Skip to content

Commit b620fda

Browse files
robertmhaasrobertmhaas
committed
sepgql: Use getObjectIdentity rather than getObjectDescription.
KaiGai Kohei, based on a suggestion from Álvaro Herrera
1 parent be55f3b commit b620fda

File tree

7 files changed

+351
-330
lines changed

7 files changed

+351
-330
lines changed

contrib/sepgsql/database.c

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
#include "catalog/indexing.h"
2020
#include "commands/dbcommands.h"
2121
#include "commands/seclabel.h"
22+
#include "utils/builtins.h"
2223
#include "utils/fmgroids.h"
2324
#include "utils/tqual.h"
2425
#include "sepgsql.h"
@@ -38,9 +39,9 @@ sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
3839
HeapTuple tuple;
3940
char *tcontext;
4041
char *ncontext;
41-
char audit_name[NAMEDATALEN + 20];
4242
ObjectAddress object;
4343
Form_pg_database datForm;
44+
StringInfoData audit_name;
4445

4546
/*
4647
* Oid of the source database is not saved in pg_database catalog, so we
@@ -61,11 +62,12 @@ sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
6162
/*
6263
* check db_database:{getattr} permission
6364
*/
64-
snprintf(audit_name, sizeof(audit_name), "database %s", dtemplate);
65+
initStringInfo(&audit_name);
66+
appendStringInfo(&audit_name, "%s", quote_identifier(dtemplate));
6567
sepgsql_avc_check_perms_label(tcontext,
6668
SEPG_CLASS_DB_DATABASE,
6769
SEPG_DB_DATABASE__GETATTR,
68-
audit_name,
70+
audit_name.data,
6971
true);
7072

7173
/*
@@ -98,12 +100,13 @@ sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
98100
/*
99101
* check db_database:{create} permission
100102
*/
101-
snprintf(audit_name, sizeof(audit_name),
102-
"database %s", NameStr(datForm->datname));
103+
resetStringInfo(&audit_name);
104+
appendStringInfo(&audit_name, "%s",
105+
quote_identifier(NameStr(datForm->datname)));
103106
sepgsql_avc_check_perms_label(ncontext,
104107
SEPG_CLASS_DB_DATABASE,
105108
SEPG_DB_DATABASE__CREATE,
106-
audit_name,
109+
audit_name.data,
107110
true);
108111

109112
systable_endscan(sscan);
@@ -139,7 +142,7 @@ sepgsql_database_drop(Oid databaseId)
139142
object.classId = DatabaseRelationId;
140143
object.objectId = databaseId;
141144
object.objectSubId = 0;
142-
audit_name = getObjectDescription(&object);
145+
audit_name = getObjectIdentity(&object);
143146

144147
sepgsql_avc_check_perms(&object,
145148
SEPG_CLASS_DB_DATABASE,
@@ -166,7 +169,7 @@ sepgsql_database_setattr(Oid databaseId)
166169
object.classId = DatabaseRelationId;
167170
object.objectId = databaseId;
168171
object.objectSubId = 0;
169-
audit_name = getObjectDescription(&object);
172+
audit_name = getObjectIdentity(&object);
170173

171174
sepgsql_avc_check_perms(&object,
172175
SEPG_CLASS_DB_DATABASE,
@@ -190,7 +193,7 @@ sepgsql_database_relabel(Oid databaseId, const char *seclabel)
190193
object.classId = DatabaseRelationId;
191194
object.objectId = databaseId;
192195
object.objectSubId = 0;
193-
audit_name = getObjectDescription(&object);
196+
audit_name = getObjectIdentity(&object);
194197

195198
/*
196199
* check db_database:{setattr relabelfrom} permission

contrib/sepgsql/dml.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,7 @@ check_relation_privileges(Oid relOid,
187187
object.classId = RelationRelationId;
188188
object.objectId = relOid;
189189
object.objectSubId = 0;
190-
audit_name = getObjectDescription(&object);
190+
audit_name = getObjectIdentity(&object);
191191
switch (relkind)
192192
{
193193
case RELKIND_RELATION:

contrib/sepgsql/expected/alter.out

Lines changed: 84 additions & 84 deletions
Large diffs are not rendered by default.

contrib/sepgsql/expected/ddl.out

Lines changed: 195 additions & 195 deletions
Large diffs are not rendered by default.

contrib/sepgsql/proc.c

Lines changed: 15 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
#include "catalog/indexing.h"
1919
#include "catalog/pg_namespace.h"
2020
#include "catalog/pg_proc.h"
21+
#include "catalog/pg_type.h"
2122
#include "commands/seclabel.h"
2223
#include "lib/stringinfo.h"
2324
#include "utils/builtins.h"
@@ -41,6 +42,7 @@ sepgsql_proc_post_create(Oid functionId)
4142
ScanKeyData skey;
4243
SysScanDesc sscan;
4344
HeapTuple tuple;
45+
char *nsp_name;
4446
char *scontext;
4547
char *tcontext;
4648
char *ncontext;
@@ -79,7 +81,7 @@ sepgsql_proc_post_create(Oid functionId)
7981
sepgsql_avc_check_perms(&object,
8082
SEPG_CLASS_DB_SCHEMA,
8183
SEPG_DB_SCHEMA__ADD_NAME,
82-
getObjectDescription(&object),
84+
getObjectIdentity(&object),
8385
true);
8486

8587
/*
@@ -102,14 +104,18 @@ sepgsql_proc_post_create(Oid functionId)
102104
* check db_procedure:{create (install)} permission
103105
*/
104106
initStringInfo(&audit_name);
105-
appendStringInfo(&audit_name, "function %s(", NameStr(proForm->proname));
107+
nsp_name = get_namespace_name(proForm->pronamespace);
108+
appendStringInfo(&audit_name, "%s(",
109+
quote_qualified_identifier(nsp_name, NameStr(proForm->proname)));
106110
for (i = 0; i < proForm->pronargs; i++)
107111
{
108-
Oid typeoid = proForm->proargtypes.values[i];
109-
110112
if (i > 0)
111113
appendStringInfoChar(&audit_name, ',');
112-
appendStringInfoString(&audit_name, format_type_be(typeoid));
114+
115+
object.classId = TypeRelationId;
116+
object.objectId = proForm->proargtypes.values[i];
117+
object.objectSubId = 0;
118+
appendStringInfoString(&audit_name, getObjectIdentity(&object));
113119
}
114120
appendStringInfoChar(&audit_name, ')');
115121

@@ -159,7 +165,7 @@ sepgsql_proc_drop(Oid functionId)
159165
object.classId = NamespaceRelationId;
160166
object.objectId = get_func_namespace(functionId);
161167
object.objectSubId = 0;
162-
audit_name = getObjectDescription(&object);
168+
audit_name = getObjectIdentity(&object);
163169

164170
sepgsql_avc_check_perms(&object,
165171
SEPG_CLASS_DB_SCHEMA,
@@ -174,7 +180,7 @@ sepgsql_proc_drop(Oid functionId)
174180
object.classId = ProcedureRelationId;
175181
object.objectId = functionId;
176182
object.objectSubId = 0;
177-
audit_name = getObjectDescription(&object);
183+
audit_name = getObjectIdentity(&object);
178184

179185
sepgsql_avc_check_perms(&object,
180186
SEPG_CLASS_DB_PROCEDURE,
@@ -199,7 +205,7 @@ sepgsql_proc_relabel(Oid functionId, const char *seclabel)
199205
object.classId = ProcedureRelationId;
200206
object.objectId = functionId;
201207
object.objectSubId = 0;
202-
audit_name = getObjectDescription(&object);
208+
audit_name = getObjectIdentity(&object);
203209

204210
/*
205211
* check db_procedure:{setattr relabelfrom} permission
@@ -287,7 +293,7 @@ sepgsql_proc_setattr(Oid functionId)
287293
object.classId = ProcedureRelationId;
288294
object.objectId = functionId;
289295
object.objectSubId = 0;
290-
audit_name = getObjectDescription(&object);
296+
audit_name = getObjectIdentity(&object);
291297

292298
sepgsql_avc_check_perms(&object,
293299
SEPG_CLASS_DB_PROCEDURE,

contrib/sepgsql/relation.c

Lines changed: 35 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@
2020
#include "catalog/pg_class.h"
2121
#include "catalog/pg_namespace.h"
2222
#include "commands/seclabel.h"
23+
#include "lib/stringinfo.h"
24+
#include "utils/builtins.h"
2325
#include "utils/fmgroids.h"
2426
#include "utils/catcache.h"
2527
#include "utils/lsyscache.h"
@@ -49,9 +51,9 @@ sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum)
4951
char *scontext;
5052
char *tcontext;
5153
char *ncontext;
52-
char audit_name[2 * NAMEDATALEN + 20];
5354
ObjectAddress object;
5455
Form_pg_attribute attForm;
56+
StringInfoData audit_name;
5557

5658
/*
5759
* Only attributes within regular relation have individual security
@@ -94,12 +96,18 @@ sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum)
9496
/*
9597
* check db_column:{create} permission
9698
*/
97-
snprintf(audit_name, sizeof(audit_name), "table %s column %s",
98-
get_rel_name(relOid), NameStr(attForm->attname));
99+
object.classId = RelationRelationId;
100+
object.objectId = relOid;
101+
object.objectSubId = 0;
102+
103+
initStringInfo(&audit_name);
104+
appendStringInfo(&audit_name, "%s.%s",
105+
getObjectIdentity(&object),
106+
quote_identifier(NameStr(attForm->attname)));
99107
sepgsql_avc_check_perms_label(ncontext,
100108
SEPG_CLASS_DB_COLUMN,
101109
SEPG_DB_COLUMN__CREATE,
102-
audit_name,
110+
audit_name.data,
103111
true);
104112

105113
/*
@@ -137,7 +145,7 @@ sepgsql_attribute_drop(Oid relOid, AttrNumber attnum)
137145
object.classId = RelationRelationId;
138146
object.objectId = relOid;
139147
object.objectSubId = attnum;
140-
audit_name = getObjectDescription(&object);
148+
audit_name = getObjectIdentity(&object);
141149

142150
sepgsql_avc_check_perms(&object,
143151
SEPG_CLASS_DB_COLUMN,
@@ -168,7 +176,7 @@ sepgsql_attribute_relabel(Oid relOid, AttrNumber attnum,
168176
object.classId = RelationRelationId;
169177
object.objectId = relOid;
170178
object.objectSubId = attnum;
171-
audit_name = getObjectDescription(&object);
179+
audit_name = getObjectIdentity(&object);
172180

173181
/*
174182
* check db_column:{setattr relabelfrom} permission
@@ -211,7 +219,7 @@ sepgsql_attribute_setattr(Oid relOid, AttrNumber attnum)
211219
object.classId = RelationRelationId;
212220
object.objectId = relOid;
213221
object.objectSubId = attnum;
214-
audit_name = getObjectDescription(&object);
222+
audit_name = getObjectIdentity(&object);
215223

216224
sepgsql_avc_check_perms(&object,
217225
SEPG_CLASS_DB_COLUMN,
@@ -236,12 +244,12 @@ sepgsql_relation_post_create(Oid relOid)
236244
Form_pg_class classForm;
237245
ObjectAddress object;
238246
uint16 tclass;
239-
const char *tclass_text;
240247
char *scontext; /* subject */
241248
char *tcontext; /* schema */
242249
char *rcontext; /* relation */
243250
char *ccontext; /* column */
244-
char audit_name[2 * NAMEDATALEN + 20];
251+
char *nsp_name;
252+
StringInfoData audit_name;
245253

246254
/*
247255
* Fetch catalog record of the new relation. Because pg_class entry is not
@@ -277,22 +285,19 @@ sepgsql_relation_post_create(Oid relOid)
277285
sepgsql_avc_check_perms(&object,
278286
SEPG_CLASS_DB_SCHEMA,
279287
SEPG_DB_SCHEMA__ADD_NAME,
280-
getObjectDescription(&object),
288+
getObjectIdentity(&object),
281289
true);
282290

283291
switch (classForm->relkind)
284292
{
285293
case RELKIND_RELATION:
286294
tclass = SEPG_CLASS_DB_TABLE;
287-
tclass_text = "table";
288295
break;
289296
case RELKIND_SEQUENCE:
290297
tclass = SEPG_CLASS_DB_SEQUENCE;
291-
tclass_text = "sequence";
292298
break;
293299
case RELKIND_VIEW:
294300
tclass = SEPG_CLASS_DB_VIEW;
295-
tclass_text = "view";
296301
break;
297302
case RELKIND_INDEX:
298303
/* deal with indexes specially; no need for tclass */
@@ -316,12 +321,15 @@ sepgsql_relation_post_create(Oid relOid)
316321
/*
317322
* check db_xxx:{create} permission
318323
*/
319-
snprintf(audit_name, sizeof(audit_name), "%s %s",
320-
tclass_text, NameStr(classForm->relname));
324+
nsp_name = get_namespace_name(classForm->relnamespace);
325+
initStringInfo(&audit_name);
326+
appendStringInfo(&audit_name, "%s.%s",
327+
quote_identifier(nsp_name),
328+
quote_identifier(NameStr(classForm->relname)));
321329
sepgsql_avc_check_perms_label(rcontext,
322330
tclass,
323331
SEPG_DB_DATABASE__CREATE,
324-
audit_name,
332+
audit_name.data,
325333
true);
326334

327335
/*
@@ -358,10 +366,11 @@ sepgsql_relation_post_create(Oid relOid)
358366
{
359367
attForm = (Form_pg_attribute) GETSTRUCT(atup);
360368

361-
snprintf(audit_name, sizeof(audit_name), "%s %s column %s",
362-
tclass_text,
363-
NameStr(classForm->relname),
364-
NameStr(attForm->attname));
369+
resetStringInfo(&audit_name);
370+
appendStringInfo(&audit_name, "%s.%s.%s",
371+
quote_identifier(nsp_name),
372+
quote_identifier(NameStr(classForm->relname)),
373+
quote_identifier(NameStr(attForm->attname)));
365374

366375
ccontext = sepgsql_compute_create(scontext,
367376
rcontext,
@@ -374,7 +383,7 @@ sepgsql_relation_post_create(Oid relOid)
374383
sepgsql_avc_check_perms_label(ccontext,
375384
SEPG_CLASS_DB_COLUMN,
376385
SEPG_DB_COLUMN__CREATE,
377-
audit_name,
386+
audit_name.data,
378387
true);
379388

380389
object.classId = RelationRelationId;
@@ -436,7 +445,7 @@ sepgsql_relation_drop(Oid relOid)
436445
object.classId = NamespaceRelationId;
437446
object.objectId = get_rel_namespace(relOid);
438447
object.objectSubId = 0;
439-
audit_name = getObjectDescription(&object);
448+
audit_name = getObjectIdentity(&object);
440449

441450
sepgsql_avc_check_perms(&object,
442451
SEPG_CLASS_DB_SCHEMA,
@@ -458,7 +467,7 @@ sepgsql_relation_drop(Oid relOid)
458467
object.classId = RelationRelationId;
459468
object.objectId = relOid;
460469
object.objectSubId = 0;
461-
audit_name = getObjectDescription(&object);
470+
audit_name = getObjectIdentity(&object);
462471

463472
sepgsql_avc_check_perms(&object,
464473
tclass,
@@ -489,7 +498,7 @@ sepgsql_relation_drop(Oid relOid)
489498
object.classId = RelationRelationId;
490499
object.objectId = relOid;
491500
object.objectSubId = attForm->attnum;
492-
audit_name = getObjectDescription(&object);
501+
audit_name = getObjectIdentity(&object);
493502

494503
sepgsql_avc_check_perms(&object,
495504
SEPG_CLASS_DB_COLUMN,
@@ -531,7 +540,7 @@ sepgsql_relation_relabel(Oid relOid, const char *seclabel)
531540
object.classId = RelationRelationId;
532541
object.objectId = relOid;
533542
object.objectSubId = 0;
534-
audit_name = getObjectDescription(&object);
543+
audit_name = getObjectIdentity(&object);
535544

536545
/*
537546
* check db_xxx:{setattr relabelfrom} permission
@@ -641,7 +650,7 @@ sepgsql_relation_setattr(Oid relOid)
641650
object.classId = RelationRelationId;
642651
object.objectId = relOid;
643652
object.objectSubId = 0;
644-
audit_name = getObjectDescription(&object);
653+
audit_name = getObjectIdentity(&object);
645654

646655
sepgsql_avc_check_perms(&object,
647656
tclass,

0 commit comments

Comments
 (0)