diff options
| author | Robert Haas <rhaas@postgresql.org> | 2013-04-05 08:51:31 -0400 |
|---|---|---|
| committer | Robert Haas <rhaas@postgresql.org> | 2013-04-05 08:51:31 -0400 |
| commit | e965e6344cfaff0708a032721b56f61eea777bc5 (patch) | |
| tree | 51f5e7f7c97fd7a27779407663130fcc29978022 /src/include/catalog/objectaccess.h | |
| parent | 52f436b807b0d02203ea6be19bafa56e4e1381e8 (diff) | |
| download | postgresql-e965e6344cfaff0708a032721b56f61eea777bc5.tar.gz | |
sepgsql: Enforce db_schema:search permission.
KaiGai Kohei, with comment and doc wordsmithing by me
Diffstat (limited to 'src/include/catalog/objectaccess.h')
| -rw-r--r-- | src/include/catalog/objectaccess.h | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/include/catalog/objectaccess.h b/src/include/catalog/objectaccess.h index 25f963b074..12ae55f498 100644 --- a/src/include/catalog/objectaccess.h +++ b/src/include/catalog/objectaccess.h @@ -27,6 +27,10 @@ * hook can use SnapshotNow and SnapshotSelf to get the old and new * versions of the tuple. * + * OAT_NAMESPACE_SEARCH should be invoked prior to object name lookup under + * a particular namespace. This event is equivalent to usage permission + * permission on a schema under the default access control mechanism. + * * Other types may be added in the future. */ typedef enum ObjectAccessType @@ -34,6 +38,7 @@ typedef enum ObjectAccessType OAT_POST_CREATE, OAT_DROP, OAT_POST_ALTER, + OAT_NAMESPACE_SEARCH, } ObjectAccessType; /* @@ -84,6 +89,28 @@ typedef struct bool is_internal; } ObjectAccessPostAlter; +/* + * Arguments of OAT_NAMESPACE_SEARCH + */ +typedef struct +{ + /* + * If true, hook should report an error when permission to search this + * schema is denied. + */ + bool ereport_on_violation; + + /* + * This is, in essence, an out parameter. Core code should + * initialize this to true, and any extension that wants to deny + * access should reset it to false. But an extension should be + * careful never to store a true value here, so that in case there are + * multiple extensions access is only allowed if all extensions + * agree. + */ + bool result; +} ObjectAccessNamespaceSearch; + /* Plugin provides a hook function matching this signature. */ typedef void (*object_access_hook_type) (ObjectAccessType access, Oid classId, @@ -101,6 +128,7 @@ extern void RunObjectDropHook(Oid classId, Oid objectId, int subId, int dropflags); extern void RunObjectPostAlterHook(Oid classId, Oid objectId, int subId, Oid auxiliaryId, bool is_internal); +extern bool RunNamespaceSearchHook(Oid objectId, bool ereport_on_volation); /* * The following macros are wrappers around the functions above; these should @@ -137,4 +165,9 @@ extern void RunObjectPostAlterHook(Oid classId, Oid objectId, int subId, (auxiliaryId),(is_internal)); \ } while(0) +#define InvokeNamespaceSearchHook(objectId, ereport_on_violation) \ + (!object_access_hook \ + ? true \ + : RunNamespaceSearchHook((objectId), (ereport_on_violation))) + #endif /* OBJECTACCESS_H */ |