diff options
| author | Alvaro Herrera <alvherre@alvh.no-ip.org> | 2015-03-09 15:41:54 -0300 |
|---|---|---|
| committer | Alvaro Herrera <alvherre@alvh.no-ip.org> | 2015-03-09 15:41:54 -0300 |
| commit | 31eae6028eca4365e7165f5f33fee1ed0486aee0 (patch) | |
| tree | 388807d83f4aecda050e5f98f880752fbe773b16 /src/include/utils/acl.h | |
| parent | fa83f809458a966dff225d3d266399d48e7b5e6e (diff) | |
| download | postgresql-31eae6028eca4365e7165f5f33fee1ed0486aee0.tar.gz | |
Allow CURRENT/SESSION_USER to be used in certain commands
Commands such as ALTER USER, ALTER GROUP, ALTER ROLE, GRANT, and the
various ALTER OBJECT / OWNER TO, as well as ad-hoc clauses related to
roles such as the AUTHORIZATION clause of CREATE SCHEMA, the FOR clause
of CREATE USER MAPPING, and the FOR ROLE clause of ALTER DEFAULT
PRIVILEGES can now take the keywords CURRENT_USER and SESSION_USER as
user specifiers in place of an explicit user name.
This commit also fixes some quite ugly handling of special standards-
mandated syntax in CREATE USER MAPPING, which in particular would fail
to work in presence of a role named "current_user".
The special role specifiers PUBLIC and NONE also have more consistent
handling now.
Also take the opportunity to add location tracking to user specifiers.
Authors: Kyotaro Horiguchi. Heavily reworked by Álvaro Herrera.
Reviewed by: Rushabh Lathia, Adam Brightwell, Marti Raudsepp.
Diffstat (limited to 'src/include/utils/acl.h')
| -rw-r--r-- | src/include/utils/acl.h | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h index ab0df6c7d8..d747579e7a 100644 --- a/src/include/utils/acl.h +++ b/src/include/utils/acl.h @@ -24,6 +24,7 @@ #ifndef ACL_H #define ACL_H +#include "access/htup.h" #include "nodes/parsenodes.h" #include "utils/array.h" #include "utils/snapshot.h" @@ -227,8 +228,11 @@ extern bool is_member_of_role(Oid member, Oid role); extern bool is_member_of_role_nosuper(Oid member, Oid role); extern bool is_admin_of_role(Oid member, Oid role); extern void check_is_member_of_role(Oid member, Oid role); -extern Oid get_role_oid(const char *rolname, bool missing_ok); -extern Oid get_role_oid_or_public(const char *rolname); +extern Oid get_role_oid(const char *rolename, bool missing_ok); +extern Oid get_role_oid_or_public(const char *rolename); +extern Oid get_rolespec_oid(const Node *node, bool missing_ok); +extern HeapTuple get_rolespec_tuple(const Node *node); +extern char *get_rolespec_name(const Node *node); extern void select_best_grantor(Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, |