Home > mailing lists

Re: Simplify calls of pg_class_aclcheck when multiple modes are used - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Simplify calls of pg_class_aclcheck when multiple modes are used
Date	October 21, 2014 23:03:19
Msg-id	5446BBFD.80502@gmx.net Whole thread Raw
In response to	Simplify calls of pg_class_aclcheck when multiple modes are used (Michael Paquier <michael.paquier@gmail.com>)
Responses	Re: Simplify calls of pg_class_aclcheck when multiple modes are used
List	pgsql-hackers

Tree view

On 8/27/14 8:02 AM, Michael Paquier wrote:
> In a couple of code paths we do the following to check permissions on an
> object:
> if (pg_class_aclcheck(relid, userid, ACL_USAGE) != ACLCHECK_OK &&
>     pg_class_aclcheck(relid, userid, ACL_UPDATE) != ACLCHECK_OK)
>     ereport(ERROR, blah);
>
> Wouldn't it be better to simplify that with a single call of
> pg_class_aclcheck, gathering together the modes that need to be checked?

Yes, it's probably just an oversight.

While looking at this, I wrote a few tests cases for sequence
privileges, because that was not covered at all.  That patch is attached.

That led me to discover this issue:
http://www.postgresql.org/message-id/5446B819.1020600@gmx.net

I'll wait for the resolution of that and then commit this.

Attachment

sequence-privileges-tests.patch

pgsql-hackers by date:

From: "Brightwell, Adam"
Date: 21 October 2014, 22:50:02
Subject: Re: Directory/File Access Permissions for COPY and Generic File Access Functions

From: Peter Eisentraut
Date: 21 October 2014, 23:21:08
Subject: Re: Allow format 0000-0000-0000 in postgresql MAC parser

Re: Simplify calls of pg_class_aclcheck when multiple modes are used - Mailing list pgsql-hackers

Attachment

Previous

Next