Bring syntax of role-related commands into SQL compliance. To avoid

syntactic conflicts, both privilege and role GRANT/REVOKE commands have
to use the same production for scanning the list of tokens that might
eventually turn out to be privileges or role names.  So, change the
existing GRANT/REVOKE code to expect a list of strings not pre-reduced
AclMode values.  Fix a couple other minor issues while at it, such as
InitializeAcl function name conflicting with a Windows system function.

Author: tglsfdc

src/backend/catalog/aclchk.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.113 2005/06/28 05:08:52 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.114 2005/06/28 19:51:21 tgl Exp $
  *
  * NOTES
  *	  See acl.h.
@@ -47,6 +47,7 @@ static void ExecuteGrantStmt_Language(GrantStmt *stmt);
 static void ExecuteGrantStmt_Namespace(GrantStmt *stmt);
 static void ExecuteGrantStmt_Tablespace(GrantStmt *stmt);
 
+static AclMode string_to_privilege(const char *privname);
 static const char *privilege_to_string(AclMode privilege);
 
 
@@ -209,7 +210,7 @@ ExecuteGrantStmt_Relation(GrantStmt *stmt)
 	bool		all_privs;
 	ListCell   *i;
 
-	if (linitial_int(stmt->privileges) == ACL_ALL_RIGHTS)
+	if (stmt->privileges == NIL)
 	{
 		all_privs = true;
 		privileges = ACL_ALL_RIGHTS_RELATION;
@@ -220,7 +221,8 @@ ExecuteGrantStmt_Relation(GrantStmt *stmt)
 		privileges = ACL_NO_RIGHTS;
 		foreach(i, stmt->privileges)
 		{
-			AclMode		priv = lfirst_int(i);
+			char	   *privname = strVal(lfirst(i));
+			AclMode		priv = string_to_privilege(privname);
 
 			if (priv & ~((AclMode) ACL_ALL_RIGHTS_RELATION))
 				ereport(ERROR,
@@ -377,7 +379,7 @@ ExecuteGrantStmt_Database(GrantStmt *stmt)
 	bool		all_privs;
 	ListCell   *i;
 
-	if (linitial_int(stmt->privileges) == ACL_ALL_RIGHTS)
+	if (stmt->privileges == NIL)
 	{
 		all_privs = true;
 		privileges = ACL_ALL_RIGHTS_DATABASE;
@@ -388,7 +390,8 @@ ExecuteGrantStmt_Database(GrantStmt *stmt)
 		privileges = ACL_NO_RIGHTS;
 		foreach(i, stmt->privileges)
 		{
-			AclMode		priv = lfirst_int(i);
+			char	   *privname = strVal(lfirst(i));
+			AclMode		priv = string_to_privilege(privname);
 
 			if (priv & ~((AclMode) ACL_ALL_RIGHTS_DATABASE))
 				ereport(ERROR,
@@ -535,7 +538,7 @@ ExecuteGrantStmt_Function(GrantStmt *stmt)
 	bool		all_privs;
 	ListCell   *i;
 
-	if (linitial_int(stmt->privileges) == ACL_ALL_RIGHTS)
+	if (stmt->privileges == NIL)
 	{
 		all_privs = true;
 		privileges = ACL_ALL_RIGHTS_FUNCTION;
@@ -546,7 +549,8 @@ ExecuteGrantStmt_Function(GrantStmt *stmt)
 		privileges = ACL_NO_RIGHTS;
 		foreach(i, stmt->privileges)
 		{
-			AclMode		priv = lfirst_int(i);
+			char	   *privname = strVal(lfirst(i));
+			AclMode		priv = string_to_privilege(privname);
 
 			if (priv & ~((AclMode) ACL_ALL_RIGHTS_FUNCTION))
 				ereport(ERROR,
@@ -689,7 +693,7 @@ ExecuteGrantStmt_Language(GrantStmt *stmt)
 	bool		all_privs;
 	ListCell   *i;
 
-	if (linitial_int(stmt->privileges) == ACL_ALL_RIGHTS)
+	if (stmt->privileges == NIL)
 	{
 		all_privs = true;
 		privileges = ACL_ALL_RIGHTS_LANGUAGE;
@@ -700,7 +704,8 @@ ExecuteGrantStmt_Language(GrantStmt *stmt)
 		privileges = ACL_NO_RIGHTS;
 		foreach(i, stmt->privileges)
 		{
-			AclMode		priv = lfirst_int(i);
+			char	   *privname = strVal(lfirst(i));
+			AclMode		priv = string_to_privilege(privname);
 
 			if (priv & ~((AclMode) ACL_ALL_RIGHTS_LANGUAGE))
 				ereport(ERROR,
@@ -852,7 +857,7 @@ ExecuteGrantStmt_Namespace(GrantStmt *stmt)
 	bool		all_privs;
 	ListCell   *i;
 
-	if (linitial_int(stmt->privileges) == ACL_ALL_RIGHTS)
+	if (stmt->privileges == NIL)
 	{
 		all_privs = true;
 		privileges = ACL_ALL_RIGHTS_NAMESPACE;
@@ -863,7 +868,8 @@ ExecuteGrantStmt_Namespace(GrantStmt *stmt)
 		privileges = ACL_NO_RIGHTS;
 		foreach(i, stmt->privileges)
 		{
-			AclMode		priv = lfirst_int(i);
+			char	   *privname = strVal(lfirst(i));
+			AclMode		priv = string_to_privilege(privname);
 
 			if (priv & ~((AclMode) ACL_ALL_RIGHTS_NAMESPACE))
 				ereport(ERROR,
@@ -1006,7 +1012,7 @@ ExecuteGrantStmt_Tablespace(GrantStmt *stmt)
 	bool		all_privs;
 	ListCell   *i;
 
-	if (linitial_int(stmt->privileges) == ACL_ALL_RIGHTS)
+	if (stmt->privileges == NIL)
 	{
 		all_privs = true;
 		privileges = ACL_ALL_RIGHTS_TABLESPACE;
@@ -1017,7 +1023,8 @@ ExecuteGrantStmt_Tablespace(GrantStmt *stmt)
 		privileges = ACL_NO_RIGHTS;
 		foreach(i, stmt->privileges)
 		{
-			AclMode		priv = lfirst_int(i);
+			char	   *privname = strVal(lfirst(i));
+			AclMode		priv = string_to_privilege(privname);
 
 			if (priv & ~((AclMode) ACL_ALL_RIGHTS_TABLESPACE))
 				ereport(ERROR,
@@ -1157,6 +1164,39 @@ ExecuteGrantStmt_Tablespace(GrantStmt *stmt)
 }
 
 
+static AclMode
+string_to_privilege(const char *privname)
+{
+	if (strcmp(privname, "insert") == 0)
+		return ACL_INSERT;
+	if (strcmp(privname, "select") == 0)
+		return ACL_SELECT;
+	if (strcmp(privname, "update") == 0)
+		return ACL_UPDATE;
+	if (strcmp(privname, "delete") == 0)
+		return ACL_DELETE;
+	if (strcmp(privname, "rule") == 0)
+		return ACL_RULE;
+	if (strcmp(privname, "references") == 0)
+		return ACL_REFERENCES;
+	if (strcmp(privname, "trigger") == 0)
+		return ACL_TRIGGER;
+	if (strcmp(privname, "execute") == 0)
+		return ACL_EXECUTE;
+	if (strcmp(privname, "usage") == 0)
+		return ACL_USAGE;
+	if (strcmp(privname, "create") == 0)
+		return ACL_CREATE;
+	if (strcmp(privname, "temporary") == 0)
+		return ACL_CREATE_TEMP;
+	if (strcmp(privname, "temp") == 0)
+		return ACL_CREATE_TEMP;
+	ereport(ERROR,
+			(errcode(ERRCODE_SYNTAX_ERROR),
+			 errmsg("unrecognized privilege type \"%s\"", privname)));
+	return 0;					/* appease compiler */
+}
+
 static const char *
 privilege_to_string(AclMode privilege)
 {

src/backend/catalog/pg_proc.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/catalog/pg_proc.c,v 1.130 2005/06/28 05:08:52 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/catalog/pg_proc.c,v 1.131 2005/06/28 19:51:21 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -266,7 +266,7 @@ ProcedureCreate(const char *procedureName,
 					(errcode(ERRCODE_DUPLICATE_FUNCTION),
 					 errmsg("function \"%s\" already exists with same argument types",
 							procedureName)));
-		if (GetUserId() != oldproc->proowner && !superuser())
+		if (!pg_proc_ownercheck(HeapTupleGetOid(oldtup), GetUserId()))
 			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
 						   procedureName);
 

src/backend/commands/user.c

@@ -6,7 +6,7 @@
  * Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.152 2005/06/28 05:08:55 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.153 2005/06/28 19:51:22 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -61,16 +61,17 @@ CreateRole(CreateRoleStmt *stmt)
 	bool		createrole = false;		/* Can this user create roles? */
 	bool		createdb = false;		/* Can the user create databases? */
 	bool		canlogin = false;		/* Can this user login? */
-	List	   *roleElts = NIL;			/* roles the user is a member of */
-	List	   *rolememElts = NIL;	/* roles which will be members of this role */
-	char	   *validUntil = NULL;		/* The time the login is valid
-										 * until */
+	List	   *addroleto = NIL;		/* roles to make this a member of */
+	List	   *rolemembers = NIL;		/* roles to be members of this role */
+	List	   *adminmembers = NIL;		/* roles to be admins of this role */
+	char	   *validUntil = NULL;		/* time the login is valid until */
 	DefElem    *dpassword = NULL;
 	DefElem    *dcreatedb = NULL;
 	DefElem    *dcreaterole = NULL;
 	DefElem    *dcanlogin = NULL;
-	DefElem    *droleElts = NULL;
-	DefElem    *drolememElts = NULL;
+	DefElem    *daddroleto = NULL;
+	DefElem    *drolemembers = NULL;
+	DefElem    *dadminmembers = NULL;
 	DefElem    *dvalidUntil = NULL;
 
 	/* Extract options from the statement node tree */
@@ -121,21 +122,29 @@ CreateRole(CreateRoleStmt *stmt)
 						 errmsg("conflicting or redundant options")));
 			dcanlogin = defel;
 		}
-		else if (strcmp(defel->defname, "roleElts") == 0)
+		else if (strcmp(defel->defname, "addroleto") == 0)
 		{
-			if (droleElts)
+			if (daddroleto)
 				ereport(ERROR,
 						(errcode(ERRCODE_SYNTAX_ERROR),
 						 errmsg("conflicting or redundant options")));
-			droleElts = defel;
+			daddroleto = defel;
 		}
-		else if (strcmp(defel->defname, "rolememElts") == 0)
+		else if (strcmp(defel->defname, "rolemembers") == 0)
 		{
-			if (drolememElts)
+			if (drolemembers)
 				ereport(ERROR,
 						(errcode(ERRCODE_SYNTAX_ERROR),
 						 errmsg("conflicting or redundant options")));
-			drolememElts = defel;
+			drolemembers = defel;
+		}
+		else if (strcmp(defel->defname, "adminmembers") == 0)
+		{
+			if (dadminmembers)
+				ereport(ERROR,
+						(errcode(ERRCODE_SYNTAX_ERROR),
+						 errmsg("conflicting or redundant options")));
+			dadminmembers = defel;
 		}
 		else if (strcmp(defel->defname, "validUntil") == 0)
 		{
@@ -164,10 +173,12 @@ CreateRole(CreateRoleStmt *stmt)
 		validUntil = strVal(dvalidUntil->arg);
 	if (dpassword)
 		password = strVal(dpassword->arg);
-	if (droleElts)
-		roleElts = (List *) droleElts->arg;
-	if (drolememElts)
-		rolememElts = (List *) drolememElts->arg;
+	if (daddroleto)
+		addroleto = (List *) daddroleto->arg;
+	if (drolemembers)
+		rolemembers = (List *) drolemembers->arg;
+	if (dadminmembers)
+		adminmembers = (List *) dadminmembers->arg;
 
 	/* Check some permissions first */
 	if (!superuser())
@@ -257,7 +268,7 @@ CreateRole(CreateRoleStmt *stmt)
 	/*
 	 * Add the new role to the specified existing roles.
 	 */
-	foreach(item, roleElts)
+	foreach(item, addroleto)
 	{
 		char   *oldrolename = strVal(lfirst(item));
 		Oid		oldroleid = get_roleid_checked(oldrolename);
@@ -269,10 +280,14 @@ CreateRole(CreateRoleStmt *stmt)
 	}
 
 	/*
-	 * Add the specified members to this new role.
+	 * Add the specified members to this new role. adminmembers get the
+	 * admin option, rolemembers don't.
 	 */
 	AddRoleMems(stmt->role, roleid,
-				rolememElts, roleNamesToIds(rolememElts),
+				adminmembers, roleNamesToIds(adminmembers),
+				GetUserId(), true);
+	AddRoleMems(stmt->role, roleid,
+				rolemembers, roleNamesToIds(rolemembers),
 				GetUserId(), false);
 
 	/*
@@ -309,17 +324,14 @@ AlterRole(AlterRoleStmt *stmt)
 	int			createrole = -1;		/* Can this user create roles? */
 	int			createdb = -1;			/* Can the user create databases? */
 	int			canlogin = -1;			/* Can this user login? */
-	int			adminopt = 0;	/* Can this user grant this role to others? */
-	List	   *rolememElts = NIL;	/* The roles which will be added/removed to this role */
-	char	   *validUntil = NULL;		/* The time the login is valid
-										 * until */
+	List	   *rolemembers = NIL;		/* roles to be added/removed */
+	char	   *validUntil = NULL;		/* time the login is valid until */
 	DefElem    *dpassword = NULL;
 	DefElem    *dcreatedb = NULL;
 	DefElem    *dcreaterole = NULL;
 	DefElem    *dcanlogin = NULL;
-	DefElem    *dadminopt = NULL;
 	DefElem    *dvalidUntil = NULL;
-	DefElem    *drolememElts = NULL;
+	DefElem    *drolemembers = NULL;
 	Oid			roleid;
 
 	/* Extract options from the statement node tree */
@@ -365,14 +377,6 @@ AlterRole(AlterRoleStmt *stmt)
 						 errmsg("conflicting or redundant options")));
 			dcanlogin = defel;
 		}
-		else if (strcmp(defel->defname, "adminopt") == 0)
-		{
-			if (dadminopt)
-				ereport(ERROR,
-						(errcode(ERRCODE_SYNTAX_ERROR),
-						 errmsg("conflicting or redundant options")));
-			dadminopt = defel;
-		}
 		else if (strcmp(defel->defname, "validUntil") == 0)
 		{
 			if (dvalidUntil)
@@ -381,13 +385,14 @@ AlterRole(AlterRoleStmt *stmt)
 						 errmsg("conflicting or redundant options")));
 			dvalidUntil = defel;
 		}
-		else if (strcmp(defel->defname, "rolememElts") == 0 && stmt->action != 0)
+		else if (strcmp(defel->defname, "rolemembers") == 0 &&
+				 stmt->action != 0)
 		{
-			if (drolememElts)
+			if (drolemembers)
 				ereport(ERROR,
 						(errcode(ERRCODE_SYNTAX_ERROR),
 						 errmsg("conflicting or redundant options")));
-			drolememElts = defel;
+			drolemembers = defel;
 		}
 		else
 			elog(ERROR, "option \"%s\" not recognized",
@@ -404,14 +409,12 @@ AlterRole(AlterRoleStmt *stmt)
 	}
 	if (dcanlogin)
 		canlogin = intVal(dcanlogin->arg);
-	if (dadminopt)
-		adminopt = intVal(dadminopt->arg);
 	if (dvalidUntil)
 		validUntil = strVal(dvalidUntil->arg);
 	if (dpassword)
 		password = strVal(dpassword->arg);
-	if (drolememElts)
-		rolememElts = (List *) drolememElts->arg;
+	if (drolemembers)
+		rolemembers = (List *) drolemembers->arg;
 
 	/* must be superuser or just want to change your own password */
 	if (!superuser() &&
@@ -420,8 +423,7 @@ AlterRole(AlterRoleStmt *stmt)
 		  createdb < 0 &&
 		  canlogin < 0 &&
 		  !validUntil &&
-		  !rolememElts &&
-		  !adminopt &&
+		  !rolemembers &&
 		  password &&
 		  strcmp(GetUserNameFromId(GetUserId()), stmt->role) == 0))
 		ereport(ERROR,
@@ -537,12 +539,12 @@ AlterRole(AlterRoleStmt *stmt)
 
 	if (stmt->action == +1)		/* add members to role */
 		AddRoleMems(stmt->role, roleid,
-					rolememElts, roleNamesToIds(rolememElts),
-					GetUserId(), adminopt);
+					rolemembers, roleNamesToIds(rolemembers),
+					GetUserId(), false);
 	else if (stmt->action == -1)	/* drop members from role */
 		DelRoleMems(stmt->role, roleid,
-					rolememElts, roleNamesToIds(rolememElts),
-					adminopt);
+					rolemembers, roleNamesToIds(rolemembers),
+					false);
 
 	/*
 	 * Set flag to update flat auth file at commit.