Line data Source code
1 : /* -------------------------------------------------------------------------
2 : *
3 : * objectaccess.c
4 : * functions for object_access_hook on various events
5 : *
6 : * Portions Copyright (c) 1996-2026, PostgreSQL Global Development Group
7 : * Portions Copyright (c) 1994, Regents of the University of California
8 : *
9 : * -------------------------------------------------------------------------
10 : */
11 : #include "postgres.h"
12 :
13 : #include "catalog/objectaccess.h"
14 : #include "catalog/pg_class.h"
15 : #include "catalog/pg_namespace.h"
16 : #include "catalog/pg_proc.h"
17 :
18 : /*
19 : * Hook on object accesses. This is intended as infrastructure for security
20 : * and logging plugins.
21 : */
22 : object_access_hook_type object_access_hook = NULL;
23 : object_access_hook_type_str object_access_hook_str = NULL;
24 :
25 :
26 : /*
27 : * RunObjectPostCreateHook
28 : *
29 : * OAT_POST_CREATE object ID based event hook entrypoint
30 : */
31 : void
32 17 : RunObjectPostCreateHook(Oid classId, Oid objectId, int subId,
33 : bool is_internal)
34 : {
35 : ObjectAccessPostCreate pc_arg;
36 :
37 : /* caller should check, but just in case... */
38 : Assert(object_access_hook != NULL);
39 :
40 17 : memset(&pc_arg, 0, sizeof(ObjectAccessPostCreate));
41 17 : pc_arg.is_internal = is_internal;
42 :
43 17 : (*object_access_hook) (OAT_POST_CREATE,
44 : classId, objectId, subId,
45 : &pc_arg);
46 17 : }
47 :
48 : /*
49 : * RunObjectDropHook
50 : *
51 : * OAT_DROP object ID based event hook entrypoint
52 : */
53 : void
54 12 : RunObjectDropHook(Oid classId, Oid objectId, int subId,
55 : int dropflags)
56 : {
57 : ObjectAccessDrop drop_arg;
58 :
59 : /* caller should check, but just in case... */
60 : Assert(object_access_hook != NULL);
61 :
62 12 : memset(&drop_arg, 0, sizeof(ObjectAccessDrop));
63 12 : drop_arg.dropflags = dropflags;
64 :
65 12 : (*object_access_hook) (OAT_DROP,
66 : classId, objectId, subId,
67 : &drop_arg);
68 12 : }
69 :
70 : /*
71 : * RunObjectTruncateHook
72 : *
73 : * OAT_TRUNCATE object ID based event hook entrypoint
74 : */
75 : void
76 0 : RunObjectTruncateHook(Oid objectId)
77 : {
78 : /* caller should check, but just in case... */
79 : Assert(object_access_hook != NULL);
80 :
81 0 : (*object_access_hook) (OAT_TRUNCATE,
82 : RelationRelationId, objectId, 0,
83 : NULL);
84 0 : }
85 :
86 : /*
87 : * RunObjectPostAlterHook
88 : *
89 : * OAT_POST_ALTER object ID based event hook entrypoint
90 : */
91 : void
92 12 : RunObjectPostAlterHook(Oid classId, Oid objectId, int subId,
93 : Oid auxiliaryId, bool is_internal)
94 : {
95 : ObjectAccessPostAlter pa_arg;
96 :
97 : /* caller should check, but just in case... */
98 : Assert(object_access_hook != NULL);
99 :
100 12 : memset(&pa_arg, 0, sizeof(ObjectAccessPostAlter));
101 12 : pa_arg.auxiliary_id = auxiliaryId;
102 12 : pa_arg.is_internal = is_internal;
103 :
104 12 : (*object_access_hook) (OAT_POST_ALTER,
105 : classId, objectId, subId,
106 : &pa_arg);
107 12 : }
108 :
109 : /*
110 : * RunNamespaceSearchHook
111 : *
112 : * OAT_NAMESPACE_SEARCH object ID based event hook entrypoint
113 : */
114 : bool
115 22 : RunNamespaceSearchHook(Oid objectId, bool ereport_on_violation)
116 : {
117 : ObjectAccessNamespaceSearch ns_arg;
118 :
119 : /* caller should check, but just in case... */
120 : Assert(object_access_hook != NULL);
121 :
122 22 : memset(&ns_arg, 0, sizeof(ObjectAccessNamespaceSearch));
123 22 : ns_arg.ereport_on_violation = ereport_on_violation;
124 22 : ns_arg.result = true;
125 :
126 22 : (*object_access_hook) (OAT_NAMESPACE_SEARCH,
127 : NamespaceRelationId, objectId, 0,
128 : &ns_arg);
129 :
130 22 : return ns_arg.result;
131 : }
132 :
133 : /*
134 : * RunFunctionExecuteHook
135 : *
136 : * OAT_FUNCTION_EXECUTE object ID based event hook entrypoint
137 : */
138 : void
139 0 : RunFunctionExecuteHook(Oid objectId)
140 : {
141 : /* caller should check, but just in case... */
142 : Assert(object_access_hook != NULL);
143 :
144 0 : (*object_access_hook) (OAT_FUNCTION_EXECUTE,
145 : ProcedureRelationId, objectId, 0,
146 : NULL);
147 0 : }
148 :
149 : /* String versions */
150 :
151 :
152 : /*
153 : * RunObjectPostCreateHookStr
154 : *
155 : * OAT_POST_CREATE object name based event hook entrypoint
156 : */
157 : void
158 0 : RunObjectPostCreateHookStr(Oid classId, const char *objectName, int subId,
159 : bool is_internal)
160 : {
161 : ObjectAccessPostCreate pc_arg;
162 :
163 : /* caller should check, but just in case... */
164 : Assert(object_access_hook_str != NULL);
165 :
166 0 : memset(&pc_arg, 0, sizeof(ObjectAccessPostCreate));
167 0 : pc_arg.is_internal = is_internal;
168 :
169 0 : (*object_access_hook_str) (OAT_POST_CREATE,
170 : classId, objectName, subId,
171 : &pc_arg);
172 0 : }
173 :
174 : /*
175 : * RunObjectDropHookStr
176 : *
177 : * OAT_DROP object name based event hook entrypoint
178 : */
179 : void
180 0 : RunObjectDropHookStr(Oid classId, const char *objectName, int subId,
181 : int dropflags)
182 : {
183 : ObjectAccessDrop drop_arg;
184 :
185 : /* caller should check, but just in case... */
186 : Assert(object_access_hook_str != NULL);
187 :
188 0 : memset(&drop_arg, 0, sizeof(ObjectAccessDrop));
189 0 : drop_arg.dropflags = dropflags;
190 :
191 0 : (*object_access_hook_str) (OAT_DROP,
192 : classId, objectName, subId,
193 : &drop_arg);
194 0 : }
195 :
196 : /*
197 : * RunObjectTruncateHookStr
198 : *
199 : * OAT_TRUNCATE object name based event hook entrypoint
200 : */
201 : void
202 0 : RunObjectTruncateHookStr(const char *objectName)
203 : {
204 : /* caller should check, but just in case... */
205 : Assert(object_access_hook_str != NULL);
206 :
207 0 : (*object_access_hook_str) (OAT_TRUNCATE,
208 : RelationRelationId, objectName, 0,
209 : NULL);
210 0 : }
211 :
212 : /*
213 : * RunObjectPostAlterHookStr
214 : *
215 : * OAT_POST_ALTER object name based event hook entrypoint
216 : */
217 : void
218 24 : RunObjectPostAlterHookStr(Oid classId, const char *objectName, int subId,
219 : Oid auxiliaryId, bool is_internal)
220 : {
221 : ObjectAccessPostAlter pa_arg;
222 :
223 : /* caller should check, but just in case... */
224 : Assert(object_access_hook_str != NULL);
225 :
226 24 : memset(&pa_arg, 0, sizeof(ObjectAccessPostAlter));
227 24 : pa_arg.auxiliary_id = auxiliaryId;
228 24 : pa_arg.is_internal = is_internal;
229 :
230 24 : (*object_access_hook_str) (OAT_POST_ALTER,
231 : classId, objectName, subId,
232 : &pa_arg);
233 23 : }
234 :
235 : /*
236 : * RunNamespaceSearchHookStr
237 : *
238 : * OAT_NAMESPACE_SEARCH object name based event hook entrypoint
239 : */
240 : bool
241 0 : RunNamespaceSearchHookStr(const char *objectName, bool ereport_on_violation)
242 : {
243 : ObjectAccessNamespaceSearch ns_arg;
244 :
245 : /* caller should check, but just in case... */
246 : Assert(object_access_hook_str != NULL);
247 :
248 0 : memset(&ns_arg, 0, sizeof(ObjectAccessNamespaceSearch));
249 0 : ns_arg.ereport_on_violation = ereport_on_violation;
250 0 : ns_arg.result = true;
251 :
252 0 : (*object_access_hook_str) (OAT_NAMESPACE_SEARCH,
253 : NamespaceRelationId, objectName, 0,
254 : &ns_arg);
255 :
256 0 : return ns_arg.result;
257 : }
258 :
259 : /*
260 : * RunFunctionExecuteHookStr
261 : *
262 : * OAT_FUNCTION_EXECUTE object name based event hook entrypoint
263 : */
264 : void
265 0 : RunFunctionExecuteHookStr(const char *objectName)
266 : {
267 : /* caller should check, but just in case... */
268 : Assert(object_access_hook_str != NULL);
269 :
270 0 : (*object_access_hook_str) (OAT_FUNCTION_EXECUTE,
271 : ProcedureRelationId, objectName, 0,
272 : NULL);
273 0 : }
|
