Adjust 'permission denied' messages to be more useful and consistent.

Author: tglsfdc

src/backend/catalog/aclchk.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.84 2003/07/21 01:59:07 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.85 2003/08/01 00:15:19 tgl Exp $
  *
  * NOTES
  *	  See acl.h.
@@ -223,7 +223,7 @@ ExecuteGrantStmt_Relation(GrantStmt *stmt)
 		if (stmt->is_grant
 			&& !pg_class_ownercheck(relOid, GetUserId())
 			&& pg_class_aclcheck(relOid, GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
-			aclcheck_error(ACLCHECK_NO_PRIV, relvar->relname);
+			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS, relvar->relname);
 
 		/* Not sensible to grant on an index */
 		if (pg_class_tuple->relkind == RELKIND_INDEX)
@@ -329,7 +329,8 @@ ExecuteGrantStmt_Database(GrantStmt *stmt)
 		if (stmt->is_grant
 			&& pg_database_tuple->datdba != GetUserId()
 			&& pg_database_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
-			aclcheck_error(ACLCHECK_NO_PRIV, NameStr(pg_database_tuple->datname));
+			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_DATABASE,
+						   NameStr(pg_database_tuple->datname));
 
 		/*
 		 * If there's no ACL, create a default.
@@ -424,7 +425,7 @@ ExecuteGrantStmt_Function(GrantStmt *stmt)
 		if (stmt->is_grant
 			&& !pg_proc_ownercheck(oid, GetUserId())
 			&& pg_proc_aclcheck(oid, GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
-			aclcheck_error(ACLCHECK_NO_PRIV,
+			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_PROC,
 						   NameStr(pg_proc_tuple->proname));
 
 		/*
@@ -525,7 +526,8 @@ ExecuteGrantStmt_Language(GrantStmt *stmt)
 		if (stmt->is_grant
 			&& !superuser()
 			&& pg_language_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
-			aclcheck_error(ACLCHECK_NO_PRIV, NameStr(pg_language_tuple->lanname));
+			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+						   NameStr(pg_language_tuple->lanname));
 
 		/*
 		 * If there's no ACL, create a default.
@@ -619,7 +621,8 @@ ExecuteGrantStmt_Namespace(GrantStmt *stmt)
 		if (stmt->is_grant
 			&& !pg_namespace_ownercheck(HeapTupleGetOid(tuple), GetUserId())
 			&& pg_namespace_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
-			aclcheck_error(ACLCHECK_NO_PRIV, nspname);
+			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_NAMESPACE,
+						   nspname);
 
 		/*
 		 * If there's no ACL, create a default using the
@@ -848,9 +851,59 @@ aclcheck(Acl *acl, AclId userid, AclMode mode)
 
 /*
  * Standardized reporting of aclcheck permissions failures.
+ *
+ * Note: we do not double-quote the %s's below, because many callers
+ * supply strings that might be already quoted.
  */
+
+static const char * const no_priv_msg[MAX_ACL_KIND] =
+{
+	/* ACL_KIND_CLASS */
+	gettext_noop("permission denied for relation %s"),
+	/* ACL_KIND_DATABASE */
+	gettext_noop("permission denied for database %s"),
+	/* ACL_KIND_PROC */
+	gettext_noop("permission denied for function %s"),
+	/* ACL_KIND_OPER */
+	gettext_noop("permission denied for operator %s"),
+	/* ACL_KIND_TYPE */
+	gettext_noop("permission denied for type %s"),
+	/* ACL_KIND_LANGUAGE */
+	gettext_noop("permission denied for language %s"),
+	/* ACL_KIND_NAMESPACE */
+	gettext_noop("permission denied for schema %s"),
+	/* ACL_KIND_OPCLASS */
+	gettext_noop("permission denied for operator class %s"),
+	/* ACL_KIND_CONVERSION */
+	gettext_noop("permission denied for conversion %s")
+};
+
+static const char * const not_owner_msg[MAX_ACL_KIND] =
+{
+	/* ACL_KIND_CLASS */
+	gettext_noop("must be owner of relation %s"),
+	/* ACL_KIND_DATABASE */
+	gettext_noop("must be owner of database %s"),
+	/* ACL_KIND_PROC */
+	gettext_noop("must be owner of function %s"),
+	/* ACL_KIND_OPER */
+	gettext_noop("must be owner of operator %s"),
+	/* ACL_KIND_TYPE */
+	gettext_noop("must be owner of type %s"),
+	/* ACL_KIND_LANGUAGE */
+	gettext_noop("must be owner of language %s"),
+	/* ACL_KIND_NAMESPACE */
+	gettext_noop("must be owner of schema %s"),
+	/* ACL_KIND_OPCLASS */
+	gettext_noop("must be owner of operator class %s"),
+	/* ACL_KIND_CONVERSION */
+	gettext_noop("must be owner of conversion %s")
+};
+
+
 void
-aclcheck_error(AclResult aclerr, const char *objectname)
+aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+			   const char *objectname)
 {
 	switch (aclerr)
 	{
@@ -860,12 +913,12 @@ aclcheck_error(AclResult aclerr, const char *objectname)
 		case ACLCHECK_NO_PRIV:
 			ereport(ERROR,
 					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg("permission denied for \"%s\"", objectname)));
+					 errmsg(no_priv_msg[objectkind], objectname)));
 			break;
 		case ACLCHECK_NOT_OWNER:
 			ereport(ERROR,
 					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg("must be owner of \"%s\"", objectname)));
+					 errmsg(not_owner_msg[objectkind], objectname)));
 			break;
 		default:
 			elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);

src/backend/catalog/namespace.c

@@ -13,7 +13,7 @@
  * Portions Copyright (c) 1994, Regents of the University of California
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.54 2003/07/21 01:59:09 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.55 2003/08/01 00:15:19 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -1201,7 +1201,8 @@ LookupExplicitNamespace(const char *nspname)
 
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, nspname);
+		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					   nspname);
 
 	return namespaceId;
 }
@@ -1624,7 +1625,7 @@ InitTempTableNamespace(void)
 							 ACL_CREATE_TEMP) != ACLCHECK_OK)
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-				 errmsg("not authorized to create temp tables in database \"%s\"",
+				 errmsg("permission denied to create temp tables in database \"%s\"",
 						get_database_name(MyDatabaseId))));
 
 	snprintf(namespaceName, sizeof(namespaceName), "pg_temp_%d", MyBackendId);

src/backend/catalog/pg_conversion.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_conversion.c,v 1.12 2003/07/28 00:09:14 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_conversion.c,v 1.13 2003/08/01 00:15:19 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -146,9 +146,8 @@ ConversionDrop(Oid conversionOid, DropBehavior behavior)
 
 	if (!superuser() &&
 		((Form_pg_conversion) GETSTRUCT(tuple))->conowner != GetUserId())
-		ereport(ERROR,
-				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-				 errmsg("permission denied")));
+		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
+					   NameStr(((Form_pg_conversion) GETSTRUCT(tuple))->conname));
 
 	ReleaseSysCache(tuple);
 

src/backend/catalog/pg_operator.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.80 2003/07/21 01:59:11 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.81 2003/08/01 00:15:19 tgl Exp $
  *
  * NOTES
  *	  these routines moved here from commands/define.c and somewhat cleaned up.
@@ -732,7 +732,8 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
 	aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(),
 									  ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, get_namespace_name(otherNamespace));
+		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					   get_namespace_name(otherNamespace));
 
 	other_oid = OperatorShellMake(otherName,
 								  otherNamespace,

src/backend/catalog/pg_proc.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_proc.c,v 1.101 2003/07/21 01:59:11 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_proc.c,v 1.102 2003/08/01 00:15:19 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -27,6 +27,7 @@
 #include "parser/parse_expr.h"
 #include "parser/parse_type.h"
 #include "tcop/tcopprot.h"
+#include "utils/acl.h"
 #include "utils/builtins.h"
 #include "utils/lsyscache.h"
 #include "utils/sets.h"
@@ -219,10 +220,8 @@ ProcedureCreate(const char *procedureName,
 					 errmsg("function \"%s\" already exists with same argument types",
 							procedureName)));
 		if (GetUserId() != oldproc->proowner && !superuser())
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg("you do not have permission to replace function \"%s\"",
-							procedureName)));
+			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+						   procedureName);
 
 		/*
 		 * Not okay to change the return type of the existing proc, since

src/backend/commands/aggregatecmds.c

@@ -9,7 +9,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.11 2003/07/20 21:56:32 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.12 2003/08/01 00:15:19 tgl Exp $
  *
  * DESCRIPTION
  *	  The "DefineFoo" routines take the parse tree and pick out the
@@ -64,7 +64,8 @@ DefineAggregate(List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, get_namespace_name(aggNamespace));
+		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					   get_namespace_name(aggNamespace));
 
 	foreach(pl, parameters)
 	{
@@ -191,7 +192,8 @@ RemoveAggregate(RemoveAggrStmt *stmt)
 	if (!pg_proc_ownercheck(procOid, GetUserId()) &&
 		!pg_namespace_ownercheck(((Form_pg_proc) GETSTRUCT(tup))->pronamespace,
 								 GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(aggName));
+		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					   NameListToString(aggName));
 
 	/* find_aggregate_func already checked it is an aggregate */
 
@@ -269,12 +271,14 @@ RenameAggregate(List *name, TypeName *basetype, const char *newname)
 
 	/* must be owner */
 	if (!pg_proc_ownercheck(procOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name));
+		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					   NameListToString(name));
 
 	/* must have CREATE privilege on namespace */
 	aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, get_namespace_name(namespaceOid));
+		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					   get_namespace_name(namespaceOid));
 
 	/* rename */
 	namestrcpy(&(((Form_pg_proc) GETSTRUCT(tup))->proname), newname);

src/backend/commands/alter.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/alter.c,v 1.3 2003/07/22 19:00:07 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/alter.c,v 1.4 2003/08/01 00:15:19 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -102,7 +102,7 @@ ExecRenameStmt(RenameStmt *stmt)
 													  GetUserId(),
 													  ACL_CREATE);
 					if (aclresult != ACLCHECK_OK)
-						aclcheck_error(aclresult,
+						aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
 									   get_namespace_name(namespaceId));
 
 					renamerel(relid, stmt->newname);

src/backend/commands/cluster.c

@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/cluster.c,v 1.111 2003/07/20 21:56:32 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/cluster.c,v 1.112 2003/08/01 00:15:19 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -69,7 +69,6 @@ static void copy_heap_data(Oid OIDNewHeap, Oid OIDOldHeap, Oid OIDOldIndex);
 static List *get_indexattr_list(Relation OldHeap, Oid OldIndex);
 static void rebuild_indexes(Oid OIDOldHeap, List *indexes);
 static void swap_relfilenodes(Oid r1, Oid r2);
-static bool check_cluster_permitted(Oid relOid);
 static List *get_tables_to_cluster(MemoryContext cluster_context);
 
 
@@ -115,10 +114,9 @@ cluster(ClusterStmt *stmt)
 		tableOid = RelationGetRelid(rel);
 
 		/* Check permissions */
-		if (!check_cluster_permitted(tableOid))
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg("permission denied")));
+		if (!pg_class_ownercheck(tableOid, GetUserId()))
+			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+						   RelationGetRelationName(rel));
 
 		if (stmt->indexname == NULL)
 		{
@@ -279,7 +277,7 @@ cluster_rel(RelToCluster *rvtc, bool recheck)
 			return;
 
 		/* Check that the user still owns the relation */
-		if (!check_cluster_permitted(rvtc->tableOid))
+		if (!pg_class_ownercheck(rvtc->tableOid, GetUserId()))
 			return;
 
 		/*
@@ -850,17 +848,6 @@ swap_relfilenodes(Oid r1, Oid r2)
 	heap_close(relRelation, RowExclusiveLock);
 }
 
-/*
- * Checks if the user is allowed to cluster (ie, owns) the relation.
- * Superusers are allowed to cluster any table.
- */
-static bool
-check_cluster_permitted(Oid relOid)
-{
-	/* Superusers bypass this check */
-	return pg_class_ownercheck(relOid, GetUserId());
-}
-
 /*
  * Get a list of tables that the current user owns and
  * have indisclustered set.  Return the list in a List * of rvsToCluster
@@ -894,7 +881,8 @@ get_tables_to_cluster(MemoryContext cluster_context)
 	while ((indexTuple = heap_getnext(scan, ForwardScanDirection)) != NULL)
 	{
 		index = (Form_pg_index) GETSTRUCT(indexTuple);
-		if (!check_cluster_permitted(index->indrelid))
+
+		if (!pg_class_ownercheck(index->indrelid, GetUserId()))
 			continue;
 
 		/*