Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 3d4652f

Browse files
mhagandermhagander
committed
Allow pg_read_all_stats to access all stats views again
The views pg_stat_progress_* had not gotten the memo that pg_read_all_stats is supposed to be able to read all statistics. Also make a pass over all text-returning pg_stat_xyz functions that could return "insufficient privilege" and make sure they also respect pg_read_all_status. Reported-by: Andrey M. Borodin Reviewed-by: Andrey M. Borodin, Kyotaro Horiguchi Discussion: https://postgr.es/m/[email protected]
1 parent b3fa6d0 commit 3d4652f

File tree

1 file changed

+12
-11
lines changed

1 file changed

+12
-11
lines changed

src/backend/utils/adt/pgstatfuncs.c

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,8 @@
3232

3333
#define UINT32_ACCESS_ONCE(var) ((uint32)(*((volatile uint32 *)&(var))))
3434

35+
#define HAS_PGSTAT_PERMISSIONS(role) (is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS) || has_privs_of_role(GetUserId(), role))
36+
3537
/* Global bgwriter statistics, from bgwriter.c */
3638
extern PgStat_MsgBgWriter bgwriterStats;
3739

@@ -513,7 +515,7 @@ pg_stat_get_progress_info(PG_FUNCTION_ARGS)
513515
values[1] = ObjectIdGetDatum(beentry->st_databaseid);
514516

515517
/* show rest of the values including relid only to role members */
516-
if (has_privs_of_role(GetUserId(), beentry->st_userid))
518+
if (HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
517519
{
518520
values[2] = ObjectIdGetDatum(beentry->st_progress_command_target);
519521
for (i = 0; i < PGSTAT_NUM_PROGRESS_PARAM; i++)
@@ -661,8 +663,7 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
661663
}
662664

663665
/* Values only available to role member or pg_read_all_stats */
664-
if (has_privs_of_role(GetUserId(), beentry->st_userid) ||
665-
is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
666+
if (HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
666667
{
667668
SockAddr zero_clientaddr;
668669
char *clipped_activity;
@@ -932,7 +933,7 @@ pg_stat_get_backend_activity(PG_FUNCTION_ARGS)
932933

933934
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
934935
activity = "<backend information not available>";
935-
else if (!has_privs_of_role(GetUserId(), beentry->st_userid))
936+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
936937
activity = "<insufficient privilege>";
937938
else if (*(beentry->st_activity_raw) == '\0')
938939
activity = "<command string not enabled>";
@@ -956,7 +957,7 @@ pg_stat_get_backend_wait_event_type(PG_FUNCTION_ARGS)
956957

957958
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
958959
wait_event_type = "<backend information not available>";
959-
else if (!has_privs_of_role(GetUserId(), beentry->st_userid))
960+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
960961
wait_event_type = "<insufficient privilege>";
961962
else if ((proc = BackendPidGetProc(beentry->st_procpid)) != NULL)
962963
wait_event_type = pgstat_get_wait_event_type(proc->wait_event_info);
@@ -977,7 +978,7 @@ pg_stat_get_backend_wait_event(PG_FUNCTION_ARGS)
977978

978979
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
979980
wait_event = "<backend information not available>";
980-
else if (!has_privs_of_role(GetUserId(), beentry->st_userid))
981+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
981982
wait_event = "<insufficient privilege>";
982983
else if ((proc = BackendPidGetProc(beentry->st_procpid)) != NULL)
983984
wait_event = pgstat_get_wait_event(proc->wait_event_info);
@@ -999,7 +1000,7 @@ pg_stat_get_backend_activity_start(PG_FUNCTION_ARGS)
9991000
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10001001
PG_RETURN_NULL();
10011002

1002-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1003+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10031004
PG_RETURN_NULL();
10041005

10051006
result = beentry->st_activity_start_timestamp;
@@ -1025,7 +1026,7 @@ pg_stat_get_backend_xact_start(PG_FUNCTION_ARGS)
10251026
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10261027
PG_RETURN_NULL();
10271028

1028-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1029+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10291030
PG_RETURN_NULL();
10301031

10311032
result = beentry->st_xact_start_timestamp;
@@ -1047,7 +1048,7 @@ pg_stat_get_backend_start(PG_FUNCTION_ARGS)
10471048
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10481049
PG_RETURN_NULL();
10491050

1050-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1051+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10511052
PG_RETURN_NULL();
10521053

10531054
result = beentry->st_proc_start_timestamp;
@@ -1071,7 +1072,7 @@ pg_stat_get_backend_client_addr(PG_FUNCTION_ARGS)
10711072
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
10721073
PG_RETURN_NULL();
10731074

1074-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1075+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
10751076
PG_RETURN_NULL();
10761077

10771078
/* A zeroed client addr means we don't know */
@@ -1118,7 +1119,7 @@ pg_stat_get_backend_client_port(PG_FUNCTION_ARGS)
11181119
if ((beentry = pgstat_fetch_stat_beentry(beid)) == NULL)
11191120
PG_RETURN_NULL();
11201121

1121-
if (!has_privs_of_role(GetUserId(), beentry->st_userid))
1122+
else if (!HAS_PGSTAT_PERMISSIONS(beentry->st_userid))
11221123
PG_RETURN_NULL();
11231124

11241125
/* A zeroed client addr means we don't know */

0 commit comments

Comments
 (0)