open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enforce EXECUTE privilege for aggregate functions.

Browse Source
ecpg_big_bison
Tom Lane 24 years ago
parent ccfaf9067d
commit 857661ba2e
2 changed files with 12 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      doc/src/sgml/ref/grant.sgml
  2. 11
      src/backend/executor/nodeAgg.c

3
doc/src/sgml/ref/grant.sgml
Unescape View File

@ -1,5 +1,5 @@
<!--
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.23 2002/04/22 19:17:40 tgl Exp $
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.24 2002/04/29 22:28:19 tgl Exp $
PostgreSQL documentation
-->
@ -182,6 +182,7 @@ GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
Allows the use of the specified function and the use of any
operators that are implemented on top of the function. This is
the only type of privilege that is applicable to functions.
(This syntax works for aggregate functions, as well.)
</para>
</listitem>
</varlistentry>

11
src/backend/executor/nodeAgg.c
Unescape View File

@ -46,7 +46,7 @@
* Portions Copyright (c) 1994, Regents of the University of California
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.82 2002/04/16 23:08:10 tgl Exp $
* $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.83 2002/04/29 22:28:19 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@ -58,11 +58,13 @@
#include "catalog/pg_operator.h"
#include "executor/executor.h"
#include "executor/nodeAgg.h"
#include "miscadmin.h"
#include "optimizer/clauses.h"
#include "parser/parse_coerce.h"
#include "parser/parse_expr.h"
#include "parser/parse_oper.h"
#include "parser/parse_type.h"
#include "utils/acl.h"
#include "utils/builtins.h"
#include "utils/lsyscache.h"
#include "utils/syscache.h"
@ -843,6 +845,7 @@ ExecInitAgg(Agg *node, EState *estate, Plan *parent)
AggStatePerAgg peraggstate = &peragg[++aggno];
HeapTuple aggTuple;
Form_pg_aggregate aggform;
AclResult aclresult;
Oid transfn_oid,
finalfn_oid;
Datum textInitVal;
@ -861,6 +864,12 @@ ExecInitAgg(Agg *node, EState *estate, Plan *parent)
aggref->aggfnoid);
aggform = (Form_pg_aggregate) GETSTRUCT(aggTuple);
/* Check permission to call aggregate function */
aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(),
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, get_func_name(aggref->aggfnoid));
get_typlenbyval(aggref->aggtype,
&peraggstate->resulttypeLen,
&peraggstate->resulttypeByVal);

Write Preview
Loading…
Cancel
Save