT bit back again. That
-	 * can't happen for INSERT but it is possible for UPDATE and DELETE.
+	 * analysis, we will add the ACL_SELECT bit back again; see
+	 * scanRTEForColumn (for simple field references), ExpandColumnRefStar
+	 * (for foo.*) and ExpandAllTables (for *).
 	 */
 	rte->requiredPerms = requiredPerms;
 
diff --git a/src/backend/parser/parse_target.c b/src/backend/parser/parse_target.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.147 2006/08/02 01:59:47 joe Exp $
+ *	  $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.148 2006/08/14 23:39:32 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -889,6 +889,9 @@ ExpandColumnRefStar(ParseState *pstate, ColumnRef *cref,
 			rte = addImplicitRTE(pstate, makeRangeVar(schemaname, relname),
 								 cref->location);
 
+		/* Require read access --- see comments in setTargetTable() */
+		rte->requiredPerms |= ACL_SELECT;
+
 		rtindex = RTERangeTablePosn(pstate, rte, &sublevels_up);
 
 		if (targetlist)
@@ -930,6 +933,9 @@ ExpandAllTables(ParseState *pstate)
 		RangeTblEntry *rte = (RangeTblEntry *) lfirst(l);
 		int			rtindex = RTERangeTablePosn(pstate, rte, NULL);
 
+		/* Require read access --- see comments in setTargetTable() */
+		rte->requiredPerms |= ACL_SELECT;
+
 		target = list_concat(target,
 							 expandRelAttrs(pstate, rte, rtindex, 0));
 	}

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.156 2006/08/12 20:05:55 tgl Exp $`
	`11`	`+ * $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.157 2006/08/14 23:39:32 tgl Exp $`
`12`	`12`	`*`
`13`	`13`	`*-------------------------------------------------------------------------`
`14`	`14`	`*/`
`@@ -173,8 +173,9 @@ setTargetTable(ParseState pstate, RangeVar relation,`
`173`	`173`	`* permissions.`
`174`	`174`	`*`
`175`	`175`	`* If we find an explicit reference to the rel later during parse`
`176`		`- * analysis, scanRTEForColumn will add the ACL_SELECT bit back again. That`
`177`		`- * can't happen for INSERT but it is possible for UPDATE and DELETE.`
	`176`	`+ * analysis, we will add the ACL_SELECT bit back again; see`
	`177`	`+ * scanRTEForColumn (for simple field references), ExpandColumnRefStar`
	`178`	`+ * (for foo.) and ExpandAllTables (for ).`
`178`	`179`	`*/`
`179`	`180`	`rte->requiredPerms = requiredPerms;`
`180`	`181`