Thread

Commits

  1. Allow extracting machine-readable object identity

  1. [sepgsql 3/3] Add db_procedure:execute permission checks

    Kohei KaiGai <kaigai@kaigai.gr.jp> — 2013-01-15T20:46:46Z

    This patch adds sepgsql support for permission checks almost
    equivalent to the existing FUNCTION EXECUTE privilege.
    
    This feature is constructed on new OAT_FUNCTION_EXEC event
    type being invoked around pg_proc_aclcheck() except for cases
    when function's permissions are checked during CREATE or
    ALTER commands. (Extension can handle these cases on
    OAT_POST_CREATE or OAT_POST_ALTER hooks if needed.)
    
    This patch assumes db_schema:{search} patch is applied on top.
    So, please also check the patches below...
    https://commitfest.postgresql.org/action/patch_view?id=1003
    https://commitfest.postgresql.org/action/patch_view?id=1065
    
    Thanks,
    -- 
    KaiGai Kohei <kaigai@kaigai.gr.jp>
    
  2. Re: [sepgsql 3/3] Add db_procedure:execute permission checks

    Alvaro Herrera <alvherre@2ndquadrant.com> — 2013-04-10T23:49:50Z

    Kohei KaiGai wrote:
    > This patch adds sepgsql support for permission checks almost
    > equivalent to the existing FUNCTION EXECUTE privilege.
    
    While skimming this patch I noticed that you're using
    getObjectDescription() as the "audit_name" of objects.  This may be a
    bit unstable, for example consider that it's translated if lc_messages
    is set to something other than english.  I would suggest that the object
    identity as introduced by commit f8348ea32ec8 is a better choice for
    this.
    
    -- 
    Álvaro Herrera                http://www.2ndQuadrant.com/
    PostgreSQL Development, 24x7 Support, Training & Services
    
    
    
  3. Re: [sepgsql 3/3] Add db_procedure:execute permission checks

    Kohei KaiGai <kaigai@kaigai.gr.jp> — 2013-04-11T16:10:35Z

    2013/4/11 Alvaro Herrera <alvherre@2ndquadrant.com>:
    > Kohei KaiGai wrote:
    >> This patch adds sepgsql support for permission checks almost
    >> equivalent to the existing FUNCTION EXECUTE privilege.
    >
    > While skimming this patch I noticed that you're using
    > getObjectDescription() as the "audit_name" of objects.  This may be a
    > bit unstable, for example consider that it's translated if lc_messages
    > is set to something other than english.  I would suggest that the object
    > identity as introduced by commit f8348ea32ec8 is a better choice for
    > this.
    >
    Thanks for your suggestion.
    
    I tried to replace getObjectDescription() by getObjectIdentity() almost
    mechanically, even though I had to put special handling around
    OAT_POST_CREATE hook, as existing code doing, because
    SnapshotNow cannot reference the new object just after creation.
    
    Even though it massively affects regression test results, my preference
    is the format using getObjectIdentity(), because audit log is not assumed
    being read by human eyes usually. Thus, newer one is kindness style
    for script developers to put just an identifier of object into "name" field
    of audit log, without anything else.
    
    Best regards,
    -- 
    KaiGai Kohei <kaigai@kaigai.gr.jp>