Wip

2020-12-31 11:08:51 +03:00 · 2020-12-31 11:08:51 +03:00 · ad435ddba1
parent ff03b35f94
commit ad435ddba1
6 changed files with 37 additions and 14 deletions
--- a/src/backend/distributed/cimv/create.c
+++ b/src/backend/distributed/cimv/create.c
@ -149,6 +149,8 @@ CreateCimv(CimvCreate *cimvCreate)
 		elog(ERROR, "SPI_connect failed");
 	}

+	PushCitusSecurityContext();
+
 	CreateMatTable(cimvCreate, false);

 	if (cimvCreate->createOptions->schedule != NULL)
@ -163,6 +165,8 @@ CreateCimv(CimvCreate *cimvCreate)
 	CreateDataChangeTriggers(cimvCreate);
 	InsertIntoPgCimv(cimvCreate->formCimv);

+	PopCitusSecurityContext();
+
 	if (SPI_finish() != SPI_OK_FINISH)
 	{
 		elog(ERROR, "SPI_finish failed");
--- a/src/backend/distributed/cimv/drop.c
+++ b/src/backend/distributed/cimv/drop.c
@ -6,6 +6,7 @@
 #include "distributed/listutils.h"
 #include "distributed/metadata_cache.h"
 #include "distributed/pg_cimv.h"
+#include "distributed/security_utils.h"
 #include "executor/spi.h"
 #include "nodes/parsenodes.h"
 #include "utils/builtins.h"
@ -122,6 +123,9 @@ ProcessDropViewStmt(DropStmt *stmt)
 static void
 DropCimv(Form_pg_cimv formCimv, DropBehavior behavior)
 {
+
+	PushCitusSecurityContext();
+
 	ObjectAddress matTableAddress;
 	matTableAddress.classId = RelationRelationId;
 	matTableAddress.objectId = formCimv->mattable;
@ -191,6 +195,7 @@ DropCimv(Form_pg_cimv formCimv, DropBehavior behavior)

 	DeletePgCimvRow(userViewAddress.objectId);

+	PopCitusSecurityContext();
 	/* Close SPI context. */
 	if (SPI_finish() != SPI_OK_FINISH)
 	{
--- a/src/backend/distributed/cimv/refresh.c
+++ b/src/backend/distributed/cimv/refresh.c
@ -5,6 +5,7 @@
 #include "catalog/pg_class.h"
 #include "distributed/listutils.h"
 #include "distributed/metadata_cache.h"
+#include "distributed/security_utils.h"
 #include "distributed/pg_cimv.h"
 #include "executor/spi.h"
 #include "nodes/parsenodes.h"
@ -109,10 +110,12 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
 							 matTableName,
 							 refreshViewSchemaName,
 							 refreshViewName);
+			PushCitusSecurityContext();				 
 			if (SPI_execute(querybuf.data, false, 0) != SPI_OK_INSERT)
 			{
 				elog(ERROR, "SPI_exec failed: %s", querybuf.data);
 			}
+			PopCitusSecurityContext();
 		}
 		else
 		{
@ -133,6 +136,7 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
 							 matTableName,
 							 refreshViewSchemaName,
 							 refreshViewName);
+			PushCitusSecurityContext();				 
 			SpiExecuteSnapshot(&querybuf, snapshot, SPI_OK_INSERT);
 			resetStringInfo(&querybuf);

@ -146,6 +150,7 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
 				SpiExecuteSnapshot(&querybuf, snapshot, SPI_OK_DELETE);
 				resetStringInfo(&querybuf);
 			}
+			PopCitusSecurityContext();
 		}
 	}

--- a/src/backend/distributed/commands/utility_hook.c
+++ b/src/backend/distributed/commands/utility_hook.c
@ -461,27 +461,25 @@ multi_ProcessUtility(PlannedStmt *pstmt,
 	bool continueProcessing = true;
 	if (IsA(parsetree, CreateTableAsStmt))
 	{
-		PushCitusSecurityContext();
 		continueProcessing = !ProcessCreateMaterializedViewStmt((const
 																 CreateTableAsStmt *)
 																parsetree, queryString,
 																pstmt);
-		PopCitusSecurityContext();														
 	}

 	if (IsA(parsetree, RefreshMatViewStmt))
 	{
-		PushCitusSecurityContext();
+		// PushCitusSecurityContext();
 		continueProcessing = !ProcessRefreshMaterializedViewStmt(
 			(RefreshMatViewStmt *) parsetree);
-		PopCitusSecurityContext();	
+		// PopCitusSecurityContext();	
 	}

 	if (IsA(parsetree, DropStmt))
 	{
 		DropStmt *dropStatement = (DropStmt *) parsetree;

-		PushCitusSecurityContext();
+		// PushCitusSecurityContext();
 		if (dropStatement->removeType == OBJECT_MATVIEW)
 		{
 			ProcessDropMaterializedViewStmt(dropStatement);
@ -490,7 +488,7 @@ multi_ProcessUtility(PlannedStmt *pstmt,
 		{
 			ProcessDropViewStmt(dropStatement);
 		}
-		PopCitusSecurityContext();
+		// PopCitusSecurityContext();

 	}

--- a/src/backend/distributed/utils/security_utils.c
+++ b/src/backend/distributed/utils/security_utils.c
@ -0,0 +1,17 @@
+
+#include "postgres.h"
+#include "distributed/security_utils.h"
+#include "distributed/metadata_cache.h"
+
+static Oid savedUserId = InvalidOid;
+static int savedSecurityContext = 0;
+
+void PushCitusSecurityContext(void) {
+	GetUserIdAndSecContext(&savedUserId, &savedSecurityContext);
+	SetUserIdAndSecContext(CitusExtensionOwner(), SECURITY_LOCAL_USERID_CHANGE);
+    
+}
+
+void PopCitusSecurityContext(void) {
+    SetUserIdAndSecContext(savedUserId, savedSecurityContext);
+}
--- a/src/include/distributed/security_utils.h
+++ b/src/include/distributed/security_utils.h
@ -14,13 +14,7 @@
 #include "postgres.h"
 #include "miscadmin.h"

-#define PushCitusSecurityContext() \
-    Oid savedUserId_DONTUSE = InvalidOid; \
-	int savedSecurityContext_DONTUSE = 0; \
-    GetUserIdAndSecContext(&savedUserId_DONTUSE, &savedSecurityContext_DONTUSE); \
-	SetUserIdAndSecContext(CitusExtensionOwner(), SECURITY_LOCAL_USERID_CHANGE);
-
-#define PopCitusSecurityContext() \
-    SetUserIdAndSecContext(savedUserId_DONTUSE, savedSecurityContext_DONTUSE);
+extern void PushCitusSecurityContext(void);
+extern void PopCitusSecurityContext(void);

 #endif