From 8819c9022ed25dd23b8949755c15cc8a58a24900 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 7 Oct 2005 19:59:34 +0000 Subject: [PATCH] Marginal performance improvement in aclmask(): don't bother with testing ownership if the caller isn't interested in any GOPTION bits (which is the common case). It did not matter in 8.0 where the ownership test was just a trivial equality test, but it matters now. --- src/backend/utils/adt/acl.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c index 874169c2e9..e60605a437 100644 --- a/src/backend/utils/adt/acl.c +++ b/src/backend/utils/adt/acl.c @@ -1013,10 +1013,11 @@ aclmask(const Acl *acl, Oid roleid, Oid ownerId, result = 0; /* Owner always implicitly has all grant options */ - if (has_privs_of_role(roleid, ownerId)) + if ((mask & ACLITEM_ALL_GOPTION_BITS) && + has_privs_of_role(roleid, ownerId)) { result = mask & ACLITEM_ALL_GOPTION_BITS; - if (result == mask) + if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0)) return result; } @@ -1024,7 +1025,7 @@ aclmask(const Acl *acl, Oid roleid, Oid ownerId, aidat = ACL_DAT(acl); /* - * Check privileges granted directly to user or to public + * Check privileges granted directly to roleid or to public */ for (i = 0; i < num; i++) { @@ -1040,11 +1041,11 @@ aclmask(const Acl *acl, Oid roleid, Oid ownerId, } /* - * Check privileges granted indirectly via roles. + * Check privileges granted indirectly via role memberships. * We do this in a separate pass to minimize expensive indirect * membership tests. In particular, it's worth testing whether * a given ACL entry grants any privileges still of interest before - * we perform the is_member test. + * we perform the has_privs_of_role test. */ remaining = mask & ~result; for (i = 0; i < num; i++) -- 2.39.5