Skip to content

Commit 8b9e964

Browse files
peterepetere
committed
Replace AclObjectKind with ObjectType
AclObjectKind was basically just another enumeration for object types, and we already have a preferred one for that. It's only used in aclcheck_error. By using ObjectType instead, we can also give some more precise error messages, for example "index" instead of "relation". Reviewed-by: Michael Paquier <michael.paquier@gmail.com>
1 parent 2c6f37e commit 8b9e964

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

65 files changed

+742
-550
lines changed

contrib/dblink/dblink.c

+2-2
Original file line numberDiff line numberDiff line change
@@ -2504,7 +2504,7 @@ get_rel_from_relname(text *relname_text, LOCKMODE lockmode, AclMode aclmode)
25042504
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
25052505
aclmode);
25062506
if (aclresult != ACLCHECK_OK)
2507-
aclcheck_error(aclresult, ACL_KIND_CLASS,
2507+
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
25082508
RelationGetRelationName(rel));
25092509

25102510
return rel;
@@ -2789,7 +2789,7 @@ get_connect_string(const char *servername)
27892789
/* Check permissions, user must have usage on the server. */
27902790
aclresult = pg_foreign_server_aclcheck(serverid, userid, ACL_USAGE);
27912791
if (aclresult != ACLCHECK_OK)
2792-
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, foreign_server->servername);
2792+
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, foreign_server->servername);
27932793

27942794
foreach(cell, fdw->options)
27952795
{

contrib/file_fdw/output/file_fdw.source

+1-1
Original file line numberDiff line numberDiff line change
@@ -393,7 +393,7 @@ SELECT * FROM agg_text ORDER BY a;
393393

394394
SET ROLE regress_no_priv_user;
395395
SELECT * FROM agg_text ORDER BY a; -- ERROR
396-
ERROR: permission denied for relation agg_text
396+
ERROR: permission denied for foreign table agg_text
397397
SET ROLE regress_file_fdw_user;
398398
\t on
399399
EXPLAIN (VERBOSE, COSTS FALSE) SELECT * FROM agg_text WHERE a > 0;

contrib/pg_prewarm/pg_prewarm.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ pg_prewarm(PG_FUNCTION_ARGS)
107107
rel = relation_open(relOid, AccessShareLock);
108108
aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
109109
if (aclresult != ACLCHECK_OK)
110-
aclcheck_error(aclresult, ACL_KIND_CLASS, get_rel_name(relOid));
110+
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), get_rel_name(relOid));
111111

112112
/* Check that the fork exists. */
113113
RelationOpenSmgr(rel);

contrib/pgrowlocks/pgrowlocks.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -121,7 +121,7 @@ pgrowlocks(PG_FUNCTION_ARGS)
121121
aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
122122

123123
if (aclresult != ACLCHECK_OK)
124-
aclcheck_error(aclresult, ACL_KIND_CLASS,
124+
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
125125
RelationGetRelationName(rel));
126126

127127
scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL);

contrib/test_decoding/expected/permissions.out

+2-2
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_d
3838
(1 row)
3939

4040
INSERT INTO lr_test VALUES('lr_superuser_init');
41-
ERROR: permission denied for relation lr_test
41+
ERROR: permission denied for table lr_test
4242
SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
4343
data
4444
------
@@ -56,7 +56,7 @@ SET ROLE regress_lr_normal;
5656
SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_decoding');
5757
ERROR: must be superuser or replication role to use replication slots
5858
INSERT INTO lr_test VALUES('lr_superuser_init');
59-
ERROR: permission denied for relation lr_test
59+
ERROR: permission denied for table lr_test
6060
SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
6161
ERROR: must be superuser or replication role to use replication slots
6262
SELECT pg_drop_replication_slot('regression_slot');

src/backend/access/brin/brin.c

+2-2
Original file line numberDiff line numberDiff line change
@@ -894,7 +894,7 @@ brin_summarize_range(PG_FUNCTION_ARGS)
894894

895895
/* User must own the index (comparable to privileges needed for VACUUM) */
896896
if (!pg_class_ownercheck(indexoid, GetUserId()))
897-
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
897+
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
898898
RelationGetRelationName(indexRel));
899899

900900
/*
@@ -965,7 +965,7 @@ brin_desummarize_range(PG_FUNCTION_ARGS)
965965

966966
/* User must own the index (comparable to privileges needed for VACUUM) */
967967
if (!pg_class_ownercheck(indexoid, GetUserId()))
968-
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
968+
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
969969
RelationGetRelationName(indexRel));
970970

971971
/*

src/backend/access/gin/ginfast.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -1035,7 +1035,7 @@ gin_clean_pending_list(PG_FUNCTION_ARGS)
10351035

10361036
/* User must own the index (comparable to privileges needed for VACUUM) */
10371037
if (!pg_class_ownercheck(indexoid, GetUserId()))
1038-
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
1038+
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
10391039
RelationGetRelationName(indexRel));
10401040

10411041
memset(&stats, 0, sizeof(stats));

0 commit comments

Comments
 (0)