projects / users / bernd / postgres.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1dd1b90)
Permission checking wasn't quite right for insert/update/delete rules,
authorTom Lane <[email protected]>
Thu, 3 May 2001 21:16:48 +0000 (21:16 +0000)
committerTom Lane <[email protected]>
Thu, 3 May 2001 21:16:48 +0000 (21:16 +0000)
either :-(.

src/backend/rewrite/rewriteDefine.c patch | blob | blame | history

diff --git a/src/backend/rewrite/rewriteDefine.c b/src/backend/rewrite/rewriteDefine.c
index 468c5307e396bc14df61d8d0fa8c4acb7e610a69..924c0a872b27f7f1233cd13db04215fd3ca3cc7b 100644 (file)
--- a/src/backend/rewrite/rewriteDefine.c
+++ b/src/backend/rewrite/rewriteDefine.c
@@ -377,7 +377,7 @@ DefineQueryRewrite(RuleStmt *stmt)
         * We want the rule's table references to be checked as though by the
         * rule owner, not the user referencing the rule.  Therefore, scan
         * through the rule's rtables and set the checkAsUser field on all
-        * rtable entries (except *OLD* and *NEW*).
+        * rtable entries.
         */
        foreach(l, action)
        {
@@ -426,29 +426,28 @@ DefineQueryRewrite(RuleStmt *stmt)
 /*
  * setRuleCheckAsUser
  *             Recursively scan a query and set the checkAsUser field to the
- *             given userid in all rtable entries except *OLD* and *NEW*.
+ *             given userid in all rtable entries.
+ *
+ * Note: for a view (ON SELECT rule), the checkAsUser field of the *OLD*
+ * RTE entry will be overridden when the view rule is expanded, and the
+ * checkAsUser field of the *NEW* entry is irrelevant because that entry's
+ * checkFor bits will never be set.  However, for other types of rules it's
+ * important to set these fields to match the rule owner.  So we just set
+ * them always.
  */
 static void
 setRuleCheckAsUser(Query *qry, Oid userid)
 {
        List       *l;
 
-       /* Set all the RTEs in this query node, except OLD and NEW */
+       /* Set all the RTEs in this query node */
        foreach(l, qry->rtable)
        {
                RangeTblEntry *rte = (RangeTblEntry *) lfirst(l);
 
-               if (strcmp(rte->eref->relname, "*NEW*") == 0)
-                       continue;
-               if (strcmp(rte->eref->relname, "*OLD*") == 0)
-                       continue;
-
                if (rte->subquery)
                {
-
-                       /*
-                        * Recurse into subquery in FROM
-                        */
+                       /* Recurse into subquery in FROM */
                        setRuleCheckAsUser(rte->subquery, userid);
                }
                else
Bernd Helmle's repository