Skip to content

Commit 212e712

Browse files
mhagandermhagander
committed
Allow pg_read_all_stats to access all stats views again
The views pg_stat_progress_* had not gotten the memo that pg_read_all_stats is supposed to be able to read all statistics. Also make a pass over all text-returning pg_stat_xyz functions that could return "insufficient privilege" and make sure they also respect pg_read_all_status. Reported-by: Andrey M. Borodin Reviewed-by: Andrey M. Borodin, Kyotaro Horiguchi Discussion: https://postgr.es/m/13145F2F-8458-4977-9D2D-7B2E862E5722@yandex-team.ru
1 parent 00ef5d5 commit 212e712

File tree

1 file changed

+12
-11
lines changed

1 file changed

+12
-11
lines changed

src/backend/utils/adt/pgstatfuncs.c

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,8 @@
3333

3434
#define UINT32_ACCESS_ONCE(var) ((uint32)(*((volatile uint32 *)&(var))))
3535

36+
#define HAS_PGSTAT_PERMISSIONS(role) (is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS) || has_privs_of_role(GetUserId(), role))
37+
3638
/* Global bgwriter statistics, from bgwriter.c */
3739
extern PgStat_MsgBgWriter bgwriterStats;
3840

@@ -518,7 +520,7 @@ pg_stat_get_progress_info(PG_FUNCTION_ARGS)
518520
values[1] = ObjectIdGetDatum(beentry->st_databaseid);
519521

520522
/* show rest of the values including relid only to role members */
521-
if (has_privs_of_role(GetUserId(), beentry->st_userid))
523+
if (HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
522524
{
523525
values[2] = ObjectIdGetDatum(beentry->st_progress_command_target);
524526
for (i = 0; i < PGSTAT_NUM_PROGRESS_PARAM; i++)
@@ -651,8 +653,7 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
651653
nulls[16] = true;
652654

653655
/* Values only available to role member or pg_read_all_stats */
654-
if (has_privs_of_role(GetUserId(), beentry->st_userid) ||
655-
is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
656+
if (HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
656657
{
657658
SockAddr zero_clientaddr;
658659
char *clipped_activity;
@@ -981,7 +982,7 @@ pg_stat_get_backend_activity(PG_FUNCTION_ARGS)
981982

982983
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
983984
activity = "<backend information not available>";
984-
else if (!has_privs_of_role(GetUserId(), beentry->st_userid))
985+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
985986
activity = "<insufficient privilege>";
986987
else if (*(beentry->st_activity_raw) == '\0')
987988
activity = "<command string not enabled>";
@@ -1005,7 +1006,7 @@ pg_stat_get_backend_wait_event_type(PG_FUNCTION_ARGS)
10051006

10061007
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10071008
wait_event_type = "<backend information not available>";
1008-
else if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1009+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10091010
wait_event_type = "<insufficient privilege>";
10101011
else if ((proc = BackendPidGetProc(beentry->st_procpid)) != NULL)
10111012
wait_event_type = pgstat_get_wait_event_type(proc->wait_event_info);
@@ -1026,7 +1027,7 @@ pg_stat_get_backend_wait_event(PG_FUNCTION_ARGS)
10261027

10271028
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10281029
wait_event = "<backend information not available>";
1029-
else if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1030+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10301031
wait_event = "<insufficient privilege>";
10311032
else if ((proc = BackendPidGetProc(beentry->st_procpid)) != NULL)
10321033
wait_event = pgstat_get_wait_event(proc->wait_event_info);
@@ -1048,7 +1049,7 @@ pg_stat_get_backend_activity_start(PG_FUNCTION_ARGS)
10481049
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10491050
PG_RETURN_NULL();
10501051

1051-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1052+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10521053
PG_RETURN_NULL();
10531054

10541055
result = beentry->st_activity_start_timestamp;
@@ -1074,7 +1075,7 @@ pg_stat_get_backend_xact_start(PG_FUNCTION_ARGS)
10741075
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10751076
PG_RETURN_NULL();
10761077

1077-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1078+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10781079
PG_RETURN_NULL();
10791080

10801081
result = beentry->st_xact_start_timestamp;
@@ -1096,7 +1097,7 @@ pg_stat_get_backend_start(PG_FUNCTION_ARGS)
10961097
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10971098
PG_RETURN_NULL();
10981099

1099-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1100+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
11001101
PG_RETURN_NULL();
11011102

11021103
result = beentry->st_proc_start_timestamp;
@@ -1120,7 +1121,7 @@ pg_stat_get_backend_client_addr(PG_FUNCTION_ARGS)
11201121
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
11211122
PG_RETURN_NULL();
11221123

1123-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1124+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
11241125
PG_RETURN_NULL();
11251126

11261127
/* A zeroed client addr means we don't know */
@@ -1167,7 +1168,7 @@ pg_stat_get_backend_client_port(PG_FUNCTION_ARGS)
11671168
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
11681169
PG_RETURN_NULL();
11691170

1170-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1171+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
11711172
PG_RETURN_NULL();
11721173

11731174
/* A zeroed client addr means we don't know */

0 commit comments

Comments
 (0)