/*
* recordSharedDependencyOn
*
* Record a dependency between 2 objects via their respective ObjectAddresses.
* The first argument is the dependent object, the second the one it
* references (which must be a shared object).
*
* This locks the referenced object and makes sure it still exists.
* Then it creates an entry in pg_shdepend. The lock is kept until
* the end of the transaction.
*
* Dependencies on pinned objects are not recorded.
*/
void
recordSharedDependencyOn(ObjectAddress *depender,
ObjectAddress *referenced,
SharedDependencyType deptype)
{
Relation sdepRel;
/*
* Objects in pg_shdepend can't have SubIds.
*/
Assert(depender->objectSubId == 0);
Assert(referenced->objectSubId == 0);
/*
* During bootstrap, do nothing since pg_shdepend may not exist yet.
* initdb will fill in appropriate pg_shdepend entries after bootstrap.
*/
if (IsBootstrapProcessingMode())
return;
sdepRel = heap_open(SharedDependRelationId, RowExclusiveLock);
/* If the referenced object is pinned, do nothing. */
if (!isSharedObjectPinned(referenced->classId, referenced->objectId,
sdepRel))
{
shdepAddDependency(sdepRel, depender->classId, depender->objectId,
depender->objectSubId,
referenced->classId, referenced->objectId,
deptype);
}
heap_close(sdepRel, RowExclusiveLock);
}
/*
* updateAclDependencies
* Update the pg_shdepend info for an object's ACL during GRANT/REVOKE.
*
* classId, objectId: identify the object whose ACL this is
* ownerId: role owning the object
* isGrant: are we adding or removing ACL entries?
* noldmembers, oldmembers: array of roleids appearing in old ACL
* nnewmembers, newmembers: array of roleids appearing in new ACL
*
* We calculate the difference between the new and old lists of roles,
* and then insert (if it's a grant) or delete (if it's a revoke) from
* pg_shdepend as appropiate.
*
* Note that we can't insert blindly at grant, because we would end up with
* duplicate registered dependencies. We could check for existence of the
* tuple before inserting, but that seems to be more expensive than what we are
* doing now. On the other hand, we can't just delete the tuples blindly at
* revoke, because the user may still have other privileges.
*
* NOTE: Both input arrays must be sorted and de-duped. They are pfreed
* before return.
*/
void
updateAclDependencies(Oid classId, Oid objectId, Oid ownerId, bool isGrant,
int noldmembers, Oid *oldmembers,
int nnewmembers, Oid *newmembers)
{
Relation sdepRel;
Oid *diff;
int ndiff,
i;
/*
* Calculate the differences between the old and new lists.
*/
if (isGrant)
ndiff = getOidListDiff(newmembers, nnewmembers,
oldmembers, noldmembers, &diff);
else
ndiff = getOidListDiff(oldmembers, noldmembers,
newmembers, nnewmembers, &diff);
if (ndiff > 0)
{
sdepRel = heap_open(SharedDependRelationId, RowExclusiveLock);
/* Add or drop the respective dependency */
for (i = 0; i < ndiff; i++)
{
Oid roleid = diff[i];
/*
* Skip the owner: he has an OWNER shdep entry instead. (This is
* not just a space optimization; it makes ALTER OWNER easier. See
* notes in changeDependencyOnOwner.)
*/
if (roleid == ownerId)
continue;
/* Skip pinned roles */
if (isSharedObjectPinned(AuthIdRelationId, roleid, sdepRel))
continue;
if (isGrant)
shdepAddDependency(sdepRel, classId, objectId,
AuthIdRelationId, roleid,
SHARED_DEPENDENCY_ACL);
else
shdepDropDependency(sdepRel, classId, objectId,
AuthIdRelationId, roleid,
SHARED_DEPENDENCY_ACL);
}
heap_close(sdepRel, RowExclusiveLock);
}
pfree(diff);
}
/*
* updateAclDependencies
* Update the pg_shdepend info for an object's ACL during GRANT/REVOKE.
*
* classId, objectId, objsubId: identify the object whose ACL this is
* ownerId: role owning the object
* noldmembers, oldmembers: array of roleids appearing in old ACL
* nnewmembers, newmembers: array of roleids appearing in new ACL
*
* We calculate the differences between the new and old lists of roles,
* and then insert or delete from pg_shdepend as appropriate.
*
* Note that we can't just insert all referenced roles blindly during GRANT,
* because we would end up with duplicate registered dependencies. We could
* check for existence of the tuples before inserting, but that seems to be
* more expensive than what we are doing here. Likewise we can't just delete
* blindly during REVOKE, because the user may still have other privileges.
* It is also possible that REVOKE actually adds dependencies, due to
* instantiation of a formerly implicit default ACL (although at present,
* all such dependencies should be for the owning role, which we ignore here).
*
* NOTE: Both input arrays must be sorted and de-duped. (Typically they
* are extracted from an ACL array by aclmembers(), which takes care of
* both requirements.) The arrays are pfreed before return.
*/
void
updateAclDependencies(Oid classId, Oid objectId, int32 objsubId,
Oid ownerId,
int noldmembers, Oid *oldmembers,
int nnewmembers, Oid *newmembers)
{
Relation sdepRel;
int i;
/*
* Remove entries that are common to both lists; those represent existing
* dependencies we don't need to change.
*
* OK to overwrite the inputs since we'll pfree them anyway.
*/
getOidListDiff(oldmembers, &noldmembers, newmembers, &nnewmembers);
if (noldmembers > 0 || nnewmembers > 0)
{
sdepRel = heap_open(SharedDependRelationId, RowExclusiveLock);
/* Add new dependencies that weren't already present */
for (i = 0; i < nnewmembers; i++)
{
Oid roleid = newmembers[i];
/*
* Skip the owner: he has an OWNER shdep entry instead. (This is
* not just a space optimization; it makes ALTER OWNER easier. See
* notes in changeDependencyOnOwner.)
*/
if (roleid == ownerId)
continue;
/* Skip pinned roles; they don't need dependency entries */
if (isSharedObjectPinned(AuthIdRelationId, roleid, sdepRel))
continue;
shdepAddDependency(sdepRel, classId, objectId, objsubId,
AuthIdRelationId, roleid,
SHARED_DEPENDENCY_ACL);
}
/* Drop no-longer-used old dependencies */
for (i = 0; i < noldmembers; i++)
{
Oid roleid = oldmembers[i];
/* Skip the owner, same as above */
if (roleid == ownerId)
continue;
/* Skip pinned roles */
if (isSharedObjectPinned(AuthIdRelationId, roleid, sdepRel))
continue;
shdepDropDependency(sdepRel, classId, objectId, objsubId,
false, /* exact match on objsubId */
AuthIdRelationId, roleid,
SHARED_DEPENDENCY_ACL);
}
heap_close(sdepRel, RowExclusiveLock);
}
if (oldmembers)
pfree(oldmembers);
if (newmembers)
pfree(newmembers);
}
/*
* shdepChangeDep
*
* Update shared dependency records to account for an updated referenced
* object. This is an internal workhorse for operations such as changing
* an object's owner.
*
* There must be no more than one existing entry for the given dependent
* object and dependency type! So in practice this can only be used for
* updating SHARED_DEPENDENCY_OWNER entries, which should have that property.
*
* If there is no previous entry, we assume it was referencing a PINned
* object, so we create a new entry. If the new referenced object is
* PINned, we don't create an entry (and drop the old one, if any).
*
* sdepRel must be the pg_shdepend relation, already opened and suitably
* locked.
*/
static void
shdepChangeDep(Relation sdepRel,
Oid classid, Oid objid, int32 objsubid,
Oid refclassid, Oid refobjid,
SharedDependencyType deptype)
{
Oid dbid = classIdGetDbId(classid);
HeapTuple oldtup = NULL;
HeapTuple scantup;
ScanKeyData key[4];
SysScanDesc scan;
/*
* Make sure the new referenced object doesn't go away while we record the
* dependency.
*/
shdepLockAndCheckObject(refclassid, refobjid);
/*
* Look for a previous entry
*/
ScanKeyInit(&key[0],
Anum_pg_shdepend_dbid,
BTEqualStrategyNumber, F_OIDEQ,
ObjectIdGetDatum(dbid));
ScanKeyInit(&key[1],
Anum_pg_shdepend_classid,
BTEqualStrategyNumber, F_OIDEQ,
ObjectIdGetDatum(classid));
ScanKeyInit(&key[2],
Anum_pg_shdepend_objid,
BTEqualStrategyNumber, F_OIDEQ,
ObjectIdGetDatum(objid));
ScanKeyInit(&key[3],
Anum_pg_shdepend_objsubid,
BTEqualStrategyNumber, F_INT4EQ,
Int32GetDatum(objsubid));
scan = systable_beginscan(sdepRel, SharedDependDependerIndexId, true,
NULL, 4, key);
while ((scantup = systable_getnext(scan)) != NULL)
{
/* Ignore if not of the target dependency type */
if (((Form_pg_shdepend) GETSTRUCT(scantup))->deptype != deptype)
continue;
/* Caller screwed up if multiple matches */
if (oldtup)
elog(ERROR,
"multiple pg_shdepend entries for object %u/%u/%d deptype %c",
classid, objid, objsubid, deptype);
oldtup = heap_copytuple(scantup);
}
systable_endscan(scan);
if (isSharedObjectPinned(refclassid, refobjid, sdepRel))
{
/* No new entry needed, so just delete existing entry if any */
if (oldtup)
CatalogTupleDelete(sdepRel, &oldtup->t_self);
}
else if (oldtup)
{
/* Need to update existing entry */
Form_pg_shdepend shForm = (Form_pg_shdepend) GETSTRUCT(oldtup);
/* Since oldtup is a copy, we can just modify it in-memory */
shForm->refclassid = refclassid;
shForm->refobjid = refobjid;
CatalogTupleUpdate(sdepRel, &oldtup->t_self, oldtup);
}
else
{
/* Need to insert new entry */
Datum values[Natts_pg_shdepend];
bool nulls[Natts_pg_shdepend];
memset(nulls, false, sizeof(nulls));
values[Anum_pg_shdepend_dbid - 1] = ObjectIdGetDatum(dbid);
values[Anum_pg_shdepend_classid - 1] = ObjectIdGetDatum(classid);
values[Anum_pg_shdepend_objid - 1] = ObjectIdGetDatum(objid);
values[Anum_pg_shdepend_objsubid - 1] = Int32GetDatum(objsubid);
values[Anum_pg_shdepend_refclassid - 1] = ObjectIdGetDatum(refclassid);
values[Anum_pg_shdepend_refobjid - 1] = ObjectIdGetDatum(refobjid);
values[Anum_pg_shdepend_deptype - 1] = CharGetDatum(deptype);
/*
* we are reusing oldtup just to avoid declaring a new variable, but
* it's certainly a new tuple
*/
oldtup = heap_form_tuple(RelationGetDescr(sdepRel), values, nulls);
CatalogTupleInsert(sdepRel, oldtup);
}
if (oldtup)
heap_freetuple(oldtup);
}
/*
* shdepChangeDep
*
* Update shared dependency records to account for an updated referenced
* object. This is an internal workhorse for operations such as changing
* an object's owner.
*
* There must be no more than one existing entry for the given dependent
* object and dependency type! So in practice this can only be used for
* updating SHARED_DEPENDENCY_OWNER entries, which should have that property.
*
* If there is no previous entry, we assume it was referencing a PINned
* object, so we create a new entry. If the new referenced object is
* PINned, we don't create an entry (and drop the old one, if any).
*
* sdepRel must be the pg_shdepend relation, already opened and suitably
* locked.
*/
static void
shdepChangeDep(Relation sdepRel, Oid classid, Oid objid,
Oid refclassid, Oid refobjid,
SharedDependencyType deptype)
{
Oid dbid = classIdGetDbId(classid);
bool bGotOne = false;
HeapTuple oldtup = NULL;
HeapTuple scantup;
cqContext *pcqCtx;
cqContext cqc;
/*
* Make sure the new referenced object doesn't go away while we record the
* dependency.
*/
shdepLockAndCheckObject(refclassid, refobjid);
/*
* Look for a previous entry
*/
pcqCtx = caql_beginscan(
caql_addrel(cqclr(&cqc), sdepRel),
cql("SELECT * FROM pg_shdepend "
" WHERE dbid = :1 "
" AND classid = :2 "
" AND objid = :3 "
" FOR UPDATE ",
ObjectIdGetDatum(dbid),
ObjectIdGetDatum(classid),
ObjectIdGetDatum(objid)));
while (HeapTupleIsValid(scantup = caql_getnext(pcqCtx)))
{
/* Ignore if not of the target dependency type */
if (((Form_pg_shdepend) GETSTRUCT(scantup))->deptype != deptype)
continue;
/* Caller screwed up if multiple matches */
if (bGotOne)
elog(ERROR,
"multiple pg_shdepend entries for object %u/%u deptype %c",
classid, objid, deptype);
bGotOne = true;
}
caql_endscan(pcqCtx);
/* XXX XXX XXX XXX XXX XXX XXX XXX XXX
* Should match this logic:
*
* if isSharedObjectpinned
* if Gotone then drop it
* else
* if Gotone
* then update it
* else insert it
*
* XXX XXX XXX XXX XXX XXX XXX XXX XXX
*/
if (!bGotOne) /* no match */
{
/* if no match and pinned, new entry not needed */
if (isSharedObjectPinned(refclassid, refobjid, sdepRel))
{
/* just return -- don't need to free anything because
* sdelRel was passed in, and pcqCtx is freed
*/
return;
}
pcqCtx = caql_beginscan(
caql_addrel(cqclr(&cqc), sdepRel),
cql("INSERT INTO pg_shdepend ",
NULL));
/* Need to insert new entry */
Datum values[Natts_pg_shdepend];
bool nulls[Natts_pg_shdepend];
memset(nulls, 0, sizeof(nulls));
values[Anum_pg_shdepend_dbid - 1] = ObjectIdGetDatum(dbid);
values[Anum_pg_shdepend_classid - 1] = ObjectIdGetDatum(classid);
values[Anum_pg_shdepend_objid - 1] = ObjectIdGetDatum(objid);
values[Anum_pg_shdepend_refclassid - 1] = ObjectIdGetDatum(refclassid);
values[Anum_pg_shdepend_refobjid - 1] = ObjectIdGetDatum(refobjid);
values[Anum_pg_shdepend_deptype - 1] = CharGetDatum(deptype);
/*
* we are reusing oldtup just to avoid declaring a new variable, but
* it's certainly a new tuple
*/
oldtup = caql_form_tuple(pcqCtx, values, nulls);
caql_insert(pcqCtx, oldtup);
/* and Update indexes (implicit) */
heap_freetuple(oldtup);
caql_endscan(pcqCtx);
}
else
{
/* XXX XXX Do the scan again, but do the update/delete this time */
pcqCtx = caql_beginscan(
caql_addrel(cqclr(&cqc), sdepRel),
cql("SELECT * FROM pg_shdepend "
" WHERE dbid = :1 "
" AND classid = :2 "
" AND objid = :3 "
" FOR UPDATE ",
ObjectIdGetDatum(dbid),
ObjectIdGetDatum(classid),
ObjectIdGetDatum(objid)));
while (HeapTupleIsValid(scantup = caql_getnext(pcqCtx)))
{
/* Ignore if not of the target dependency type */
if (((Form_pg_shdepend) GETSTRUCT(scantup))->deptype != deptype)
continue;
/*
* NOTE: already tested for multiple matches - just use
* first one
*/
if (isSharedObjectPinned(refclassid, refobjid, sdepRel))
{
/* No new entry needed, so just delete existing entry if any */
caql_delete_current(pcqCtx);
}
else
{
oldtup = heap_copytuple(scantup);
/* Need to update existing entry */
Form_pg_shdepend shForm = (Form_pg_shdepend) GETSTRUCT(oldtup);
/* Since oldtup is a copy, we can just modify it in-memory */
shForm->refclassid = refclassid;
shForm->refobjid = refobjid;
caql_update_current(pcqCtx, oldtup);
/* and Update indexes (implicit) */
heap_freetuple(oldtup);
}
break;
}
caql_endscan(pcqCtx);
}
}
