(2010/07/10 5:53), Robert Haas wrote: > 2010/6/14 KaiGai Kohei<kai...@ak.jp.nec.com>: >> The attached patch tries to rework DML permission checks. >> >> It was mainly checked at the ExecCheckRTEPerms(), but same logic was >> implemented in COPY TO/FROM statement and RI_Initial_Check(). >> >> This patch tries to consolidate these permission checks into a common >> function to make access control decision on DML permissions. It enables >> to eliminate the code duplication, and improve consistency of access >> controls. > > This patch is listed on the CommitFest page, but I'm not sure if it > represents the latest work on this topic. At a minimum, it needs to > be rebased. > > I am not excited about moving ExecCheckRT[E]Perms to some other place > in the code. It seems to me that will complicate back-patching with > no corresponding advantage. I'd suggest we not do that. The COPY > and RI code can call ExecCheckRTPerms() where it is. Maybe at some > point we will have a grand master plan for how this should all be laid > out, but right now I'd prefer localized changes. >
OK, I rebased and revised the patch not to move ExecCheckRTPerms() from executor/execMain.c. In the attached patch, DoCopy() and RI_Initial_Check() calls that function to consolidate dml access control logic. Thanks, -- KaiGai Kohei <kai...@ak.jp.nec.com>
pgsql-v9.1-reworks-dml-checks.2.patch
Description: application/octect-stream
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
