Skip to content

Commit c100333

Browse files
tglsfdctglsfdc
committed
Fix permission checking for temp-table namespace.
1 parent dfef56a commit c100333

File tree

5 files changed

+31
-33
lines changed

5 files changed

+31
-33
lines changed

src/backend/catalog/aclchk.c

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.73 2002/08/05 03:29:16 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.74 2002/08/07 21:45:01 tgl Exp $
1212
*
1313
* NOTES
1414
* See acl.h.
@@ -1163,6 +1163,13 @@ pg_namespace_aclcheck(Oid nsp_oid, Oid userid, AclMode mode)
11631163
bool isNull;
11641164
Acl *acl;
11651165

1166+
/*
1167+
* If we have been assigned this namespace as a temp namespace,
1168+
* assume we have all grantable privileges on it.
1169+
*/
1170+
if (isTempNamespace(nsp_oid))
1171+
return ACLCHECK_OK;
1172+
11661173
/* Superusers bypass all permission checking. */
11671174
if (superuser_arg(userid))
11681175
return ACLCHECK_OK;

src/backend/commands/indexcmds.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.80 2002/08/02 18:15:06 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.81 2002/08/07 21:45:01 tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -119,9 +119,9 @@ DefineIndex(RangeVar *heapRelation,
119119
* Verify we (still) have CREATE rights in the rel's namespace.
120120
* (Presumably we did when the rel was created, but maybe not anymore.)
121121
* Skip check if bootstrapping, since permissions machinery may not
122-
* be working yet; also, always allow if it's a temp table.
122+
* be working yet.
123123
*/
124-
if (!IsBootstrapProcessingMode() && !isTempNamespace(namespaceId))
124+
if (!IsBootstrapProcessingMode())
125125
{
126126
AclResult aclresult;
127127

src/backend/commands/tablecmds.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/commands/tablecmds.c,v 1.27 2002/08/05 03:29:17 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/commands/tablecmds.c,v 1.28 2002/08/07 21:45:01 tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -115,11 +115,11 @@ DefineRelation(CreateStmt *stmt, char relkind)
115115
* Look up the namespace in which we are supposed to create the
116116
* relation. Check we have permission to create there.
117117
* Skip check if bootstrapping, since permissions machinery may not
118-
* be working yet; also, always allow if it's a temp table.
118+
* be working yet.
119119
*/
120120
namespaceId = RangeVarGetCreationNamespace(stmt->relation);
121121

122-
if (!IsBootstrapProcessingMode() && !isTempNamespace(namespaceId))
122+
if (!IsBootstrapProcessingMode())
123123
{
124124
AclResult aclresult;
125125

src/backend/executor/execMain.c

Lines changed: 7 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
*
2828
*
2929
* IDENTIFICATION
30-
* $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.172 2002/08/04 05:04:39 momjian Exp $
30+
* $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.173 2002/08/07 21:45:02 tgl Exp $
3131
*
3232
*-------------------------------------------------------------------------
3333
*/
@@ -696,6 +696,7 @@ InitPlan(CmdType operation, Query *parseTree, Plan *plan, EState *estate)
696696
{
697697
char *intoName;
698698
Oid namespaceId;
699+
AclResult aclresult;
699700
Oid intoRelationId;
700701
TupleDesc tupdesc;
701702

@@ -705,16 +706,11 @@ InitPlan(CmdType operation, Query *parseTree, Plan *plan, EState *estate)
705706
intoName = parseTree->into->relname;
706707
namespaceId = RangeVarGetCreationNamespace(parseTree->into);
707708

708-
if (!isTempNamespace(namespaceId))
709-
{
710-
AclResult aclresult;
711-
712-
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
713-
ACL_CREATE);
714-
if (aclresult != ACLCHECK_OK)
715-
aclcheck_error(aclresult,
716-
get_namespace_name(namespaceId));
717-
}
709+
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
710+
ACL_CREATE);
711+
if (aclresult != ACLCHECK_OK)
712+
aclcheck_error(aclresult,
713+
get_namespace_name(namespaceId));
718714

719715
/*
720716
* new "INTO" table is created WITH OIDS

src/backend/tcop/utility.c

Lines changed: 10 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
*
1111
*
1212
* IDENTIFICATION
13-
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.168 2002/08/04 04:31:44 momjian Exp $
13+
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.169 2002/08/07 21:45:02 tgl Exp $
1414
*
1515
*-------------------------------------------------------------------------
1616
*/
@@ -399,22 +399,17 @@ ProcessUtility(Node *parsetree,
399399
/*
400400
* RENAME TABLE requires that we (still) hold CREATE
401401
* rights on the containing namespace, as well as
402-
* ownership of the table. But skip check for
403-
* temp tables.
402+
* ownership of the table.
404403
*/
405404
Oid namespaceId = get_rel_namespace(relid);
406-
407-
if (!isTempNamespace(namespaceId))
408-
{
409-
AclResult aclresult;
410-
411-
aclresult = pg_namespace_aclcheck(namespaceId,
412-
GetUserId(),
413-
ACL_CREATE);
414-
if (aclresult != ACLCHECK_OK)
415-
aclcheck_error(aclresult,
416-
get_namespace_name(namespaceId));
417-
}
405+
AclResult aclresult;
406+
407+
aclresult = pg_namespace_aclcheck(namespaceId,
408+
GetUserId(),
409+
ACL_CREATE);
410+
if (aclresult != ACLCHECK_OK)
411+
aclcheck_error(aclresult,
412+
get_namespace_name(namespaceId));
418413

419414
renamerel(relid, stmt->newname);
420415
break;

0 commit comments

Comments
 (0)