Accept SET SESSION AUTHORIZATION DEFAULT and RESET SESSION AUTHORIZATION

to reset session userid to the originally-authenticated name.  Also,
relax SET SESSION AUTHORIZATION to allow specifying one's own username
even if one is not superuser, so as to avoid unnecessary error messages
when loading a pg_dump file that uses this command.  Per discussion from
several months ago.
This commit is contained in:
Tom Lane 2002-05-06 19:47:30 +00:00
parent 15162aef24
commit 2822788993
4 changed files with 88 additions and 27 deletions

View File

@ -1,4 +1,4 @@
<!-- $Header: /cvsroot/pgsql/doc/src/sgml/ref/set_session_auth.sgml,v 1.4 2002/01/20 22:19:57 petere Exp $ --> <!-- $Header: /cvsroot/pgsql/doc/src/sgml/ref/set_session_auth.sgml,v 1.5 2002/05/06 19:47:30 tgl Exp $ -->
<refentry id="SQL-SET-SESSION-AUTHORIZATION"> <refentry id="SQL-SET-SESSION-AUTHORIZATION">
<docinfo> <docinfo>
<date>2001-04-21</date> <date>2001-04-21</date>
@ -16,7 +16,9 @@
<refsynopsisdiv> <refsynopsisdiv>
<synopsis> <synopsis>
SET SESSION AUTHORIZATION '<parameter>username</parameter>' SET SESSION AUTHORIZATION <parameter>username</parameter>
SET SESSION AUTHORIZATION DEFAULT
RESET SESSION AUTHORIZATION
</synopsis> </synopsis>
</refsynopsisdiv> </refsynopsisdiv>
@ -26,7 +28,11 @@ SET SESSION AUTHORIZATION '<parameter>username</parameter>'
<para> <para>
This command sets the session user identifier and the current user This command sets the session user identifier and the current user
identifier of the current SQL-session context to be identifier of the current SQL-session context to be
<parameter>username</parameter>. <parameter>username</parameter>. The user name may be written as
either an identifier or a string literal.
The session user identifier is valid for the duration of a
connection; for example, it is possible to temporarily become an
unprivileged user and later switch back to become a superuser.
</para> </para>
<para> <para>
@ -39,12 +45,18 @@ SET SESSION AUTHORIZATION '<parameter>username</parameter>'
</para> </para>
<para> <para>
Execution of this command is only permitted if the initial session The session user identifier may be changed only if the initial session
user (the <firstterm>authenticated user</firstterm>) had the user (the <firstterm>authenticated user</firstterm>) had the
superuser privilege. This permission is kept for the duration of a superuser privilege. Otherwise, the command is accepted only if it
connection; for example, it is possible to temporarily become an specifies the authenticated username.
unprivileged user and later switch back to become a superuser.
</para> </para>
<para>
The <literal>DEFAULT</> and <literal>RESET</> forms reset the session
and current user identifiers to be the originally authenticated user
name. These forms are always accepted.
</para>
</refsect1> </refsect1>
<refsect1> <refsect1>

View File

@ -9,7 +9,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.65 2002/04/22 15:13:53 thomas Exp $ * $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.66 2002/05/06 19:47:30 tgl Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -815,6 +815,15 @@ reset_server_encoding(void)
} }
static bool
show_session_authorization(void)
{
elog(INFO, "Current session authorization is '%s'",
GetUserName(GetSessionUserId()));
return TRUE;
}
/* SetPGVariable() /* SetPGVariable()
* Dispatcher for handling SET commands. * Dispatcher for handling SET commands.
@ -902,6 +911,8 @@ GetPGVariable(const char *name)
show_server_encoding(); show_server_encoding();
else if (strcasecmp(name, "seed") == 0) else if (strcasecmp(name, "seed") == 0)
show_random_seed(); show_random_seed();
else if (strcasecmp(name, "session_authorization") == 0)
show_session_authorization();
else if (strcasecmp(name, "all") == 0) else if (strcasecmp(name, "all") == 0)
{ {
ShowAllGUCConfig(); ShowAllGUCConfig();
@ -935,6 +946,8 @@ ResetPGVariable(const char *name)
reset_server_encoding(); reset_server_encoding();
else if (strcasecmp(name, "seed") == 0) else if (strcasecmp(name, "seed") == 0)
reset_random_seed(); reset_random_seed();
else if (strcasecmp(name, "session_authorization") == 0)
SetSessionAuthorization(NULL);
else if (strcasecmp(name, "all") == 0) else if (strcasecmp(name, "all") == 0)
{ {
reset_random_seed(); reset_random_seed();
@ -942,6 +955,7 @@ ResetPGVariable(const char *name)
reset_client_encoding(); reset_client_encoding();
reset_datestyle(); reset_datestyle();
reset_timezone(); reset_timezone();
/* should we reset session authorization here? */
ResetAllOptions(false); ResetAllOptions(false);
} }

View File

@ -11,7 +11,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.312 2002/05/03 00:32:16 tgl Exp $ * $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.313 2002/05/06 19:47:30 tgl Exp $
* *
* HISTORY * HISTORY
* AUTHOR DATE MAJOR EVENT * AUTHOR DATE MAJOR EVENT
@ -281,7 +281,7 @@ static void doNegateFloat(Value *v);
%type <ival> Iconst %type <ival> Iconst
%type <str> Sconst, comment_text %type <str> Sconst, comment_text
%type <str> UserId, opt_boolean, ColId_or_Sconst %type <str> UserId, opt_boolean, ColId_or_Sconst
%type <list> var_list %type <list> var_list, var_list_or_default
%type <str> ColId, ColLabel, type_name %type <str> ColId, ColLabel, type_name
%type <node> var_value, zone_value %type <node> var_value, zone_value
@ -833,14 +833,14 @@ schema_stmt: CreateStmt
* *
*****************************************************************************/ *****************************************************************************/
VariableSetStmt: SET ColId TO var_list VariableSetStmt: SET ColId TO var_list_or_default
{ {
VariableSetStmt *n = makeNode(VariableSetStmt); VariableSetStmt *n = makeNode(VariableSetStmt);
n->name = $2; n->name = $2;
n->args = $4; n->args = $4;
$$ = (Node *) n; $$ = (Node *) n;
} }
| SET ColId '=' var_list | SET ColId '=' var_list_or_default
{ {
VariableSetStmt *n = makeNode(VariableSetStmt); VariableSetStmt *n = makeNode(VariableSetStmt);
n->name = $2; n->name = $2;
@ -884,14 +884,25 @@ VariableSetStmt: SET ColId TO var_list
n->args = makeList1(makeStringConst($4, NULL)); n->args = makeList1(makeStringConst($4, NULL));
$$ = (Node *) n; $$ = (Node *) n;
} }
| SET SESSION AUTHORIZATION DEFAULT
{
VariableSetStmt *n = makeNode(VariableSetStmt);
n->name = "session_authorization";
n->args = NIL;
$$ = (Node *) n;
}
;
var_list_or_default: var_list
{ $$ = $1; }
| DEFAULT
{ $$ = NIL; }
; ;
var_list: var_value var_list: var_value
{ $$ = makeList1($1); } { $$ = makeList1($1); }
| var_list ',' var_value | var_list ',' var_value
{ $$ = lappend($1, $3); } { $$ = lappend($1, $3); }
| DEFAULT
{ $$ = NIL; }
; ;
var_value: opt_boolean var_value: opt_boolean
@ -1017,6 +1028,12 @@ VariableResetStmt: RESET ColId
n->name = "XactIsoLevel"; n->name = "XactIsoLevel";
$$ = (Node *) n; $$ = (Node *) n;
} }
| RESET SESSION AUTHORIZATION
{
VariableResetStmt *n = makeNode(VariableResetStmt);
n->name = "session_authorization";
$$ = (Node *) n;
}
| RESET ALL | RESET ALL
{ {
VariableResetStmt *n = makeNode(VariableResetStmt); VariableResetStmt *n = makeNode(VariableResetStmt);

View File

@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.89 2002/05/05 00:03:29 tgl Exp $ * $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.90 2002/05/06 19:47:30 tgl Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -529,15 +529,17 @@ GetCharSetByHost(char *TableName, int host, const char *DataDir)
/* ---------------------------------------------------------------- /* ----------------------------------------------------------------
* User ID things * User ID things
* *
* The session user is determined at connection start and never * The authenticated user is determined at connection start and never
* changes. The current user may change when "setuid" functions * changes. The session user can be changed only by SET SESSION
* AUTHORIZATION. The current user may change when "setuid" functions
* are implemented. Conceptually there is a stack, whose bottom * are implemented. Conceptually there is a stack, whose bottom
* is the session user. You are yourself responsible to save and * is the session user. You are yourself responsible to save and
* restore the current user id if you need to change it. * restore the current user id if you need to change it.
* ---------------------------------------------------------------- * ----------------------------------------------------------------
*/ */
static Oid CurrentUserId = InvalidOid; static Oid AuthenticatedUserId = InvalidOid;
static Oid SessionUserId = InvalidOid; static Oid SessionUserId = InvalidOid;
static Oid CurrentUserId = InvalidOid;
static bool AuthenticatedUserIsSuperuser = false; static bool AuthenticatedUserIsSuperuser = false;
@ -588,6 +590,7 @@ InitializeSessionUserId(const char *username)
HeapTuple userTup; HeapTuple userTup;
Datum datum; Datum datum;
bool isnull; bool isnull;
Oid usesysid;
/* /*
* Don't do scans if we're bootstrapping, none of the system catalogs * Don't do scans if we're bootstrapping, none of the system catalogs
@ -596,7 +599,7 @@ InitializeSessionUserId(const char *username)
AssertState(!IsBootstrapProcessingMode()); AssertState(!IsBootstrapProcessingMode());
/* call only once */ /* call only once */
AssertState(!OidIsValid(SessionUserId)); AssertState(!OidIsValid(AuthenticatedUserId));
userTup = SearchSysCache(SHADOWNAME, userTup = SearchSysCache(SHADOWNAME,
PointerGetDatum(username), PointerGetDatum(username),
@ -604,10 +607,14 @@ InitializeSessionUserId(const char *username)
if (!HeapTupleIsValid(userTup)) if (!HeapTupleIsValid(userTup))
elog(FATAL, "user \"%s\" does not exist", username); elog(FATAL, "user \"%s\" does not exist", username);
SetSessionUserId(((Form_pg_shadow) GETSTRUCT(userTup))->usesysid); usesysid = ((Form_pg_shadow) GETSTRUCT(userTup))->usesysid;
AuthenticatedUserId = usesysid;
AuthenticatedUserIsSuperuser = ((Form_pg_shadow) GETSTRUCT(userTup))->usesuper; AuthenticatedUserIsSuperuser = ((Form_pg_shadow) GETSTRUCT(userTup))->usesuper;
SetSessionUserId(usesysid); /* sets CurrentUserId too */
/* /*
* Set up user-specific configuration variables. This is a good * Set up user-specific configuration variables. This is a good
* place to do it so we don't have to read pg_shadow twice during * place to do it so we don't have to read pg_shadow twice during
@ -633,25 +640,36 @@ InitializeSessionUserIdStandalone(void)
AssertState(!IsUnderPostmaster); AssertState(!IsUnderPostmaster);
/* call only once */ /* call only once */
AssertState(!OidIsValid(SessionUserId)); AssertState(!OidIsValid(AuthenticatedUserId));
AuthenticatedUserId = BOOTSTRAP_USESYSID;
AuthenticatedUserIsSuperuser = true;
SetSessionUserId(BOOTSTRAP_USESYSID); SetSessionUserId(BOOTSTRAP_USESYSID);
AuthenticatedUserIsSuperuser = true;
} }
/* /*
* Change session auth ID while running * Change session auth ID while running
*
* Only a superuser may set auth ID to something other than himself.
*
* username == NULL implies reset to default (AuthenticatedUserId).
*/ */
void void
SetSessionAuthorization(const char *username) SetSessionAuthorization(const char *username)
{ {
int32 userid; Oid userid;
if (!AuthenticatedUserIsSuperuser)
elog(ERROR, "permission denied");
if (username == NULL)
userid = AuthenticatedUserId;
else
{
userid = get_usesysid(username); userid = get_usesysid(username);
if (userid != AuthenticatedUserId &&
!AuthenticatedUserIsSuperuser)
elog(ERROR, "permission denied");
}
SetSessionUserId(userid); SetSessionUserId(userid);
SetUserId(userid); SetUserId(userid);