external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix access permission checks for distributed relations 

With this commit, we add the range table list of the original query to our
custom plan. Therefore, PostgreSQL can check relations in the original query
for access permissions and error out if the proper access is not granted.
pull/1281/head
Metin Doslu 2017-03-15 11:47:55 +02:00 committed by Jason Petersen
parent 1fa2a25695
commit b1ee7ec93e
No known key found for this signature in database
GPG Key ID: 9F1D3510D110ABA9
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/backend/distributed/planner/multi_planner.c
View File

@ -454,6 +454,9 @@ FinalizeNonRouterPlan(PlannedStmt *localPlan, MultiPlan *multiPlan,
finalPlan->queryId = localPlan->queryId;
finalPlan->utilityStmt = localPlan->utilityStmt;
/* add original range table list for access permission checks */
finalPlan->rtable = list_concat(finalPlan->rtable, localPlan->rtable);
return finalPlan;
}
@ -473,7 +476,7 @@ FinalizeRouterPlan(PlannedStmt *localPlan, CustomScan *customScan)
List *targetList = NIL;
List *columnNameList = NIL;
/* we will have only one range table entry */
/* we will have custom scan range table entry as the first one in the list */
int customScanRangeTableIndex = 1;
/* build a targetlist to read from the custom scan output */
@ -514,6 +517,9 @@ FinalizeRouterPlan(PlannedStmt *localPlan, CustomScan *customScan)
remoteScanRangeTableEntry = RemoteScanRangeTableEntry(columnNameList);
routerPlan->rtable = list_make1(remoteScanRangeTableEntry);
/* add original range table list for access permission checks */
routerPlan->rtable = list_concat(routerPlan->rtable, localPlan->rtable);
routerPlan->canSetTag = true;
routerPlan->relationOids = NIL;