external
/
pg_stat_monitor
mirror of https://github.com/percona/pg_stat_monitor.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

PG-175: Only Superuser / Privileged user can view IP address.

pull/73/head
Ibrar Ahmed 2021-02-11 12:41:21 +00:00
parent a6036b86ac
commit ce9d503cdb
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pg_stat_monitor--1.0.sql
View File

@ -28,7 +28,7 @@ CREATE FUNCTION pg_stat_monitor(IN showtext boolean,
OUT bucket int, OUT bucket int,
OUT userid oid, OUT userid oid,
OUT dbid oid, OUT dbid oid,
OUT client_ip bigint, OUT client_ip int8,
OUT queryid text, OUT queryid text,
OUT query text, OUT query text,
@ -202,6 +202,7 @@ end loop;
END END
$$ language plpgsql; $$ language plpgsql;
GRANT SELECT ON pg_stat_monitor TO PUBLIC;
GRANT SELECT ON pg_stat_monitor_settings TO PUBLIC; GRANT SELECT ON pg_stat_monitor_settings TO PUBLIC;
-- Don't want this to be available to non-superusers. -- Don't want this to be available to non-superusers.
REVOKE ALL ON FUNCTION pg_stat_monitor_reset() FROM PUBLIC; REVOKE ALL ON FUNCTION pg_stat_monitor_reset() FROM PUBLIC;

8
pg_stat_monitor.c
View File

@ -1,3 +1,4 @@
/*------------------------------------------------------------------------- /*-------------------------------------------------------------------------
* *
* pg_stat_monitor.c * pg_stat_monitor.c
@ -38,6 +39,7 @@ do \
void _PG_init(void); void _PG_init(void);
void _PG_fini(void); void _PG_fini(void);
int64 v = 5631;
/*---- Local variables ----*/ /*---- Local variables ----*/
/* Current nesting depth of ExecutorRun+ProcessUtility calls */ /* Current nesting depth of ExecutorRun+ProcessUtility calls */
@ -1145,7 +1147,11 @@ pg_stat_monitor_internal(FunctionCallInfo fcinfo,
values[i++] = ObjectIdGetDatum(entry->key.bucket_id); values[i++] = ObjectIdGetDatum(entry->key.bucket_id);
values[i++] = ObjectIdGetDatum(entry->key.userid); values[i++] = ObjectIdGetDatum(entry->key.userid);
values[i++] = ObjectIdGetDatum(entry->key.dbid); values[i++] = ObjectIdGetDatum(entry->key.dbid);
/* Superusers or members of pg_read_all_stats members are allowed */
if (is_allowed_role || entry->key.userid == userid)
values[i++] = Int64GetDatumFast(entry->key.ip); values[i++] = Int64GetDatumFast(entry->key.ip);
else
values[i++] = Int64GetDatumFast(0);
/* copy counters to a local variable to keep locking time short */ /* copy counters to a local variable to keep locking time short */
{ {
@ -1154,9 +1160,9 @@ pg_stat_monitor_internal(FunctionCallInfo fcinfo,
tmp = e->counters; tmp = e->counters;
SpinLockRelease(&e->mutex); SpinLockRelease(&e->mutex);
} }
values[i++] = CStringGetTextDatum(queryid_txt);
if (is_allowed_role || entry->key.userid == userid) if (is_allowed_role || entry->key.userid == userid)
{ {
values[i++] = CStringGetTextDatum(queryid_txt);
if (showtext) if (showtext)
{ {
if (query_txt) if (query_txt)