11/*
2- * $PostgreSQL: pgsql/contrib/pgrowlocks/pgrowlocks.c,v 1.6 2007/08/27 00:13:51 tgl Exp $
2+ * $PostgreSQL: pgsql/contrib/pgrowlocks/pgrowlocks.c,v 1.7 2007/08/28 22:59:30 tgl Exp $
33 *
44 * Copyright (c) 2005-2006 Tatsuo Ishii
55 *
3131#include "funcapi.h"
3232#include "miscadmin.h"
3333#include "storage/procarray.h"
34+ #include "utils/acl.h"
3435#include "utils/builtins.h"
3536
3637
@@ -67,16 +68,12 @@ pgrowlocks(PG_FUNCTION_ARGS)
6768 MyData * mydata ;
6869 Relation rel ;
6970
70- if (!superuser ())
71- ereport (ERROR ,
72- (errcode (ERRCODE_INSUFFICIENT_PRIVILEGE ),
73- (errmsg ("must be superuser to use pgrowlocks" ))));
74-
7571 if (SRF_IS_FIRSTCALL ())
7672 {
7773 text * relname ;
7874 RangeVar * relrv ;
7975 MemoryContext oldcontext ;
76+ AclResult aclresult ;
8077
8178 funcctx = SRF_FIRSTCALL_INIT ();
8279 oldcontext = MemoryContextSwitchTo (funcctx -> multi_call_memory_ctx );
@@ -92,6 +89,13 @@ pgrowlocks(PG_FUNCTION_ARGS)
9289 relrv = makeRangeVarFromNameList (textToQualifiedNameList (relname ));
9390 rel = heap_openrv (relrv , AccessShareLock );
9491
92+ /* check permissions: must have SELECT on table */
93+ aclresult = pg_class_aclcheck (RelationGetRelid (rel ), GetUserId (),
94+ ACL_SELECT );
95+ if (aclresult != ACLCHECK_OK )
96+ aclcheck_error (aclresult , ACL_KIND_CLASS ,
97+ RelationGetRelationName (rel ));
98+
9599 scan = heap_beginscan (rel , SnapshotNow , 0 , NULL );
96100 mydata = palloc (sizeof (* mydata ));
97101 mydata -> rel = rel ;
0 commit comments