From 31c775adeb2251a9c66328cbc9016877e5e4f085 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sat, 27 Apr 2002 03:45:03 +0000 Subject: Restructure aclcheck error reporting to make permission-failure messages more uniform and internationalizable: the global array aclcheck_error_strings[] is gone in favor of a subroutine aclcheck_error(). Partial implementation of namespace-related permission checks --- not all done yet. --- src/backend/commands/schemacmds.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'src/backend/commands/schemacmds.c') diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c index 191d5e329b..30bc4077d3 100644 --- a/src/backend/commands/schemacmds.c +++ b/src/backend/commands/schemacmds.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/schemacmds.c,v 1.1 2002/04/15 05:22:03 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/schemacmds.c,v 1.2 2002/04/27 03:45:01 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -20,6 +20,7 @@ #include "miscadmin.h" #include "parser/analyze.h" #include "tcop/utility.h" +#include "utils/acl.h" #include "utils/lsyscache.h" @@ -36,9 +37,14 @@ CreateSchemaCommand(CreateSchemaStmt *stmt) const char *owner_name; Oid owner_userid; Oid saved_userid; + AclResult aclresult; saved_userid = GetUserId(); + /* + * Figure out user identities. + */ + if (!authId) { owner_userid = saved_userid; @@ -67,6 +73,13 @@ CreateSchemaCommand(CreateSchemaStmt *stmt) owner_name, authId); } + /* + * Permissions checks. + */ + aclresult = pg_database_aclcheck(MyDatabaseId, saved_userid, ACL_CREATE); + if (aclresult != ACLCHECK_OK) + aclcheck_error(aclresult, DatabaseName); + if (!allowSystemTableMods && IsReservedName(schemaName)) elog(ERROR, "CREATE SCHEMA: Illegal schema name: \"%s\" -- pg_ is reserved for system schemas", schemaName); -- cgit v1.2.1