Add is_superuser parameter reporting, soon to be used by psql.

Author: tglsfdc

doc/src/sgml/libpq.sgml

@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/libpq.sgml,v 1.126 2003/06/22 00:29:29 tgl Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/libpq.sgml,v 1.127 2003/06/27 19:08:37 tgl Exp $
 -->
 
  <chapter id="libpq">
@@ -812,7 +812,8 @@ is not known.
 Parameters reported as of the current release include
 <literal>server_version</> (cannot change after startup);
 <literal>server_encoding</> (also not presently changeable after start);
-<literal>client_encoding</>, and
+<literal>client_encoding</>,
+<literal>is_superuser</>, and
 <literal>DateStyle</>.
 </para>
 

doc/src/sgml/protocol.sgml

@@ -1,4 +1,4 @@
-<!-- $Header: /cvsroot/pgsql/doc/src/sgml/protocol.sgml,v 1.38 2003/05/08 14:35:24 tgl Exp $ -->
+<!-- $Header: /cvsroot/pgsql/doc/src/sgml/protocol.sgml,v 1.39 2003/06/27 19:08:37 tgl Exp $ -->
 
 <chapter id="protocol">
  <title>Frontend/Backend Protocol</title>
@@ -998,7 +998,8 @@
     <literal>server_version</> (a pseudo-parameter that cannot change after
     startup);
     <literal>server_encoding</> (also not presently changeable after start);
-    <literal>client_encoding</>, and
+    <literal>client_encoding</>,
+    <literal>is_superuser</>, and
     <literal>DateStyle</>.
     This set might change in the future, or even become configurable.
     Accordingly, a frontend should simply ignore ParameterStatus for

doc/src/sgml/ref/show.sgml

@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/ref/show.sgml,v 1.27 2003/05/14 03:26:00 tgl Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/ref/show.sgml,v 1.28 2003/06/27 19:08:37 tgl Exp $
 PostgreSQL documentation
 -->
 
@@ -97,6 +97,16 @@ SHOW ALL
          </para>
         </listitem>
        </varlistentry>
+
+       <varlistentry>
+        <term><literal>IS_SUPERUSER</literal></term>
+        <listitem>
+         <para>
+          True if the current session authorization identifier has
+	  superuser privileges.
+         </para>
+        </listitem>
+       </varlistentry>
       </variablelist>
      </para>
     </listitem>

src/backend/commands/variable.c

@@ -9,7 +9,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.78 2003/06/06 16:25:35 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.79 2003/06/27 19:08:37 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -721,25 +721,29 @@ assign_client_encoding(const char *value, bool doit, bool interactive)
  * When resetting session auth after an error, we can't expect to do catalog
  * lookups.  Hence, the stored form of the value must provide a numeric userid
  * that can be re-used directly.  We store the string in the form of
- * NAMEDATALEN 'x's followed by the numeric userid --- this cannot conflict
- * with any valid user name, because of the NAMEDATALEN limit on names.
+ * NAMEDATALEN 'x's, followed by T or F to indicate superuserness, followed
+ * by the numeric userid --- this cannot conflict with any valid user name,
+ * because of the NAMEDATALEN limit on names.
  */
 const char *
 assign_session_authorization(const char *value, bool doit, bool interactive)
 {
 	AclId		usesysid = 0;
+	bool		is_superuser = false;
 	char	   *result;
 
-	if (strspn(value, "x") == NAMEDATALEN)
+	if (strspn(value, "x") == NAMEDATALEN &&
+		(value[NAMEDATALEN] == 'T' || value[NAMEDATALEN] == 'F'))
 	{
 		/* might be a saved numeric userid */
 		char	   *endptr;
 
-		usesysid = (AclId) strtoul(value + NAMEDATALEN, &endptr, 10);
+		usesysid = (AclId) strtoul(value + NAMEDATALEN + 1, &endptr, 10);
 
-		if (endptr != value + NAMEDATALEN && *endptr == '\0')
+		if (endptr != value + NAMEDATALEN + 1 && *endptr == '\0')
 		{
-			/* syntactically valid, so use the numeric user ID */
+			/* syntactically valid, so use the numeric user ID and flag */
+			is_superuser = (value[NAMEDATALEN] == 'T');
 		}
 		else
 			usesysid = 0;
@@ -771,20 +775,23 @@ assign_session_authorization(const char *value, bool doit, bool interactive)
 		}
 
 		usesysid = ((Form_pg_shadow) GETSTRUCT(userTup))->usesysid;
-
+		is_superuser = ((Form_pg_shadow) GETSTRUCT(userTup))->usesuper;
+		
 		ReleaseSysCache(userTup);
 	}
 
 	if (doit)
-		SetSessionAuthorization(usesysid);
+		SetSessionAuthorization(usesysid, is_superuser);
 
 	result = (char *) malloc(NAMEDATALEN + 32);
 	if (!result)
 		return NULL;
 
 	memset(result, 'x', NAMEDATALEN);
 
-	snprintf(result + NAMEDATALEN, 32, "%lu", (unsigned long) usesysid);
+	snprintf(result + NAMEDATALEN, 32, "%c%lu",
+			 is_superuser ? 'T' : 'F',
+			 (unsigned long) usesysid);
 
 	return result;
 }

src/backend/utils/init/miscinit.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.103 2003/06/27 14:45:30 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.104 2003/06/27 19:08:37 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -553,9 +553,12 @@ InitializeSessionUserId(const char *username)
 
 	SetSessionUserId(usesysid); /* sets CurrentUserId too */
 
-	/* Record username as a config option too */
+	/* Record username and superuser status as GUC settings too */
 	SetConfigOption("session_authorization", username,
 					PGC_BACKEND, PGC_S_OVERRIDE);
+	SetConfigOption("is_superuser",
+					AuthenticatedUserIsSuperuser ? "on" : "off",
+					PGC_INTERNAL, PGC_S_OVERRIDE);
 
 	/*
 	 * Set up user-specific configuration variables.  This is a good place
@@ -594,10 +597,13 @@ InitializeSessionUserIdStandalone(void)
 /*
  * Change session auth ID while running
  *
- * Only a superuser may set auth ID to something other than himself.
+ * Only a superuser may set auth ID to something other than himself.  Note
+ * that in case of multiple SETs in a single session, the original userid's
+ * superuserness is what matters.  But we set the GUC variable is_superuser
+ * to indicate whether the *current* session userid is a superuser.
  */
 void
-SetSessionAuthorization(AclId userid)
+SetSessionAuthorization(AclId userid, bool is_superuser)
 {
 	/* Must have authenticated already, else can't make permission check */
 	AssertState(AclIdIsValid(AuthenticatedUserId));
@@ -608,6 +614,10 @@ SetSessionAuthorization(AclId userid)
 
 	SetSessionUserId(userid);
 	SetUserId(userid);
+
+	SetConfigOption("is_superuser",
+					is_superuser ? "on" : "off",
+					PGC_INTERNAL, PGC_S_OVERRIDE);
 }
 
 

src/backend/utils/misc/check_guc

@@ -16,9 +16,12 @@
 ## if an option is valid but shows up in only one file (guc.c but not
 ## postgresql.conf.sample), it should be listed here so that it 
 ## can be ignored
-INTENTIONALLY_NOT_INCLUDED="pre_auth_delay lc_messages lc_monetary \
-lc_numeric lc_time seed server_encoding session_authorization \
-transaction_isolation transaction_read_only zero_damaged_pages"
+INTENTIONALLY_NOT_INCLUDED="autocommit debug_deadlocks exit_on_error \
+is_superuser lc_collate lc_ctype lc_messages lc_monetary lc_numeric lc_time \
+pre_auth_delay seed server_encoding server_version session_authorization \
+trace_lock_oidmin trace_lock_table trace_locks trace_lwlocks trace_notify \
+trace_userlocks transaction_isolation transaction_read_only \
+zero_damaged_pages"
 
 ### What options are listed in postgresql.conf.sample, but don't appear 
 ### in guc.c?

src/backend/utils/misc/guc.c

@@ -10,7 +10,7 @@
  * Written by Peter Eisentraut <peter_e@gmx.net>.
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.131 2003/06/11 22:13:22 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.132 2003/06/27 19:08:38 tgl Exp $
  *
  *--------------------------------------------------------------------
  */
@@ -138,6 +138,7 @@ static char *log_min_error_statement_str;
 static char *log_min_messages_str;
 static char *client_min_messages_str;
 static bool phony_autocommit;
+static bool session_auth_is_superuser;
 static double phony_random_seed;
 static char *client_encoding_string;
 static char *datestyle_string;
@@ -361,6 +362,13 @@ static struct config_bool
 		true, NULL, NULL
 	},
 
+	/* Not for general use --- used by SET SESSION AUTHORIZATION */
+	{
+		{"is_superuser", PGC_INTERNAL, GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL},
+		&session_auth_is_superuser,
+		false, NULL, NULL
+	},
+
 	{
 		{"tcpip_socket", PGC_POSTMASTER}, &NetServer,
 		false, NULL, NULL
@@ -894,6 +902,7 @@ static struct config_string
 		"SQL_ASCII", NULL, NULL
 	},
 
+	/* Can't be set in postgresql.conf */
 	{
 		{"server_version", PGC_INTERNAL, GUC_REPORT},
 		&server_version_string,

src/include/miscadmin.h

@@ -12,7 +12,7 @@
  * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $Id: miscadmin.h,v 1.124 2003/06/27 14:45:31 petere Exp $
+ * $Id: miscadmin.h,v 1.125 2003/06/27 19:08:38 tgl Exp $
  *
  * NOTES
  *	  some of the information in this file should be moved to
@@ -208,7 +208,7 @@ extern AclId GetSessionUserId(void);
 extern void SetSessionUserId(AclId userid);
 extern void InitializeSessionUserId(const char *username);
 extern void InitializeSessionUserIdStandalone(void);
-extern void SetSessionAuthorization(AclId userid);
+extern void SetSessionAuthorization(AclId userid, bool is_superuser);
 
 extern void SetDataDir(const char *dir);