Cause '*' and 'foo.*' notations to mark the referenced RTE(s) as

requiring read permissions. Up till now there was no possible case in which the RTEs wouldn't already have ACL_SELECT set ... but now that you can say something like 'INSERT INTO foo ... RETURNING *' this is an essential step. With this commit, a RETURNING clause adds the requirement for SELECT permissions on the target table if and only if the clause actually reads the value of at least one target-table column.

Cause '' and 'foo.' notations to mark the referenced RTE(s) as
requiring read permissions. Up till now there was no possible case in which the RTEs wouldn't already have ACL_SELECT set ... but now that you can say something like 'INSERT INTO foo ... RETURNING *' this is an essential step. With this commit, a RETURNING clause adds the requirement for SELECT permissions on the target table if and only if the clause actually reads the value of at least one target-table column.
58538a0f · Tom Lane · 65b2f93b · 58538a0f · 58538a0f
Commit 58538a0f authored Aug 14, 2006 by Tom Lane
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 4 deletions

src/backend/parser/parse_clause.c src/backend/parser/parse_clause.c +4 -3

src/backend/parser/parse_target.c src/backend/parser/parse_target.c +7 -1

No files found.
--- a/src/backend/parser/parse_clause.c
+++ b/src/backend/parser/parse_clause.c
@@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.156 2006/08/12 20:05:55 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.157 2006/08/14 23:39:32 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -173,8 +173,9 @@ setTargetTable(ParseState *pstate, RangeVar *relation,
 	 * permissions.
 	 *
 	 * If we find an explicit reference to the rel later during parse
-	 * analysis, scanRTEForColumn will add the ACL_SELECT bit back again. That
+	 * analysis, we will add the ACL_SELECT bit back again; see
-	 * can't happen for INSERT but it is possible for UPDATE and DELETE.
+	 * scanRTEForColumn (for simple field references), ExpandColumnRefStar
+	 * (for foo.*) and ExpandAllTables (for *).
 	 */
 	rte->requiredPerms = requiredPerms;

--- a/src/backend/parser/parse_target.c
+++ b/src/backend/parser/parse_target.c
@@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.147 2006/08/02 01:59:47 joe Exp $
+ *	  $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.148 2006/08/14 23:39:32 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -889,6 +889,9 @@ ExpandColumnRefStar(ParseState *pstate, ColumnRef *cref,
 			rte = addImplicitRTE(pstate, makeRangeVar(schemaname, relname),
 								 cref->location);
+		/* Require read access --- see comments in setTargetTable() */
+		rte->requiredPerms |= ACL_SELECT;
 		rtindex = RTERangeTablePosn(pstate, rte, &sublevels_up);
 		if (targetlist)
@@ -930,6 +933,9 @@ ExpandAllTables(ParseState *pstate)
 		RangeTblEntry *rte = (RangeTblEntry *) lfirst(l);
 		int			rtindex = RTERangeTablePosn(pstate, rte, NULL);
+		/* Require read access --- see comments in setTargetTable() */
+		rte->requiredPerms |= ACL_SELECT;
 		target = list_concat(target,
 							 expandRelAttrs(pstate, rte, rtindex, 0));
 	}