From 58538a0ffc7259419d1ee82feed93a9bef4bf726 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Mon, 14 Aug 2006 23:39:32 +0000 Subject: Cause '*' and 'foo.*' notations to mark the referenced RTE(s) as requiring read permissions. Up till now there was no possible case in which the RTEs wouldn't already have ACL_SELECT set ... but now that you can say something like 'INSERT INTO foo ... RETURNING *' this is an essential step. With this commit, a RETURNING clause adds the requirement for SELECT permissions on the target table if and only if the clause actually reads the value of at least one target-table column. --- src/backend/parser/parse_clause.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'src/backend/parser/parse_clause.c') diff --git a/src/backend/parser/parse_clause.c b/src/backend/parser/parse_clause.c index 021fb3fa55..70b6946d5f 100644 --- a/src/backend/parser/parse_clause.c +++ b/src/backend/parser/parse_clause.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.156 2006/08/12 20:05:55 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.157 2006/08/14 23:39:32 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -173,8 +173,9 @@ setTargetTable(ParseState *pstate, RangeVar *relation, * permissions. * * If we find an explicit reference to the rel later during parse - * analysis, scanRTEForColumn will add the ACL_SELECT bit back again. That - * can't happen for INSERT but it is possible for UPDATE and DELETE. + * analysis, we will add the ACL_SELECT bit back again; see + * scanRTEForColumn (for simple field references), ExpandColumnRefStar + * (for foo.*) and ExpandAllTables (for *). */ rte->requiredPerms = requiredPerms; -- cgit v1.2.1