Add a function to get the authenticated user ID.

Previously, this was not exposed outside of miscinit.c. It is needed for the pending pg_background patch, and will also be needed for parallelism. Without it, there's no way for a background worker to re-create the exact authentication environment that was present in the process that started it, which could lead to security exposures.
11 years ago · 5ac372fc1a
parent c7371c4a60
commit 5ac372fc1a
2 changed files with 11 additions and 0 deletions
--- a/src/backend/utils/init/miscinit.c
+++ b/src/backend/utils/init/miscinit.c
@ -222,6 +222,16 @@ SetSessionUserId(Oid userid, bool is_superuser)
 	CurrentUserId = userid;
 }

+/*
+ * GetAuthenticatedUserId - get the authenticated user ID
+ */
+Oid
+GetAuthenticatedUserId(void)
+{
+	AssertState(OidIsValid(AuthenticatedUserId));
+	return AuthenticatedUserId;
+}
+

 /*
 * GetUserIdAndSecContext/SetUserIdAndSecContext - get/set the current user ID
--- a/src/include/miscadmin.h
+++ b/src/include/miscadmin.h
@ -283,6 +283,7 @@ extern char *GetUserNameFromId(Oid roleid);
 extern Oid	GetUserId(void);
 extern Oid	GetOuterUserId(void);
 extern Oid	GetSessionUserId(void);
+extern Oid	GetAuthenticatedUserId(void);
 extern void GetUserIdAndSecContext(Oid *userid, int *sec_context);
 extern void SetUserIdAndSecContext(Oid userid, int sec_context);
 extern bool InLocalUserIdChange(void);