Thread: pgsql: Add context info to OAT_POST_CREATE security hook

pgsql: Add context info to OAT_POST_CREATE security hook

From
Alvaro Herrera
Date:
Add context info to OAT_POST_CREATE security hook

... and have sepgsql use it to determine whether to check permissions
during certain operations.  Indexes that are being created as a result
of REINDEX, for instance, do not need to have their permissions checked;
they were already checked when the index was created.

Author: KaiGai Kohei, slightly revised by me

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/f4c4335a4aaf5f2ee6e741cdf4f5c8e338d86a2f

Modified Files
--------------
contrib/sepgsql/expected/ddl.out   |   53 ++++++++++
contrib/sepgsql/hooks.c            |  125 ++++++++----------------
contrib/sepgsql/relation.c         |  194 ++++++++++++++++++++++++++++++++----
contrib/sepgsql/sepgsql.h          |    2 +-
contrib/sepgsql/sql/ddl.sql        |   12 ++
doc/src/sgml/sepgsql.sgml          |    6 +
src/backend/bootstrap/bootparse.y  |    3 +-
src/backend/catalog/heap.c         |   14 ++-
src/backend/catalog/index.c        |   15 +++-
src/backend/catalog/toasting.c     |    3 +-
src/backend/commands/cluster.c     |    1 +
src/backend/commands/indexcmds.c   |    2 +-
src/backend/commands/tablecmds.c   |    3 +-
src/include/catalog/heap.h         |    3 +-
src/include/catalog/index.h        |    3 +-
src/include/catalog/objectaccess.h |   13 +++
16 files changed, 336 insertions(+), 116 deletions(-)