Remove NO_SECURITY define.

bmomjian · bmomjian · commit 85f1950a6f67 · 2000-10-16T17:08:11.000Z
diff --git a/src/backend/commands/analyze.c b/src/backend/commands/analyze.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.7 2000/10/05 19:48:22 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.8 2000/10/16 17:08:05 momjian Exp $
  *
 
  *-------------------------------------------------------------------------
@@ -98,7 +98,6 @@ analyze_rel(Oid relid, List *anal_cols2, int MESSAGE_LEVEL)
 
 	onerel = heap_open(relid, AccessShareLock);
 
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), RelationGetRelationName(onerel),
 					   RELNAME))
 	{
@@ -110,7 +109,6 @@ analyze_rel(Oid relid, List *anal_cols2, int MESSAGE_LEVEL)
 		CommitTransactionCommand();
 		return;
 	}
-#endif
 
 	elog(MESSAGE_LEVEL, "Analyzing...");
 
diff --git a/src/backend/commands/command.c b/src/backend/commands/command.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.106 2000/10/10 17:13:30 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.107 2000/10/16 17:08:05 momjian Exp $
  *
  * NOTES
  *	  The PerformAddAttribute() code, like most of the relation
@@ -311,10 +311,8 @@ AlterTableAddColumn(const char *relationName,
 	if (!allowSystemTableMods && IsSystemRelationName(relationName))
 		elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog",
 			 relationName);
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), relationName, RELNAME))
 		elog(ERROR, "ALTER TABLE: permission denied");
-#endif
 
 	/*
 	 * Grab an exclusive lock on the target table, which we will NOT
@@ -1149,7 +1147,7 @@ AlterTableAddConstraint(char *relationName,
 					scan = heap_beginscan(rel, false, SnapshotNow, 0, NULL);
 					AssertState(scan != NULL);
 
-					/* 
+					/*
 					 * We need to make a parse state and range table to allow
 					 * us to transformExpr and fix_opids to get a version of
 					 * the expression we can pass to ExecQual
@@ -1195,7 +1193,7 @@ AlterTableAddConstraint(char *relationName,
 					rte->eref->relname = relationName;
 					rtlist = makeList1(rte);
 
-					/* 
+					/*
 					 * Scan through the rows now, making the necessary things
 					 * for ExecQual, and then call it to evaluate the
 					 * expression.
@@ -1224,13 +1222,13 @@ AlterTableAddConstraint(char *relationName,
 					pfree(rte);
 
 					heap_endscan(scan);
-					heap_close(rel, NoLock);		
+					heap_close(rel, NoLock);
 
-					if (!successful) 
+					if (!successful)
 					{
 						elog(ERROR, "AlterTableAddConstraint: rejected due to CHECK constraint %s", name);
 					}
-					/* 
+					/*
 					 * Call AddRelationRawConstraints to do the real adding --
 					 * It duplicates some of the above, but does not check the
 					 * validity of the constraint against tuples already in
@@ -1274,7 +1272,7 @@ AlterTableAddConstraint(char *relationName,
 
 			pkrel = heap_openr(fkconstraint->pktable_name, AccessExclusiveLock);
 			if (pkrel->rd_rel->relkind != RELKIND_RELATION)
-				elog(ERROR, "referenced table \"%s\" not a relation", 
+				elog(ERROR, "referenced table \"%s\" not a relation",
 					 fkconstraint->pktable_name);
 
 			/*
@@ -1328,7 +1326,7 @@ AlterTableAddConstraint(char *relationName,
 						}
 					}
 					if (found)
-						break;          
+						break;
 					indexStruct = NULL;
 				}
 			if (!found)
@@ -1591,7 +1589,7 @@ AlterTableCreateToastTable(const char *relationName, bool silent)
 
 	if (((Form_pg_class) GETSTRUCT(reltup))->reltoastrelid != InvalidOid)
 	{
-	    if (silent)
+		if (silent)
 		{
 			heap_close(rel, NoLock);
 			heap_close(class_rel, NoLock);
@@ -1601,14 +1599,14 @@ AlterTableCreateToastTable(const char *relationName, bool silent)
 
 		elog(ERROR, "ALTER TABLE: relation \"%s\" already has a toast table",
 			 relationName);
-    }
+	}
 
 	/*
 	 * Check to see whether the table actually needs a TOAST table.
 	 */
 	if (! needs_toast_table(rel))
 	{
-	    if (silent)
+		if (silent)
 		{
 			heap_close(rel, NoLock);
 			heap_close(class_rel, NoLock);
@@ -1784,7 +1782,7 @@ LockTableCommand(LockStmt *lockstmt)
 	if (rel->rd_rel->relkind != RELKIND_RELATION)
 			elog(ERROR, "LOCK TABLE: %s is not a table", lockstmt->relname);
 
-	if (is_view(rel)) 
+	if (is_view(rel))
 			elog(ERROR, "LOCK TABLE: cannot lock a view");
 
 	if (lockstmt->mode == AccessShareLock)
@@ -1842,7 +1840,7 @@ is_view(Relation rel)
 
 	while (HeapTupleIsValid(tuple = heap_getnext(scanDesc, 0)))
 	{
-		if (tuple->t_data != NULL) 
+		if (tuple->t_data != NULL)
 		{
 			data = (Form_pg_rewrite) GETSTRUCT(tuple);
 			if (data->ev_type == '1')
@@ -1856,6 +1854,6 @@ is_view(Relation rel)
 
 	heap_endscan(scanDesc);
 	heap_close(RewriteRelation, RowExclusiveLock);
-	
+
   return retval;
 }
diff --git a/src/backend/commands/comment.c b/src/backend/commands/comment.c
@@ -283,10 +283,8 @@ CommentRelation(int reltype, char *relname, char *comment)
 
 	/*** First, check object security ***/
 
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), relname, RELNAME))
 		elog(ERROR, "you are not permitted to comment on class '%s'", relname);
-#endif
 
 	/*** Now, attempt to find the oid in the cached version of pg_class ***/
 
@@ -349,10 +347,8 @@ CommentAttribute(char *relname, char *attrname, char *comment)
 
 	/*** First, check object security ***/
 
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), relname, RELNAME))
 		elog(ERROR, "you are not permitted to comment on class '%s\'", relname);
-#endif
 
 	/*** Now, fetch the attribute oid from the system cache ***/
 
diff --git a/src/backend/commands/remove.c b/src/backend/commands/remove.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/remove.c,v 1.53 2000/10/07 00:58:16 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/remove.c,v 1.54 2000/10/16 17:08:05 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -81,13 +81,11 @@ RemoveOperator(char *operatorName,		/* operator name */
 
 	if (HeapTupleIsValid(tup))
 	{
-#ifndef NO_SECURITY
 		if (!pg_ownercheck(GetUserId(),
 						   (char *) ObjectIdGetDatum(tup->t_data->t_oid),
 						   OPEROID))
 			elog(ERROR, "RemoveOperator: operator '%s': permission denied",
 				 operatorName);
-#endif
 
 		/*** Delete any comments associated with this operator ***/
 
@@ -250,11 +248,9 @@ RemoveType(char *typeName)		/* type name to be removed */
 	Oid			typeOid;
 	char	   *shadow_type;
 
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), typeName, TYPENAME))
 		elog(ERROR, "RemoveType: type '%s': permission denied",
 			 typeName);
-#endif
 
 	relation = heap_openr(TypeRelationName, RowExclusiveLock);
 
@@ -334,13 +330,11 @@ RemoveFunction(char *functionName,		/* function name to be removed */
 		}
 	}
 
-#ifndef NO_SECURITY
 	if (!pg_func_ownercheck(GetUserId(), functionName, nargs, argList))
 	{
 		elog(ERROR, "RemoveFunction: function '%s': permission denied",
 			 functionName);
 	}
-#endif
 
 	relation = heap_openr(ProcedureRelationName, RowExclusiveLock);
 	tup = SearchSysCacheTuple(PROCNAME,
@@ -396,7 +390,6 @@ RemoveAggregate(char *aggName, char *aggType)
 	else
 		basetypeID = 0;
 
-#ifndef NO_SECURITY
 	if (!pg_aggr_ownercheck(GetUserId(), aggName, basetypeID))
 	{
 		if (aggType)
@@ -410,7 +403,6 @@ RemoveAggregate(char *aggName, char *aggType)
 				 aggName);
 		}
 	}
-#endif
 
 	relation = heap_openr(AggregateRelationName, RowExclusiveLock);
 	tup = SearchSysCacheTuple(AGGNAME,
diff --git a/src/backend/commands/rename.c b/src/backend/commands/rename.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/rename.c,v 1.48 2000/10/16 14:52:03 vadim Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/rename.c,v 1.49 2000/10/16 17:08:05 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -71,12 +71,10 @@ renameatt(char *relname,
 	if (!allowSystemTableMods && IsSystemRelationName(relname))
 		elog(ERROR, "renameatt: class \"%s\" is a system catalog",
 			 relname);
-#ifndef NO_SECURITY
 	if (!IsBootstrapProcessingMode() &&
 		!pg_ownercheck(GetUserId(), relname, RELNAME))
 		elog(ERROR, "renameatt: you do not own class \"%s\"",
 			 relname);
-#endif
 
 	/*
 	 * Grab an exclusive lock on the target table, which we will NOT
diff --git a/src/backend/commands/sequence.c b/src/backend/commands/sequence.c
@@ -201,11 +201,9 @@ nextval(PG_FUNCTION_ARGS)
 				next,
 				rescnt = 0;
 
-#ifndef NO_SECURITY
 	if (pg_aclcheck(seqname, GetUserId(), ACL_WR) != ACLCHECK_OK)
 		elog(ERROR, "%s.nextval: you don't have permissions to set sequence %s",
 			 seqname, seqname);
-#endif
 
 	/* open and AccessShareLock sequence */
 	elm = init_sequence("nextval", seqname);
@@ -298,11 +296,9 @@ currval(PG_FUNCTION_ARGS)
 	SeqTable	elm;
 	int32		result;
 
-#ifndef NO_SECURITY
 	if (pg_aclcheck(seqname, GetUserId(), ACL_RD) != ACLCHECK_OK)
 		elog(ERROR, "%s.currval: you don't have permissions to read sequence %s",
 			 seqname, seqname);
-#endif
 
 	/* open and AccessShareLock sequence */
 	elm = init_sequence("currval", seqname);
@@ -318,18 +314,16 @@ currval(PG_FUNCTION_ARGS)
 	PG_RETURN_INT32(result);
 }
 
-static void 
+static void
 do_setval(char *seqname, int32 next, bool iscalled)
 {
 	SeqTable	elm;
 	Buffer		buf;
 	Form_pg_sequence seq;
 
-#ifndef NO_SECURITY
 	if (pg_aclcheck(seqname, GetUserId(), ACL_WR) != ACLCHECK_OK)
 		elog(ERROR, "%s.setval: you don't have permissions to set sequence %s",
 			 seqname, seqname);
-#endif
 
 	/* open and AccessShareLock sequence */
 	elm = init_sequence("setval", seqname);
diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c
@@ -7,7 +7,7 @@
  * Portions Copyright (c) 1994, Regents of the University of California
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.77 2000/09/06 14:15:16 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.78 2000/10/16 17:08:05 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -68,10 +68,8 @@ CreateTrigger(CreateTrigStmt *stmt)
 	if (!allowSystemTableMods && IsSystemRelationName(stmt->relname))
 		elog(ERROR, "CreateTrigger: can't create trigger for system relation %s", stmt->relname);
 
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), stmt->relname, RELNAME))
 		elog(ERROR, "%s: %s", stmt->relname, aclcheck_error_strings[ACLCHECK_NOT_OWNER]);
-#endif
 
 	/* ----------
 	 * If trigger is a constraint, user trigger name as constraint
@@ -308,10 +306,8 @@ DropTrigger(DropTrigStmt *stmt)
 	int			found = 0;
 	int			tgfound = 0;
 
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), stmt->relname, RELNAME))
 		elog(ERROR, "%s: %s", stmt->relname, aclcheck_error_strings[ACLCHECK_NOT_OWNER]);
-#endif
 
 	rel = heap_openr(stmt->relname, AccessExclusiveLock);
 
diff --git a/src/backend/commands/vacuum.c b/src/backend/commands/vacuum.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/vacuum.c,v 1.167 2000/10/05 19:48:22 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/vacuum.c,v 1.168 2000/10/16 17:08:05 momjian Exp $
  *
 
  *-------------------------------------------------------------------------
@@ -397,7 +397,6 @@ vacuum_rel(Oid relid, bool analyze, bool is_toastrel)
 	 */
 	onerel = heap_open(relid, AccessExclusiveLock);
 
-#ifndef NO_SECURITY
 	if (!pg_ownercheck(GetUserId(), RelationGetRelationName(onerel),
 					   RELNAME))
 	{
@@ -408,7 +407,6 @@ vacuum_rel(Oid relid, bool analyze, bool is_toastrel)
 			CommitTransactionCommand();
 		return;
 	}
-#endif
 
 	/*
 	 * Remember the relation'ss TOAST relation for later
diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c
@@ -27,7 +27,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.129 2000/10/05 19:11:26 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.130 2000/10/16 17:08:06 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -619,9 +619,7 @@ InitPlan(CmdType operation, Query *parseTree, Plan *plan, EState *estate)
 	/*
 	 * Do permissions checks.
 	 */
-#ifndef NO_SECURITY
 	ExecCheckQueryPerms(operation, parseTree, plan);
-#endif
 
 	/*
 	 * get information from query descriptor
diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
diff --git a/src/include/config.h.in b/src/include/config.h.in

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.7 2000/10/05 19:48:22 momjian Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.8 2000/10/16 17:08:05 momjian Exp $`
`12`	`12`	`*`
`13`	`13`
`14`	`14`	`*-------------------------------------------------------------------------`
`@@ -98,7 +98,6 @@ analyze_rel(Oid relid, List *anal_cols2, int MESSAGE_LEVEL)`
`98`	`98`
`99`	`99`	`onerel = heap_open(relid, AccessShareLock);`
`100`	`100`
`101`		`-#ifndef NO_SECURITY`
`102`	`101`	`if (!pg_ownercheck(GetUserId(), RelationGetRelationName(onerel),`
`103`	`102`	`RELNAME))`
`104`	`103`	`{`
`@@ -110,7 +109,6 @@ analyze_rel(Oid relid, List *anal_cols2, int MESSAGE_LEVEL)`
`110`	`109`	`CommitTransactionCommand();`
`111`	`110`	`return;`
`112`	`111`	`}`
`113`		`-#endif`
`114`	`112`
`115`	`113`	`elog(MESSAGE_LEVEL, "Analyzing...");`
`116`	`114`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@`
`27`	`27`	`*`
`28`	`28`	`*`
`29`	`29`	`* IDENTIFICATION`
`30`		`- * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.129 2000/10/05 19:11:26 tgl Exp $`
	`30`	`+ * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.130 2000/10/16 17:08:06 momjian Exp $`
`31`	`31`	`*`
`32`	`32`	`*-------------------------------------------------------------------------`
`33`	`33`	`*/`
`@@ -619,9 +619,7 @@ InitPlan(CmdType operation, Query parseTree, Plan plan, EState *estate)`
`619`	`619`	`/*`
`620`	`620`	`* Do permissions checks.`
`621`	`621`	`*/`
`622`		`-#ifndef NO_SECURITY`
`623`	`622`	`ExecCheckQueryPerms(operation, parseTree, plan);`
`624`		`-#endif`
`625`	`623`
`626`	`624`	`/*`
`627`	`625`	`* get information from query descriptor`