Re: Reworks of DML permission checks - Mailing list pgsql-hackers

From Robert Haas
Subject Re: Reworks of DML permission checks
Date
Msg-id AANLkTiltWQpkqt-uvbWMZG6TeEy34AnVJhSIV98L6lKM@mail.gmail.com
Whole thread Raw
In response to Reworks of DML permission checks  (KaiGai Kohei <kaigai@ak.jp.nec.com>)
Responses Re: Reworks of DML permission checks
List pgsql-hackers
2010/6/14 KaiGai Kohei <kaigai@ak.jp.nec.com>:
> The attached patch tries to rework DML permission checks.
>
> It was mainly checked at the ExecCheckRTEPerms(), but same logic was
> implemented in COPY TO/FROM statement and RI_Initial_Check().
>
> This patch tries to consolidate these permission checks into a common
> function to make access control decision on DML permissions. It enables
> to eliminate the code duplication, and improve consistency of access
> controls.

This patch is listed on the CommitFest page, but I'm not sure if it
represents the latest work on this topic.  At a minimum, it needs to
be rebased.

I am not excited about moving ExecCheckRT[E]Perms to some other place
in the code.  It seems to me that will complicate back-patching with
no corresponding advantage.  I'd suggest we not do that.    The COPY
and RI code can call ExecCheckRTPerms() where it is. Maybe at some
point we will have a grand master plan for how this should all be laid
out, but right now I'd prefer localized changes.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise Postgres Company


pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: [PATCH] Re: Issue: Deprecation of the XML2 module 'xml_is_well_formed' function
Next
From: Tom Lane
Date:
Subject: Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().