Permissions were not checked correctly when one view invokes another.

tglsfdc · tglsfdc · commit f2122d092ffa · 2001-05-03T17:47:49.000Z
Per bug report from Lieven Van Acker, 5/2/01.
diff --git a/src/backend/rewrite/rewriteHandler.c b/src/backend/rewrite/rewriteHandler.c
@@ -7,7 +7,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteHandler.c,v 1.92 2001/04/17 00:32:58 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteHandler.c,v 1.93 2001/05/03 17:47:49 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -309,9 +309,11 @@ ApplyRetrieveRule(Query *parsetree,
 	Assert(subrte->relid == relation->rd_id);
 	subrte->checkForRead = rte->checkForRead;
 	subrte->checkForWrite = rte->checkForWrite;
+	subrte->checkAsUser = rte->checkAsUser;
 
 	rte->checkForRead = false;	/* no permission check on subquery itself */
 	rte->checkForWrite = false;
+	rte->checkAsUser = InvalidOid;
 
 	/*
 	 * FOR UPDATE of view?

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@`
`7`	`7`	`*`
`8`	`8`	`*`
`9`	`9`	`* IDENTIFICATION`
`10`		`- * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteHandler.c,v 1.92 2001/04/17 00:32:58 tgl Exp $`
	`10`	`+ * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteHandler.c,v 1.93 2001/05/03 17:47:49 tgl Exp $`
`11`	`11`	`*`
`12`	`12`	`*-------------------------------------------------------------------------`
`13`	`13`	`*/`
`@@ -309,9 +309,11 @@ ApplyRetrieveRule(Query *parsetree,`
`309`	`309`	`Assert(subrte->relid == relation->rd_id);`
`310`	`310`	`subrte->checkForRead = rte->checkForRead;`
`311`	`311`	`subrte->checkForWrite = rte->checkForWrite;`
	`312`	`+ subrte->checkAsUser = rte->checkAsUser;`
`312`	`313`
`313`	`314`	`rte->checkForRead = false; /* no permission check on subquery itself */`
`314`	`315`	`rte->checkForWrite = false;`
	`316`	`+ rte->checkAsUser = InvalidOid;`
`315`	`317`
`316`	`318`	`/*`
`317`	`319`	`* FOR UPDATE of view?`