replace GrantObjectType with ObjectType

From 7a64148c39692f850a2ab3995881ad51065a62f8 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Wed, 11 Oct 2017 18:35:19 -0400
Subject: [PATCH v2 1/2] Replace GrantObjectType with ObjectType

There used to be a lot of different *Type and *Kind symbol groups to
address objects within different commands, most of which have been
replaced by ObjectType, starting with
b256f2426433c56b4bea3a8102757749885b81ba.  But this conversion was never
done for the ACL commands until now.

This change ends up being just a plain replacement of the types and
symbols, without any code restructuring needed, except deleting some now
redundant code.
---
 src/backend/catalog/aclchk.c         | 242 +++++++++++++++++------------------
 src/backend/catalog/heap.c           |   4 +-
 src/backend/catalog/objectaddress.c  |   1 +
 src/backend/catalog/pg_namespace.c   |   2 +-
 src/backend/catalog/pg_proc.c        |   2 +-
 src/backend/catalog/pg_type.c        |   2 +-
 src/backend/commands/event_trigger.c | 120 +++++++----------
 src/backend/parser/gram.y            |  54 ++++----
 src/backend/tcop/utility.c           |   2 +-
 src/backend/utils/adt/acl.c          |  58 ++++-----
 src/include/commands/event_trigger.h |   1 -
 src/include/nodes/parsenodes.h       |  22 +---
 src/include/tcop/deparse_utility.h   |   2 +-
 src/include/utils/acl.h              |   6 +-
 src/include/utils/aclchk_internal.h  |   4 +-
 15 files changed, 235 insertions(+), 287 deletions(-)

diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index e481cf3d11..06c2086295 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -86,7 +86,7 @@ typedef struct
 	Oid			nspid;			/* namespace, or InvalidOid if none */
 	/* remaining fields are same as in InternalGrant: */
 	bool		is_grant;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	bool		all_privs;
 	AclMode		privileges;
 	List	   *grantees;
@@ -116,8 +116,8 @@ static void ExecGrant_Type(InternalGrant *grantStmt);
 static void SetDefaultACLsInSchemas(InternalDefaultACL *iacls, List *nspnames);
 static void SetDefaultACL(InternalDefaultACL *iacls);
 
-static List *objectNamesToOids(GrantObjectType objtype, List *objnames);
-static List *objectsInSchemaToOids(GrantObjectType objtype, List *nspnames);
+static List *objectNamesToOids(ObjectType objtype, List *objnames);
+static List *objectsInSchemaToOids(ObjectType objtype, List *nspnames);
 static List *getRelationsInNamespace(Oid namespaceId, char relkind);
 static void expand_col_privileges(List *colnames, Oid table_oid,
 					  AclMode this_privileges,
@@ -266,7 +266,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 			whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
 		case ACL_KIND_NAMESPACE:
-			whole_mask = ACL_ALL_RIGHTS_NAMESPACE;
+			whole_mask = ACL_ALL_RIGHTS_SCHEMA;
 			break;
 		case ACL_KIND_TABLESPACE:
 			whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
@@ -441,68 +441,68 @@ ExecuteGrantStmt(GrantStmt *stmt)
 
 	/*
 	 * Convert stmt->privileges, a list of AccessPriv nodes, into an AclMode
-	 * bitmask.  Note: objtype can't be ACL_OBJECT_COLUMN.
+	 * bitmask.  Note: objtype can't be OBJECT_COLUMN.
 	 */
 	switch (stmt->objtype)
 	{
+		case OBJECT_RELATION:
 			/*
 			 * Because this might be a sequence, we test both relation and
 			 * sequence bits, and later do a more limited test when we know
 			 * the object type.
 			 */
-		case ACL_OBJECT_RELATION:
 			all_privileges = ACL_ALL_RIGHTS_RELATION | ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for sequence");
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			all_privileges = ACL_ALL_RIGHTS_DATABASE;
 			errormsg = gettext_noop("invalid privilege type %s for database");
 			break;
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for domain");
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for function");
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			all_privileges = ACL_ALL_RIGHTS_LANGUAGE;
 			errormsg = gettext_noop("invalid privilege type %s for language");
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			all_privileges = ACL_ALL_RIGHTS_LARGEOBJECT;
 			errormsg = gettext_noop("invalid privilege type %s for large object");
 			break;
-		case ACL_OBJECT_NAMESPACE:
-			all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		case OBJECT_SCHEMA:
+			all_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			errormsg = gettext_noop("invalid privilege type %s for schema");
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for procedure");
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for routine");
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			all_privileges = ACL_ALL_RIGHTS_TABLESPACE;
 			errormsg = gettext_noop("invalid privilege type %s for tablespace");
 			break;
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for type");
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			all_privileges = ACL_ALL_RIGHTS_FDW;
 			errormsg = gettext_noop("invalid privilege type %s for foreign-data wrapper");
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			all_privileges = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			errormsg = gettext_noop("invalid privilege type %s for foreign server");
 			break;
@@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
 			 */
 			if (privnode->cols)
 			{
-				if (stmt->objtype != ACL_OBJECT_RELATION)
+				if (stmt->objtype != OBJECT_RELATION)
 					ereport(ERROR,
 							(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 							 errmsg("column privileges are only valid for relations")));
@@ -574,38 +574,38 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 {
 	switch (istmt->objtype)
 	{
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			ExecGrant_Relation(istmt);
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			ExecGrant_Database(istmt);
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			ExecGrant_Type(istmt);
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			ExecGrant_Fdw(istmt);
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			ExecGrant_ForeignServer(istmt);
 			break;
-		case ACL_OBJECT_FUNCTION:
-		case ACL_OBJECT_PROCEDURE:
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_FUNCTION:
+		case OBJECT_PROCEDURE:
+		case OBJECT_ROUTINE:
 			ExecGrant_Function(istmt);
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			ExecGrant_Language(istmt);
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			ExecGrant_Largeobject(istmt);
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			ExecGrant_Namespace(istmt);
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			ExecGrant_Tablespace(istmt);
 			break;
 		default:
@@ -619,7 +619,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 	 * the functions a chance to adjust the istmt with privileges actually
 	 * granted.
 	 */
-	if (EventTriggerSupportsGrantObjectType(istmt->objtype))
+	if (EventTriggerSupportsObjectType(istmt->objtype))
 		EventTriggerCollectGrant(istmt);
 }
 
@@ -634,7 +634,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
  * to fail.
  */
 static List *
-objectNamesToOids(GrantObjectType objtype, List *objnames)
+objectNamesToOids(ObjectType objtype, List *objnames)
 {
 	List	   *objects = NIL;
 	ListCell   *cell;
@@ -643,8 +643,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 
 	switch (objtype)
 	{
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			foreach(cell, objnames)
 			{
 				RangeVar   *relvar = (RangeVar *) lfirst(cell);
@@ -654,7 +654,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, relOid);
 			}
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			foreach(cell, objnames)
 			{
 				char	   *dbname = strVal(lfirst(cell));
@@ -664,8 +664,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, dbid);
 			}
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			foreach(cell, objnames)
 			{
 				List	   *typname = (List *) lfirst(cell);
@@ -675,7 +675,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -685,7 +685,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, funcid);
 			}
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			foreach(cell, objnames)
 			{
 				char	   *langname = strVal(lfirst(cell));
@@ -695,7 +695,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			foreach(cell, objnames)
 			{
 				Oid			lobjOid = oidparse(lfirst(cell));
@@ -709,7 +709,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, lobjOid);
 			}
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			foreach(cell, objnames)
 			{
 				char	   *nspname = strVal(lfirst(cell));
@@ -719,7 +719,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -729,7 +729,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, procid);
 			}
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -739,7 +739,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, routid);
 			}
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			foreach(cell, objnames)
 			{
 				char	   *spcname = strVal(lfirst(cell));
@@ -749,7 +749,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, spcoid);
 			}
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			foreach(cell, objnames)
 			{
 				char	   *fdwname = strVal(lfirst(cell));
@@ -758,7 +758,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, fdwid);
 			}
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			foreach(cell, objnames)
 			{
 				char	   *srvname = strVal(lfirst(cell));
@@ -783,7 +783,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
  * no privilege checking on the individual objects here.
  */
 static List *
-objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
+objectsInSchemaToOids(ObjectType objtype, List *nspnames)
 {
 	List	   *objects = NIL;
 	ListCell   *cell;
@@ -798,7 +798,7 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 
 		switch (objtype)
 		{
-			case ACL_OBJECT_RELATION:
+			case OBJECT_RELATION:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION);
 				objects = list_concat(objects, objs);
 				objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW);
@@ -810,13 +810,13 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 				objs = getRelationsInNamespace(namespaceId, RELKIND_PARTITIONED_TABLE);
 				objects = list_concat(objects, objs);
 				break;
-			case ACL_OBJECT_SEQUENCE:
+			case OBJECT_SEQUENCE:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_SEQUENCE);
 				objects = list_concat(objects, objs);
 				break;
-			case ACL_OBJECT_FUNCTION:
-			case ACL_OBJECT_PROCEDURE:
-			case ACL_OBJECT_ROUTINE:
+			case OBJECT_FUNCTION:
+			case OBJECT_PROCEDURE:
+			case OBJECT_ROUTINE:
 				{
 					ScanKeyData key[2];
 					int			keycount;
@@ -835,12 +835,12 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 					 * When looking for procedures, check for return type ==0.
 					 * When looking for routines, don't check the return type.
 					 */
-					if (objtype == ACL_OBJECT_FUNCTION)
+					if (objtype == OBJECT_FUNCTION)
 						ScanKeyInit(&key[keycount++],
 									Anum_pg_proc_prorettype,
 									BTEqualStrategyNumber, F_OIDNE,
 									InvalidOid);
-					else if (objtype == ACL_OBJECT_PROCEDURE)
+					else if (objtype == OBJECT_PROCEDURE)
 						ScanKeyInit(&key[keycount++],
 									Anum_pg_proc_prorettype,
 									BTEqualStrategyNumber, F_OIDEQ,
@@ -993,32 +993,32 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s
 	 */
 	switch (action->objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			all_privileges = ACL_ALL_RIGHTS_RELATION;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for sequence");
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for function");
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for procedure");
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for routine");
 			break;
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for type");
 			break;
-		case ACL_OBJECT_NAMESPACE:
-			all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		case OBJECT_SCHEMA:
+			all_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			errormsg = gettext_noop("invalid privilege type %s for schema");
 			break;
 		default:
@@ -1184,38 +1184,38 @@ SetDefaultACL(InternalDefaultACL *iacls)
 	 */
 	switch (iacls->objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			objtype = DEFACLOBJ_RELATION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_RELATION;
 			break;
 
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			objtype = DEFACLOBJ_SEQUENCE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
 
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			objtype = DEFACLOBJ_FUNCTION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			break;
 
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			objtype = DEFACLOBJ_TYPE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_TYPE;
 			break;
 
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			if (OidIsValid(iacls->nspid))
 				ereport(ERROR,
 						(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 						 errmsg("cannot use IN SCHEMA clause when using GRANT/REVOKE ON SCHEMAS")));
 			objtype = DEFACLOBJ_NAMESPACE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
-				this_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+				this_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			break;
 
 		default:
@@ -1430,19 +1430,19 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		switch (pg_default_acl_tuple->defaclobjtype)
 		{
 			case DEFACLOBJ_RELATION:
-				iacls.objtype = ACL_OBJECT_RELATION;
+				iacls.objtype = OBJECT_RELATION;
 				break;
 			case DEFACLOBJ_SEQUENCE:
-				iacls.objtype = ACL_OBJECT_SEQUENCE;
+				iacls.objtype = OBJECT_SEQUENCE;
 				break;
 			case DEFACLOBJ_FUNCTION:
-				iacls.objtype = ACL_OBJECT_FUNCTION;
+				iacls.objtype = OBJECT_FUNCTION;
 				break;
 			case DEFACLOBJ_TYPE:
-				iacls.objtype = ACL_OBJECT_TYPE;
+				iacls.objtype = OBJECT_TYPE;
 				break;
 			case DEFACLOBJ_NAMESPACE:
-				iacls.objtype = ACL_OBJECT_NAMESPACE;
+				iacls.objtype = OBJECT_SCHEMA;
 				break;
 			default:
 				/* Shouldn't get here */
@@ -1472,34 +1472,34 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		{
 			case RelationRelationId:
 				/* it's OK to use RELATION for a sequence */
-				istmt.objtype = ACL_OBJECT_RELATION;
+				istmt.objtype = OBJECT_RELATION;
 				break;
 			case DatabaseRelationId:
-				istmt.objtype = ACL_OBJECT_DATABASE;
+				istmt.objtype = OBJECT_DATABASE;
 				break;
 			case TypeRelationId:
-				istmt.objtype = ACL_OBJECT_TYPE;
+				istmt.objtype = OBJECT_TYPE;
 				break;
 			case ProcedureRelationId:
-				istmt.objtype = ACL_OBJECT_ROUTINE;
+				istmt.objtype = OBJECT_ROUTINE;
 				break;
 			case LanguageRelationId:
-				istmt.objtype = ACL_OBJECT_LANGUAGE;
+				istmt.objtype = OBJECT_LANGUAGE;
 				break;
 			case LargeObjectRelationId:
-				istmt.objtype = ACL_OBJECT_LARGEOBJECT;
+				istmt.objtype = OBJECT_LARGEOBJECT;
 				break;
 			case NamespaceRelationId:
-				istmt.objtype = ACL_OBJECT_NAMESPACE;
+				istmt.objtype = OBJECT_SCHEMA;
 				break;
 			case TableSpaceRelationId:
-				istmt.objtype = ACL_OBJECT_TABLESPACE;
+				istmt.objtype = OBJECT_TABLESPACE;
 				break;
 			case ForeignServerRelationId:
-				istmt.objtype = ACL_OBJECT_FOREIGN_SERVER;
+				istmt.objtype = OBJECT_FOREIGN_SERVER;
 				break;
 			case ForeignDataWrapperRelationId:
-				istmt.objtype = ACL_OBJECT_FDW;
+				istmt.objtype = OBJECT_FDW;
 				break;
 			default:
 				elog(ERROR, "unexpected object class %u", classid);
@@ -1682,7 +1682,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
 							   &isNull);
 	if (isNull)
 	{
-		old_acl = acldefault(ACL_OBJECT_COLUMN, ownerId);
+		old_acl = acldefault(OBJECT_COLUMN, ownerId);
 		/* There are no old member roles according to the catalogs */
 		noldmembers = 0;
 		oldmembers = NULL;
@@ -1838,7 +1838,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 							NameStr(pg_class_tuple->relname))));
 
 		/* Used GRANT SEQUENCE on a non-sequence? */
-		if (istmt->objtype == ACL_OBJECT_SEQUENCE &&
+		if (istmt->objtype == OBJECT_SEQUENCE &&
 			pg_class_tuple->relkind != RELKIND_SEQUENCE)
 			ereport(ERROR,
 					(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@@ -1862,7 +1862,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 		 * permissions.  The OR of table and sequence permissions were already
 		 * checked.
 		 */
-		if (istmt->objtype == ACL_OBJECT_RELATION)
+		if (istmt->objtype == OBJECT_RELATION)
 		{
 			if (pg_class_tuple->relkind == RELKIND_SEQUENCE)
 			{
@@ -1941,10 +1941,10 @@ ExecGrant_Relation(InternalGrant *istmt)
 			switch (pg_class_tuple->relkind)
 			{
 				case RELKIND_SEQUENCE:
-					old_acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
+					old_acl = acldefault(OBJECT_SEQUENCE, ownerId);
 					break;
 				default:
-					old_acl = acldefault(ACL_OBJECT_RELATION, ownerId);
+					old_acl = acldefault(OBJECT_RELATION, ownerId);
 					break;
 			}
 			/* There are no old member roles according to the catalogs */
@@ -2169,7 +2169,7 @@ ExecGrant_Database(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
+			old_acl = acldefault(OBJECT_DATABASE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2291,7 +2291,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FDW, ownerId);
+			old_acl = acldefault(OBJECT_FDW, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2417,7 +2417,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
+			old_acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2541,7 +2541,7 @@ ExecGrant_Function(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
+			old_acl = acldefault(OBJECT_FUNCTION, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2672,7 +2672,7 @@ ExecGrant_Language(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
+			old_acl = acldefault(OBJECT_LANGUAGE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2810,7 +2810,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
+			old_acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2894,7 +2894,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 	ListCell   *cell;
 
 	if (istmt->all_privs && istmt->privileges == ACL_NO_RIGHTS)
-		istmt->privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		istmt->privileges = ACL_ALL_RIGHTS_SCHEMA;
 
 	relation = heap_open(NamespaceRelationId, RowExclusiveLock);
 
@@ -2936,7 +2936,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
+			old_acl = acldefault(OBJECT_SCHEMA, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -3060,7 +3060,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
+			old_acl = acldefault(OBJECT_TABLESPACE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -3178,7 +3178,7 @@ ExecGrant_Type(InternalGrant *istmt)
 					 errhint("Set the privileges of the element type instead.")));
 
 		/* Used GRANT DOMAIN on a non-domain? */
-		if (istmt->objtype == ACL_OBJECT_DOMAIN &&
+		if (istmt->objtype == OBJECT_DOMAIN &&
 			pg_type_tuple->typtype != TYPTYPE_DOMAIN)
 			ereport(ERROR,
 					(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@@ -3744,10 +3744,10 @@ pg_class_aclmask(Oid table_oid, Oid roleid,
 		switch (classForm->relkind)
 		{
 			case RELKIND_SEQUENCE:
-				acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
+				acl = acldefault(OBJECT_SEQUENCE, ownerId);
 				break;
 			default:
-				acl = acldefault(ACL_OBJECT_RELATION, ownerId);
+				acl = acldefault(OBJECT_RELATION, ownerId);
 				break;
 		}
 		aclDatum = (Datum) 0;
@@ -3803,7 +3803,7 @@ pg_database_aclmask(Oid db_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
+		acl = acldefault(OBJECT_DATABASE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3857,7 +3857,7 @@ pg_proc_aclmask(Oid proc_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
+		acl = acldefault(OBJECT_FUNCTION, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3911,7 +3911,7 @@ pg_language_aclmask(Oid lang_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
+		acl = acldefault(OBJECT_LANGUAGE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3991,7 +3991,7 @@ pg_largeobject_aclmask_snapshot(Oid lobj_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
+		acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4054,7 +4054,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
 	{
 		if (pg_database_aclcheck(MyDatabaseId, roleid,
 								 ACL_CREATE_TEMP) == ACLCHECK_OK)
-			return mask & ACL_ALL_RIGHTS_NAMESPACE;
+			return mask & ACL_ALL_RIGHTS_SCHEMA;
 		else
 			return mask & ACL_USAGE;
 	}
@@ -4075,7 +4075,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
+		acl = acldefault(OBJECT_SCHEMA, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4131,7 +4131,7 @@ pg_tablespace_aclmask(Oid spc_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
+		acl = acldefault(OBJECT_TABLESPACE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4193,7 +4193,7 @@ pg_foreign_data_wrapper_aclmask(Oid fdw_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FDW, ownerId);
+		acl = acldefault(OBJECT_FDW, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4255,7 +4255,7 @@ pg_foreign_server_aclmask(Oid srv_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
+		acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4332,7 +4332,7 @@ pg_type_aclmask(Oid type_oid, Oid roleid, AclMode mask, AclMaskHow how)
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_TYPE, ownerId);
+		acl = acldefault(OBJECT_TYPE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -5301,7 +5301,7 @@ get_default_acl_internal(Oid roleId, Oid nsp_oid, char objtype)
  * Returns NULL if built-in system defaults should be used
  */
 Acl *
-get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
+get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid)
 {
 	Acl		   *result;
 	Acl		   *glob_acl;
@@ -5319,23 +5319,23 @@ get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
 	/* Check if object type is supported in pg_default_acl */
 	switch (objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			defaclobjtype = DEFACLOBJ_RELATION;
 			break;
 
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			defaclobjtype = DEFACLOBJ_SEQUENCE;
 			break;
 
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			defaclobjtype = DEFACLOBJ_FUNCTION;
 			break;
 
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			defaclobjtype = DEFACLOBJ_TYPE;
 			break;
 
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			defaclobjtype = DEFACLOBJ_NAMESPACE;
 			break;
 
diff --git a/src/backend/catalog/heap.c b/src/backend/catalog/heap.c
index 4319fc6b8c..23a08b0a17 100644
--- a/src/backend/catalog/heap.c
+++ b/src/backend/catalog/heap.c
@@ -1142,11 +1142,11 @@ heap_create_with_catalog(const char *relname,
 			case RELKIND_MATVIEW:
 			case RELKIND_FOREIGN_TABLE:
 			case RELKIND_PARTITIONED_TABLE:
-				relacl = get_user_default_acl(ACL_OBJECT_RELATION, ownerid,
+				relacl = get_user_default_acl(OBJECT_RELATION, ownerid,
 											  relnamespace);
 				break;
 			case RELKIND_SEQUENCE:
-				relacl = get_user_default_acl(ACL_OBJECT_SEQUENCE, ownerid,
+				relacl = get_user_default_acl(OBJECT_SEQUENCE, ownerid,
 											  relnamespace);
 				break;
 			default:
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index 9553675975..0df9c9eac1 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -2112,6 +2112,7 @@ pg_get_object_address(PG_FUNCTION_ARGS)
 		case OBJECT_MATVIEW:
 		case OBJECT_INDEX:
 		case OBJECT_FOREIGN_TABLE:
+		case OBJECT_RELATION:
 		case OBJECT_COLUMN:
 		case OBJECT_ATTRIBUTE:
 		case OBJECT_COLLATION:
diff --git a/src/backend/catalog/pg_namespace.c b/src/backend/catalog/pg_namespace.c
index 3e20d051c2..3be3d88bf8 100644
--- a/src/backend/catalog/pg_namespace.c
+++ b/src/backend/catalog/pg_namespace.c
@@ -63,7 +63,7 @@ NamespaceCreate(const char *nspName, Oid ownerId, bool isTemp)
 				 errmsg("schema \"%s\" already exists", nspName)));
 
 	if (!isTemp)
-		nspacl = get_user_default_acl(ACL_OBJECT_NAMESPACE, ownerId,
+		nspacl = get_user_default_acl(OBJECT_SCHEMA, ownerId,
 									  InvalidOid);
 	else
 		nspacl = NULL;
diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c
index 7d05e4bdb2..2f3912b0e7 100644
--- a/src/backend/catalog/pg_proc.c
+++ b/src/backend/catalog/pg_proc.c
@@ -582,7 +582,7 @@ ProcedureCreate(const char *procedureName,
 		/* Creating a new procedure */
 
 		/* First, get default permissions and set up proacl */
-		proacl = get_user_default_acl(ACL_OBJECT_FUNCTION, proowner,
+		proacl = get_user_default_acl(OBJECT_FUNCTION, proowner,
 									  procNamespace);
 		if (proacl != NULL)
 			values[Anum_pg_proc_proacl - 1] = PointerGetDatum(proacl);
diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c
index e02d312008..e1c6a3602d 100644
--- a/src/backend/catalog/pg_type.c
+++ b/src/backend/catalog/pg_type.c
@@ -380,7 +380,7 @@ TypeCreate(Oid newTypeOid,
 	else
 		nulls[Anum_pg_type_typdefault - 1] = true;
 
-	typacl = get_user_default_acl(ACL_OBJECT_TYPE, ownerId,
+	typacl = get_user_default_acl(OBJECT_TYPE, ownerId,
 								  typeNamespace);
 	if (typacl != NULL)
 		values[Anum_pg_type_typacl - 1] = PointerGetDatum(typacl);
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index a602c20b41..61ba310412 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -159,8 +159,8 @@ static Oid insert_event_trigger_tuple(const char *trigname, const char *eventnam
 static void validate_ddl_tags(const char *filtervar, List *taglist);
 static void validate_table_rewrite_tags(const char *filtervar, List *taglist);
 static void EventTriggerInvoke(List *fn_oid_list, EventTriggerData *trigdata);
-static const char *stringify_grantobjtype(GrantObjectType objtype);
-static const char *stringify_adefprivs_objtype(GrantObjectType objtype);
+static const char *stringify_grantobjtype(ObjectType objtype);
+static const char *stringify_adefprivs_objtype(ObjectType objtype);
 
 /*
  * Create an event trigger.
@@ -1108,6 +1108,7 @@ EventTriggerSupportsObjectType(ObjectType obtype)
 		case OBJECT_PROCEDURE:
 		case OBJECT_PUBLICATION:
 		case OBJECT_PUBLICATION_REL:
+		case OBJECT_RELATION:
 		case OBJECT_ROUTINE:
 		case OBJECT_RULE:
 		case OBJECT_SCHEMA:
@@ -1199,41 +1200,6 @@ EventTriggerSupportsObjectClass(ObjectClass objclass)
 	return false;
 }
 
-bool
-EventTriggerSupportsGrantObjectType(GrantObjectType objtype)
-{
-	switch (objtype)
-	{
-		case ACL_OBJECT_DATABASE:
-		case ACL_OBJECT_TABLESPACE:
-			/* no support for global objects */
-			return false;
-
-		case ACL_OBJECT_COLUMN:
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_FDW:
-		case ACL_OBJECT_FOREIGN_SERVER:
-		case ACL_OBJECT_FUNCTION:
-		case ACL_OBJECT_LANGUAGE:
-		case ACL_OBJECT_LARGEOBJECT:
-		case ACL_OBJECT_NAMESPACE:
-		case ACL_OBJECT_PROCEDURE:
-		case ACL_OBJECT_ROUTINE:
-		case ACL_OBJECT_TYPE:
-			return true;
-
-			/*
-			 * There's intentionally no default: case here; we want the
-			 * compiler to warn if a new ACL class hasn't been handled above.
-			 */
-	}
-
-	/* Shouldn't get here, but if we do, say "no support" */
-	return false;
-}
-
 /*
  * Prepare event trigger state for a new complete query to run, if necessary;
  * returns whether this was done.  If it was, EventTriggerEndCompleteQuery must
@@ -2219,92 +2185,92 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS)
 }
 
 /*
- * Return the GrantObjectType as a string, as it would appear in GRANT and
+ * Return the ObjectType as a string, as it would appear in GRANT and
  * REVOKE commands.
  */
 static const char *
-stringify_grantobjtype(GrantObjectType objtype)
+stringify_grantobjtype(ObjectType objtype)
 {
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			return "COLUMN";
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			return "TABLE";
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			return "SEQUENCE";
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			return "DATABASE";
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			return "DOMAIN";
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			return "FOREIGN DATA WRAPPER";
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return "FOREIGN SERVER";
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			return "FUNCTION";
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return "LANGUAGE";
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return "LARGE OBJECT";
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return "SCHEMA";
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			return "PROCEDURE";
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			return "ROUTINE";
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return "TABLESPACE";
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			return "TYPE";
+		default:
+			elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
+			return "???";				/* keep compiler quiet */
 	}
-
-	elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
-	return "???";				/* keep compiler quiet */
 }
 
 /*
- * Return the GrantObjectType as a string; as above, but use the spelling
+ * Return the ObjectType as a string; as above, but use the spelling
  * in ALTER DEFAULT PRIVILEGES commands instead.  Generally this is just
  * the plural.
  */
 static const char *
-stringify_adefprivs_objtype(GrantObjectType objtype)
+stringify_adefprivs_objtype(ObjectType objtype)
 {
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			return "COLUMNS";
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			return "TABLES";
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			return "SEQUENCES";
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			return "DATABASES";
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			return "DOMAINS";
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			return "FOREIGN DATA WRAPPERS";
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return "FOREIGN SERVERS";
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			return "FUNCTIONS";
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return "LANGUAGES";
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return "LARGE OBJECTS";
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return "SCHEMAS";
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			return "PROCEDURES";
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			return "ROUTINES";
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return "TABLESPACES";
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			return "TYPES";
+		default:
+			elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
+			return "???";				/* keep compiler quiet */
 	}
-
-	elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
-	return "???";				/* keep compiler quiet */
 }
diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y
index ebfc94f896..3a27f83f83 100644
--- a/src/backend/parser/gram.y
+++ b/src/backend/parser/gram.y
@@ -115,7 +115,7 @@
 typedef struct PrivTarget
 {
 	GrantTargetType targtype;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	List	   *objs;
 } PrivTarget;
 
@@ -7002,7 +7002,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $1;
 					$$ = n;
 				}
@@ -7010,7 +7010,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7018,7 +7018,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_SEQUENCE;
+					n->objtype = OBJECT_SEQUENCE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7026,7 +7026,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FDW;
+					n->objtype = OBJECT_FDW;
 					n->objs = $4;
 					$$ = n;
 				}
@@ -7034,7 +7034,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FOREIGN_SERVER;
+					n->objtype = OBJECT_FOREIGN_SERVER;
 					n->objs = $3;
 					$$ = n;
 				}
@@ -7042,7 +7042,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FUNCTION;
+					n->objtype = OBJECT_FUNCTION;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7050,7 +7050,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_PROCEDURE;
+					n->objtype = OBJECT_PROCEDURE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7058,7 +7058,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_ROUTINE;
+					n->objtype = OBJECT_ROUTINE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7066,7 +7066,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_DATABASE;
+					n->objtype = OBJECT_DATABASE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7074,7 +7074,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_DOMAIN;
+					n->objtype = OBJECT_DOMAIN;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7082,7 +7082,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_LANGUAGE;
+					n->objtype = OBJECT_LANGUAGE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7090,7 +7090,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_LARGEOBJECT;
+					n->objtype = OBJECT_LARGEOBJECT;
 					n->objs = $3;
 					$$ = n;
 				}
@@ -7098,7 +7098,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_NAMESPACE;
+					n->objtype = OBJECT_SCHEMA;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7106,7 +7106,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_TABLESPACE;
+					n->objtype = OBJECT_TABLESPACE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7114,7 +7114,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_TYPE;
+					n->objtype = OBJECT_TYPE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7122,7 +7122,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7130,7 +7130,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_SEQUENCE;
+					n->objtype = OBJECT_SEQUENCE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7138,7 +7138,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_FUNCTION;
+					n->objtype = OBJECT_FUNCTION;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7146,7 +7146,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_PROCEDURE;
+					n->objtype = OBJECT_PROCEDURE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7154,7 +7154,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_ROUTINE;
+					n->objtype = OBJECT_ROUTINE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7312,12 +7312,12 @@ DefACLAction:
 		;
 
 defacl_privilege_target:
-			TABLES			{ $$ = ACL_OBJECT_RELATION; }
-			| FUNCTIONS		{ $$ = ACL_OBJECT_FUNCTION; }
-			| ROUTINES		{ $$ = ACL_OBJECT_FUNCTION; }
-			| SEQUENCES		{ $$ = ACL_OBJECT_SEQUENCE; }
-			| TYPES_P		{ $$ = ACL_OBJECT_TYPE; }
-			| SCHEMAS		{ $$ = ACL_OBJECT_NAMESPACE; }
+			TABLES			{ $$ = OBJECT_RELATION; }
+			| FUNCTIONS		{ $$ = OBJECT_FUNCTION; }
+			| ROUTINES		{ $$ = OBJECT_FUNCTION; }
+			| SEQUENCES		{ $$ = OBJECT_SEQUENCE; }
+			| TYPES_P		{ $$ = OBJECT_TYPE; }
+			| SCHEMAS		{ $$ = OBJECT_SCHEMA; }
 		;
 
 
diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c
index 4da1f8f643..904f5149c8 100644
--- a/src/backend/tcop/utility.c
+++ b/src/backend/tcop/utility.c
@@ -827,7 +827,7 @@ standard_ProcessUtility(PlannedStmt *pstmt,
 			{
 				GrantStmt  *stmt = (GrantStmt *) parsetree;
 
-				if (EventTriggerSupportsGrantObjectType(stmt->objtype))
+				if (EventTriggerSupportsObjectType(stmt->objtype))
 					ProcessUtilitySlow(pstate, pstmt, queryString,
 									   context, params, queryEnv,
 									   dest, completionTag);
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index 2f2758fe91..04d0390684 100644
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -745,7 +745,7 @@ hash_aclitem_extended(PG_FUNCTION_ARGS)
  * absence of any pg_default_acl entry.
  */
 Acl *
-acldefault(GrantObjectType objtype, Oid ownerId)
+acldefault(ObjectType objtype, Oid ownerId)
 {
 	AclMode		world_default;
 	AclMode		owner_default;
@@ -755,56 +755,56 @@ acldefault(GrantObjectType objtype, Oid ownerId)
 
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			/* by default, columns have no extra privileges */
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_NO_RIGHTS;
 			break;
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_RELATION;
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			/* for backwards compatibility, grant some rights by default */
 			world_default = ACL_CREATE_TEMP | ACL_CONNECT;
 			owner_default = ACL_ALL_RIGHTS_DATABASE;
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			/* Grant EXECUTE by default, for now */
 			world_default = ACL_EXECUTE;
 			owner_default = ACL_ALL_RIGHTS_FUNCTION;
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			/* Grant USAGE by default, for now */
 			world_default = ACL_USAGE;
 			owner_default = ACL_ALL_RIGHTS_LANGUAGE;
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			world_default = ACL_NO_RIGHTS;
-			owner_default = ACL_ALL_RIGHTS_NAMESPACE;
+			owner_default = ACL_ALL_RIGHTS_SCHEMA;
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_TABLESPACE;
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_FDW;
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			world_default = ACL_USAGE;
 			owner_default = ACL_ALL_RIGHTS_TYPE;
 			break;
@@ -855,7 +855,7 @@ acldefault(GrantObjectType objtype, Oid ownerId)
 
 /*
  * SQL-accessible version of acldefault().  Hackish mapping from "char" type to
- * ACL_OBJECT_* values, but it's only used in the information schema, not
+ * OBJECT_* values, but it's only used in the information schema, not
  * documented for general use.
  */
 Datum
@@ -863,45 +863,45 @@ acldefault_sql(PG_FUNCTION_ARGS)
 {
 	char		objtypec = PG_GETARG_CHAR(0);
 	Oid			owner = PG_GETARG_OID(1);
-	GrantObjectType objtype = 0;
+	ObjectType	objtype = 0;
 
 	switch (objtypec)
 	{
 		case 'c':
-			objtype = ACL_OBJECT_COLUMN;
+			objtype = OBJECT_COLUMN;
 			break;
 		case 'r':
-			objtype = ACL_OBJECT_RELATION;
+			objtype = OBJECT_RELATION;
 			break;
 		case 's':
-			objtype = ACL_OBJECT_SEQUENCE;
+			objtype = OBJECT_SEQUENCE;
 			break;
 		case 'd':
-			objtype = ACL_OBJECT_DATABASE;
+			objtype = OBJECT_DATABASE;
 			break;
 		case 'f':
-			objtype = ACL_OBJECT_FUNCTION;
+			objtype = OBJECT_FUNCTION;
 			break;
 		case 'l':
-			objtype = ACL_OBJECT_LANGUAGE;
+			objtype = OBJECT_LANGUAGE;
 			break;
 		case 'L':
-			objtype = ACL_OBJECT_LARGEOBJECT;
+			objtype = OBJECT_LARGEOBJECT;
 			break;
 		case 'n':
-			objtype = ACL_OBJECT_NAMESPACE;
+			objtype = OBJECT_SCHEMA;
 			break;
 		case 't':
-			objtype = ACL_OBJECT_TABLESPACE;
+			objtype = OBJECT_TABLESPACE;
 			break;
 		case 'F':
-			objtype = ACL_OBJECT_FDW;
+			objtype = OBJECT_FDW;
 			break;
 		case 'S':
-			objtype = ACL_OBJECT_FOREIGN_SERVER;
+			objtype = OBJECT_FOREIGN_SERVER;
 			break;
 		case 'T':
-			objtype = ACL_OBJECT_TYPE;
+			objtype = OBJECT_TYPE;
 			break;
 		default:
 			elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
diff --git a/src/include/commands/event_trigger.h b/src/include/commands/event_trigger.h
index 2ce528272c..5b118c34e3 100644
--- a/src/include/commands/event_trigger.h
+++ b/src/include/commands/event_trigger.h
@@ -50,7 +50,6 @@ extern void AlterEventTriggerOwner_oid(Oid, Oid newOwnerId);
 
 extern bool EventTriggerSupportsObjectType(ObjectType obtype);
 extern bool EventTriggerSupportsObjectClass(ObjectClass objclass);
-extern bool EventTriggerSupportsGrantObjectType(GrantObjectType objtype);
 extern void EventTriggerDDLCommandStart(Node *parsetree);
 extern void EventTriggerDDLCommandEnd(Node *parsetree);
 extern void EventTriggerSQLDrop(Node *parsetree);
diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h
index 2eaa6b2774..14f23ccb9e 100644
--- a/src/include/nodes/parsenodes.h
+++ b/src/include/nodes/parsenodes.h
@@ -1645,6 +1645,7 @@ typedef enum ObjectType
 	OBJECT_PROCEDURE,
 	OBJECT_PUBLICATION,
 	OBJECT_PUBLICATION_REL,
+	OBJECT_RELATION,
 	OBJECT_ROLE,
 	OBJECT_ROUTINE,
 	OBJECT_RULE,
@@ -1845,31 +1846,12 @@ typedef enum GrantTargetType
 	ACL_TARGET_DEFAULTS			/* ALTER DEFAULT PRIVILEGES */
 } GrantTargetType;
 
-typedef enum GrantObjectType
-{
-	ACL_OBJECT_COLUMN,			/* column */
-	ACL_OBJECT_RELATION,		/* table, view */
-	ACL_OBJECT_SEQUENCE,		/* sequence */
-	ACL_OBJECT_DATABASE,		/* database */
-	ACL_OBJECT_DOMAIN,			/* domain */
-	ACL_OBJECT_FDW,				/* foreign-data wrapper */
-	ACL_OBJECT_FOREIGN_SERVER,	/* foreign server */
-	ACL_OBJECT_FUNCTION,		/* function */
-	ACL_OBJECT_LANGUAGE,		/* procedural language */
-	ACL_OBJECT_LARGEOBJECT,		/* largeobject */
-	ACL_OBJECT_NAMESPACE,		/* namespace */
-	ACL_OBJECT_PROCEDURE,		/* procedure */
-	ACL_OBJECT_ROUTINE,			/* routine */
-	ACL_OBJECT_TABLESPACE,		/* tablespace */
-	ACL_OBJECT_TYPE				/* type */
-} GrantObjectType;
-
 typedef struct GrantStmt
 {
 	NodeTag		type;
 	bool		is_grant;		/* true = GRANT, false = REVOKE */
 	GrantTargetType targtype;	/* type of the grant target */
-	GrantObjectType objtype;	/* kind of object being operated on */
+	ObjectType	objtype;		/* kind of object being operated on */
 	List	   *objects;		/* list of RangeVar nodes, ObjectWithArgs
 								 * nodes, or plain names (as Value strings) */
 	List	   *privileges;		/* list of AccessPriv nodes */
diff --git a/src/include/tcop/deparse_utility.h b/src/include/tcop/deparse_utility.h
index 9c4e608934..ce8bfbae6b 100644
--- a/src/include/tcop/deparse_utility.h
+++ b/src/include/tcop/deparse_utility.h
@@ -97,7 +97,7 @@ typedef struct CollectedCommand
 		/* ALTER DEFAULT PRIVILEGES */
 		struct
 		{
-			GrantObjectType objtype;
+			ObjectType	objtype;
 		}			defprivs;
 	}			d;
 } CollectedCommand;
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
index 254a811aff..a8a6f35dde 100644
--- a/src/include/utils/acl.h
+++ b/src/include/utils/acl.h
@@ -163,7 +163,7 @@ typedef ArrayType Acl;
 #define ACL_ALL_RIGHTS_FUNCTION		(ACL_EXECUTE)
 #define ACL_ALL_RIGHTS_LANGUAGE		(ACL_USAGE)
 #define ACL_ALL_RIGHTS_LARGEOBJECT	(ACL_SELECT|ACL_UPDATE)
-#define ACL_ALL_RIGHTS_NAMESPACE	(ACL_USAGE|ACL_CREATE)
+#define ACL_ALL_RIGHTS_SCHEMA		(ACL_USAGE|ACL_CREATE)
 #define ACL_ALL_RIGHTS_TABLESPACE	(ACL_CREATE)
 #define ACL_ALL_RIGHTS_TYPE			(ACL_USAGE)
 
@@ -217,8 +217,8 @@ typedef enum AclObjectKind
 /*
  * routines used internally
  */
-extern Acl *acldefault(GrantObjectType objtype, Oid ownerId);
-extern Acl *get_user_default_acl(GrantObjectType objtype, Oid ownerId,
+extern Acl *acldefault(ObjectType objtype, Oid ownerId);
+extern Acl *get_user_default_acl(ObjectType objtype, Oid ownerId,
 					 Oid nsp_oid);
 
 extern Acl *aclupdate(const Acl *old_acl, const AclItem *mod_aip,
diff --git a/src/include/utils/aclchk_internal.h b/src/include/utils/aclchk_internal.h
index 3374edb638..31f4b92c16 100644
--- a/src/include/utils/aclchk_internal.h
+++ b/src/include/utils/aclchk_internal.h
@@ -26,12 +26,12 @@
  * Note: 'all_privs' and 'privileges' represent object-level privileges only.
  * There might also be column-level privilege specifications, which are
  * represented in col_privs (this is a list of untransformed AccessPriv nodes).
- * Column privileges are only valid for objtype ACL_OBJECT_RELATION.
+ * Column privileges are only valid for objtype OBJECT_RELATION.
  */
 typedef struct
 {
 	bool		is_grant;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	List	   *objects;
 	bool		all_privs;
 	AclMode		privileges;

base-commit: d329dc2ea4bfac84ec60ba14b96561a7508bb37b
-- 
2.15.1

From 3007d367dd6f20f97ca9d223aa4d8901d462481f Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Sat, 2 Dec 2017 09:26:34 -0500
Subject: [PATCH v2 2/2] Replace AclObjectKind with ObjectType

AclObjectKind was basically just another enumeration for object types,
and we already have a preferred one for that.  It's only used in
aclcheck_error.  By using ObjectType instead, we can also give some more
precise error messages, for example "index" instead of "relation".
---
 contrib/dblink/dblink.c                            |   4 +-
 contrib/pg_prewarm/pg_prewarm.c                    |   2 +-
 contrib/pgrowlocks/pgrowlocks.c                    |   2 +-
 src/backend/access/brin/brin.c                     |   4 +-
 src/backend/access/gin/ginfast.c                   |   2 +-
 src/backend/catalog/aclchk.c                       | 508 +++++++++++++--------
 src/backend/catalog/namespace.c                    |   8 +-
 src/backend/catalog/objectaddress.c                |  90 ++--
 src/backend/catalog/pg_aggregate.c                 |   2 +-
 src/backend/catalog/pg_operator.c                  |   8 +-
 src/backend/catalog/pg_proc.c                      |   2 +-
 src/backend/catalog/pg_type.c                      |   2 +-
 src/backend/commands/aggregatecmds.c               |   2 +-
 src/backend/commands/alter.c                       |  18 +-
 src/backend/commands/collationcmds.c               |   4 +-
 src/backend/commands/conversioncmds.c              |   4 +-
 src/backend/commands/dbcommands.c                  |  16 +-
 src/backend/commands/event_trigger.c               |   4 +-
 src/backend/commands/extension.c                   |   8 +-
 src/backend/commands/foreigncmds.c                 |  16 +-
 src/backend/commands/functioncmds.c                |  26 +-
 src/backend/commands/indexcmds.c                   |  10 +-
 src/backend/commands/lockcmds.c                    |   4 +-
 src/backend/commands/opclasscmds.c                 |  16 +-
 src/backend/commands/operatorcmds.c                |  10 +-
 src/backend/commands/policy.c                      |   2 +-
 src/backend/commands/proclang.c                    |   4 +-
 src/backend/commands/publicationcmds.c             |  10 +-
 src/backend/commands/schemacmds.c                  |  10 +-
 src/backend/commands/statscmds.c                   |   2 +-
 src/backend/commands/subscriptioncmds.c            |   6 +-
 src/backend/commands/tablecmds.c                   |  36 +-
 src/backend/commands/tablespace.c                  |  10 +-
 src/backend/commands/trigger.c                     |   8 +-
 src/backend/commands/tsearchcmds.c                 |   8 +-
 src/backend/commands/typecmds.c                    |  28 +-
 src/backend/commands/user.c                        |   2 +-
 src/backend/executor/execExpr.c                    |   4 +-
 src/backend/executor/execMain.c                    |   2 +-
 src/backend/executor/execSRF.c                     |   2 +-
 src/backend/executor/nodeAgg.c                     |  10 +-
 src/backend/executor/nodeWindowAgg.c               |   8 +-
 src/backend/parser/parse_utilcmd.c                 |   4 +-
 src/backend/rewrite/rewriteDefine.c                |   6 +-
 src/backend/tcop/fastpath.c                        |   4 +-
 src/backend/utils/adt/dbsize.c                     |   4 +-
 src/backend/utils/adt/tid.c                        |   4 +-
 src/backend/utils/fmgr/fmgr.c                      |   4 +-
 src/include/catalog/objectaddress.h                |   2 +-
 src/include/utils/acl.h                            |  35 +-
 src/pl/tcl/pltcl.c                                 |   2 +-
 .../dummy_seclabel/expected/dummy_seclabel.out     |   4 +-
 src/test/regress/expected/create_procedure.out     |   2 +-
 src/test/regress/expected/privileges.out           |   8 +-
 54 files changed, 562 insertions(+), 441 deletions(-)

diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c
index a7e22b378a..87bd6f730b 100644
--- a/contrib/dblink/dblink.c
+++ b/contrib/dblink/dblink.c
@@ -2504,7 +2504,7 @@ get_rel_from_relname(text *relname_text, LOCKMODE lockmode, AclMode aclmode)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  aclmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	return rel;
@@ -2789,7 +2789,7 @@ get_connect_string(const char *servername)
 		/* Check permissions, user must have usage on the server. */
 		aclresult = pg_foreign_server_aclcheck(serverid, userid, ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, foreign_server->servername);
+			aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, foreign_server->servername);
 
 		foreach(cell, fdw->options)
 		{
diff --git a/contrib/pg_prewarm/pg_prewarm.c b/contrib/pg_prewarm/pg_prewarm.c
index fec62b1a54..295297274b 100644
--- a/contrib/pg_prewarm/pg_prewarm.c
+++ b/contrib/pg_prewarm/pg_prewarm.c
@@ -107,7 +107,7 @@ pg_prewarm(PG_FUNCTION_ARGS)
 	rel = relation_open(relOid, AccessShareLock);
 	aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS, get_rel_name(relOid));
+		aclcheck_error(aclresult, OBJECT_RELATION, get_rel_name(relOid));
 
 	/* Check that the fork exists. */
 	RelationOpenSmgr(rel);
diff --git a/contrib/pgrowlocks/pgrowlocks.c b/contrib/pgrowlocks/pgrowlocks.c
index eabca65bd2..38e10e59a8 100644
--- a/contrib/pgrowlocks/pgrowlocks.c
+++ b/contrib/pgrowlocks/pgrowlocks.c
@@ -121,7 +121,7 @@ pgrowlocks(PG_FUNCTION_ARGS)
 			aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
 
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL);
diff --git a/src/backend/access/brin/brin.c b/src/backend/access/brin/brin.c
index 9fbb093b3c..628d447a61 100644
--- a/src/backend/access/brin/brin.c
+++ b/src/backend/access/brin/brin.c
@@ -894,7 +894,7 @@ brin_summarize_range(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	/*
@@ -965,7 +965,7 @@ brin_desummarize_range(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	/*
diff --git a/src/backend/access/gin/ginfast.c b/src/backend/access/gin/ginfast.c
index 95c8bd7b43..5010f608e0 100644
--- a/src/backend/access/gin/ginfast.c
+++ b/src/backend/access/gin/ginfast.c
@@ -1035,7 +1035,7 @@ gin_clean_pending_list(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	memset(&stats, 0, sizeof(stats));
diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index 06c2086295..d097ab1d62 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -132,9 +132,9 @@ static const char *privilege_to_string(AclMode privilege);
 static AclMode restrict_and_check_grant(bool is_grant, AclMode avail_goptions,
 						 bool all_privs, AclMode privileges,
 						 Oid objectId, Oid grantorId,
-						 AclObjectKind objkind, const char *objname,
+						 ObjectType objtype, const char *objname,
 						 AttrNumber att_number, const char *colname);
-static AclMode pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum,
+static AclMode pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum,
 		   Oid roleid, AclMode mask, AclMaskHow how);
 static void recordExtensionInitPriv(Oid objoid, Oid classoid, int objsubid,
 						Acl *new_acl);
@@ -236,56 +236,56 @@ merge_acl_with_grant(Acl *old_acl, bool is_grant,
 static AclMode
 restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 						 AclMode privileges, Oid objectId, Oid grantorId,
-						 AclObjectKind objkind, const char *objname,
+						 ObjectType objtype, const char *objname,
 						 AttrNumber att_number, const char *colname)
 {
 	AclMode		this_privileges;
 	AclMode		whole_mask;
 
-	switch (objkind)
+	switch (objtype)
 	{
-		case ACL_KIND_COLUMN:
+		case OBJECT_COLUMN:
 			whole_mask = ACL_ALL_RIGHTS_COLUMN;
 			break;
-		case ACL_KIND_CLASS:
+		case OBJECT_RELATION:
 			whole_mask = ACL_ALL_RIGHTS_RELATION;
 			break;
-		case ACL_KIND_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			whole_mask = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
-		case ACL_KIND_DATABASE:
+		case OBJECT_DATABASE:
 			whole_mask = ACL_ALL_RIGHTS_DATABASE;
 			break;
-		case ACL_KIND_PROC:
+		case OBJECT_FUNCTION:
 			whole_mask = ACL_ALL_RIGHTS_FUNCTION;
 			break;
-		case ACL_KIND_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			whole_mask = ACL_ALL_RIGHTS_LANGUAGE;
 			break;
-		case ACL_KIND_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
-		case ACL_KIND_NAMESPACE:
+		case OBJECT_SCHEMA:
 			whole_mask = ACL_ALL_RIGHTS_SCHEMA;
 			break;
-		case ACL_KIND_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
 			break;
-		case ACL_KIND_FDW:
+		case OBJECT_FDW:
 			whole_mask = ACL_ALL_RIGHTS_FDW;
 			break;
-		case ACL_KIND_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			whole_mask = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			break;
-		case ACL_KIND_EVENT_TRIGGER:
+		case OBJECT_EVENT_TRIGGER:
 			elog(ERROR, "grantable rights not supported for event triggers");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TYPE:
+		case OBJECT_TYPE:
 			whole_mask = ACL_ALL_RIGHTS_TYPE;
 			break;
 		default:
-			elog(ERROR, "unrecognized object kind: %d", objkind);
+			elog(ERROR, "unrecognized object type: %d", objtype);
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
 	}
@@ -297,14 +297,14 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	 */
 	if (avail_goptions == ACL_NO_RIGHTS)
 	{
-		if (pg_aclmask(objkind, objectId, att_number, grantorId,
+		if (pg_aclmask(objtype, objectId, att_number, grantorId,
 					   whole_mask | ACL_GRANT_OPTION_FOR(whole_mask),
 					   ACLMASK_ANY) == ACL_NO_RIGHTS)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
-				aclcheck_error_col(ACLCHECK_NO_PRIV, objkind, objname, colname);
+			if (objtype == OBJECT_COLUMN && colname)
+				aclcheck_error_col(ACLCHECK_NO_PRIV, objtype, objname, colname);
 			else
-				aclcheck_error(ACLCHECK_NO_PRIV, objkind, objname);
+				aclcheck_error(ACLCHECK_NO_PRIV, objtype, objname);
 		}
 	}
 
@@ -320,7 +320,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	{
 		if (this_privileges == 0)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
 						 errmsg("no privileges were granted for column \"%s\" of relation \"%s\"",
@@ -333,7 +333,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		}
 		else if (!all_privs && this_privileges != privileges)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
 						 errmsg("not all privileges were granted for column \"%s\" of relation \"%s\"",
@@ -349,7 +349,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	{
 		if (this_privileges == 0)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
 						 errmsg("no privileges could be revoked for column \"%s\" of relation \"%s\"",
@@ -362,7 +362,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		}
 		else if (!all_privs && this_privileges != privileges)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
 						 errmsg("not all privileges could be revoked for column \"%s\" of relation \"%s\"",
@@ -1721,7 +1721,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
 		restrict_and_check_grant(istmt->is_grant, avail_goptions,
 								 (col_privileges == ACL_ALL_RIGHTS_COLUMN),
 								 col_privileges,
-								 relOid, grantorId, ACL_KIND_COLUMN,
+								 relOid, grantorId, OBJECT_COLUMN,
 								 relname, attnum,
 								 NameStr(pg_attribute_tuple->attname));
 
@@ -1975,7 +1975,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 			bool		replaces[Natts_pg_class];
 			int			nnewmembers;
 			Oid		   *newmembers;
-			AclObjectKind aclkind;
+			ObjectType	objtype;
 
 			/* Determine ID to do the grant as, and available grant options */
 			select_best_grantor(GetUserId(), this_privileges,
@@ -1985,10 +1985,10 @@ ExecGrant_Relation(InternalGrant *istmt)
 			switch (pg_class_tuple->relkind)
 			{
 				case RELKIND_SEQUENCE:
-					aclkind = ACL_KIND_SEQUENCE;
+					objtype = OBJECT_SEQUENCE;
 					break;
 				default:
-					aclkind = ACL_KIND_CLASS;
+					objtype = OBJECT_RELATION;
 					break;
 			}
 
@@ -1999,7 +1999,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 			this_privileges =
 				restrict_and_check_grant(istmt->is_grant, avail_goptions,
 										 istmt->all_privs, this_privileges,
-										 relOid, grantorId, aclkind,
+										 relOid, grantorId, objtype,
 										 NameStr(pg_class_tuple->relname),
 										 0, NULL);
 
@@ -2193,7 +2193,7 @@ ExecGrant_Database(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 datId, grantorId, ACL_KIND_DATABASE,
+									 datId, grantorId, OBJECT_DATABASE,
 									 NameStr(pg_database_tuple->datname),
 									 0, NULL);
 
@@ -2315,7 +2315,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 fdwid, grantorId, ACL_KIND_FDW,
+									 fdwid, grantorId, OBJECT_FDW,
 									 NameStr(pg_fdw_tuple->fdwname),
 									 0, NULL);
 
@@ -2441,7 +2441,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 srvid, grantorId, ACL_KIND_FOREIGN_SERVER,
+									 srvid, grantorId, OBJECT_FOREIGN_SERVER,
 									 NameStr(pg_server_tuple->srvname),
 									 0, NULL);
 
@@ -2565,7 +2565,7 @@ ExecGrant_Function(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 funcId, grantorId, ACL_KIND_PROC,
+									 funcId, grantorId, OBJECT_FUNCTION,
 									 NameStr(pg_proc_tuple->proname),
 									 0, NULL);
 
@@ -2696,7 +2696,7 @@ ExecGrant_Language(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 langId, grantorId, ACL_KIND_LANGUAGE,
+									 langId, grantorId, OBJECT_LANGUAGE,
 									 NameStr(pg_language_tuple->lanname),
 									 0, NULL);
 
@@ -2835,7 +2835,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 loid, grantorId, ACL_KIND_LARGEOBJECT,
+									 loid, grantorId, OBJECT_LARGEOBJECT,
 									 loname, 0, NULL);
 
 		/*
@@ -2960,7 +2960,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 nspid, grantorId, ACL_KIND_NAMESPACE,
+									 nspid, grantorId, OBJECT_SCHEMA,
 									 NameStr(pg_namespace_tuple->nspname),
 									 0, NULL);
 
@@ -3084,7 +3084,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 tblId, grantorId, ACL_KIND_TABLESPACE,
+									 tblId, grantorId, OBJECT_TABLESPACE,
 									 NameStr(pg_tablespace_tuple->spcname),
 									 0, NULL);
 
@@ -3218,7 +3218,7 @@ ExecGrant_Type(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 typId, grantorId, ACL_KIND_TYPE,
+									 typId, grantorId, OBJECT_TYPE,
 									 NameStr(pg_type_tuple->typname),
 									 0, NULL);
 
@@ -3347,114 +3347,8 @@ privilege_to_string(AclMode privilege)
  * Note: we do not double-quote the %s's below, because many callers
  * supply strings that might be already quoted.
  */
-
-static const char *const no_priv_msg[MAX_ACL_KIND] =
-{
-	/* ACL_KIND_COLUMN */
-	gettext_noop("permission denied for column %s"),
-	/* ACL_KIND_CLASS */
-	gettext_noop("permission denied for relation %s"),
-	/* ACL_KIND_SEQUENCE */
-	gettext_noop("permission denied for sequence %s"),
-	/* ACL_KIND_DATABASE */
-	gettext_noop("permission denied for database %s"),
-	/* ACL_KIND_PROC */
-	gettext_noop("permission denied for function %s"),
-	/* ACL_KIND_OPER */
-	gettext_noop("permission denied for operator %s"),
-	/* ACL_KIND_TYPE */
-	gettext_noop("permission denied for type %s"),
-	/* ACL_KIND_LANGUAGE */
-	gettext_noop("permission denied for language %s"),
-	/* ACL_KIND_LARGEOBJECT */
-	gettext_noop("permission denied for large object %s"),
-	/* ACL_KIND_NAMESPACE */
-	gettext_noop("permission denied for schema %s"),
-	/* ACL_KIND_OPCLASS */
-	gettext_noop("permission denied for operator class %s"),
-	/* ACL_KIND_OPFAMILY */
-	gettext_noop("permission denied for operator family %s"),
-	/* ACL_KIND_COLLATION */
-	gettext_noop("permission denied for collation %s"),
-	/* ACL_KIND_CONVERSION */
-	gettext_noop("permission denied for conversion %s"),
-	/* ACL_KIND_STATISTICS */
-	gettext_noop("permission denied for statistics object %s"),
-	/* ACL_KIND_TABLESPACE */
-	gettext_noop("permission denied for tablespace %s"),
-	/* ACL_KIND_TSDICTIONARY */
-	gettext_noop("permission denied for text search dictionary %s"),
-	/* ACL_KIND_TSCONFIGURATION */
-	gettext_noop("permission denied for text search configuration %s"),
-	/* ACL_KIND_FDW */
-	gettext_noop("permission denied for foreign-data wrapper %s"),
-	/* ACL_KIND_FOREIGN_SERVER */
-	gettext_noop("permission denied for foreign server %s"),
-	/* ACL_KIND_EVENT_TRIGGER */
-	gettext_noop("permission denied for event trigger %s"),
-	/* ACL_KIND_EXTENSION */
-	gettext_noop("permission denied for extension %s"),
-	/* ACL_KIND_PUBLICATION */
-	gettext_noop("permission denied for publication %s"),
-	/* ACL_KIND_SUBSCRIPTION */
-	gettext_noop("permission denied for subscription %s"),
-};
-
-static const char *const not_owner_msg[MAX_ACL_KIND] =
-{
-	/* ACL_KIND_COLUMN */
-	gettext_noop("must be owner of relation %s"),
-	/* ACL_KIND_CLASS */
-	gettext_noop("must be owner of relation %s"),
-	/* ACL_KIND_SEQUENCE */
-	gettext_noop("must be owner of sequence %s"),
-	/* ACL_KIND_DATABASE */
-	gettext_noop("must be owner of database %s"),
-	/* ACL_KIND_PROC */
-	gettext_noop("must be owner of function %s"),
-	/* ACL_KIND_OPER */
-	gettext_noop("must be owner of operator %s"),
-	/* ACL_KIND_TYPE */
-	gettext_noop("must be owner of type %s"),
-	/* ACL_KIND_LANGUAGE */
-	gettext_noop("must be owner of language %s"),
-	/* ACL_KIND_LARGEOBJECT */
-	gettext_noop("must be owner of large object %s"),
-	/* ACL_KIND_NAMESPACE */
-	gettext_noop("must be owner of schema %s"),
-	/* ACL_KIND_OPCLASS */
-	gettext_noop("must be owner of operator class %s"),
-	/* ACL_KIND_OPFAMILY */
-	gettext_noop("must be owner of operator family %s"),
-	/* ACL_KIND_COLLATION */
-	gettext_noop("must be owner of collation %s"),
-	/* ACL_KIND_CONVERSION */
-	gettext_noop("must be owner of conversion %s"),
-	/* ACL_KIND_STATISTICS */
-	gettext_noop("must be owner of statistics object %s"),
-	/* ACL_KIND_TABLESPACE */
-	gettext_noop("must be owner of tablespace %s"),
-	/* ACL_KIND_TSDICTIONARY */
-	gettext_noop("must be owner of text search dictionary %s"),
-	/* ACL_KIND_TSCONFIGURATION */
-	gettext_noop("must be owner of text search configuration %s"),
-	/* ACL_KIND_FDW */
-	gettext_noop("must be owner of foreign-data wrapper %s"),
-	/* ACL_KIND_FOREIGN_SERVER */
-	gettext_noop("must be owner of foreign server %s"),
-	/* ACL_KIND_EVENT_TRIGGER */
-	gettext_noop("must be owner of event trigger %s"),
-	/* ACL_KIND_EXTENSION */
-	gettext_noop("must be owner of extension %s"),
-	/* ACL_KIND_PUBLICATION */
-	gettext_noop("must be owner of publication %s"),
-	/* ACL_KIND_SUBSCRIPTION */
-	gettext_noop("must be owner of subscription %s"),
-};
-
-
 void
-aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error(AclResult aclerr, ObjectType objtype,
 			   const char *objectname)
 {
 	switch (aclerr)
@@ -3463,15 +3357,275 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
 			/* no error, so return to caller */
 			break;
 		case ACLCHECK_NO_PRIV:
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(no_priv_msg[objectkind], objectname)));
-			break;
+			{
+				const char *msg;
+
+				switch (objtype)
+				{
+					case OBJECT_AGGREGATE:
+						msg = gettext_noop("permission denied for aggregate %s");
+						break;
+					case OBJECT_COLLATION:
+						msg = gettext_noop("permission denied for collation %s");
+						break;
+					case OBJECT_COLUMN:
+						msg = gettext_noop("permission denied for column %s");
+						break;
+					case OBJECT_CONVERSION:
+						msg = gettext_noop("permission denied for conversion %s");
+						break;
+					case OBJECT_DATABASE:
+						msg = gettext_noop("permission denied for database %s");
+						break;
+					case OBJECT_DOMAIN:
+						msg = gettext_noop("permission denied for domain %s");
+						break;
+					case OBJECT_EVENT_TRIGGER:
+						msg = gettext_noop("permission denied for event trigger %s");
+						break;
+					case OBJECT_EXTENSION:
+						msg = gettext_noop("permission denied for extension %s");
+						break;
+					case OBJECT_FDW:
+						msg = gettext_noop("permission denied for foreign-data wrapper %s");
+						break;
+					case OBJECT_FOREIGN_SERVER:
+						msg = gettext_noop("permission denied for foreign server %s");
+						break;
+					case OBJECT_FOREIGN_TABLE:
+						msg = gettext_noop("permission denied for foreign table %s");
+						break;
+					case OBJECT_FUNCTION:
+						msg = gettext_noop("permission denied for function %s");
+						break;
+					case OBJECT_INDEX:
+						msg = gettext_noop("permission denied for index %s");
+						break;
+					case OBJECT_LANGUAGE:
+						msg = gettext_noop("permission denied for language %s");
+						break;
+					case OBJECT_LARGEOBJECT:
+						msg = gettext_noop("permission denied for large object %s");
+						break;
+					case OBJECT_MATVIEW:
+						msg = gettext_noop("permission denied for materialized view %s");
+						break;
+					case OBJECT_OPCLASS:
+						msg = gettext_noop("permission denied for operator class %s");
+						break;
+					case OBJECT_OPERATOR:
+						msg = gettext_noop("permission denied for operator %s");
+						break;
+					case OBJECT_OPFAMILY:
+						msg = gettext_noop("permission denied for operator family %s");
+						break;
+					case OBJECT_POLICY:
+						msg = gettext_noop("permission denied for policy %s");
+						break;
+					case OBJECT_PROCEDURE:
+						msg = gettext_noop("permission denied for procedure %s");
+						break;
+					case OBJECT_PUBLICATION:
+						msg = gettext_noop("permission denied for publication %s");
+						break;
+					case OBJECT_RELATION:
+						msg = gettext_noop("permission denied for relation %s");
+						break;
+					case OBJECT_ROUTINE:
+						msg = gettext_noop("permission denied for routine %s");
+						break;
+					case OBJECT_SCHEMA:
+						msg = gettext_noop("permission denied for schema %s");
+						break;
+					case OBJECT_SEQUENCE:
+						msg = gettext_noop("permission denied for sequence %s");
+						break;
+					case OBJECT_STATISTIC_EXT:
+						msg = gettext_noop("permission denied for statistics object %s");
+						break;
+					case OBJECT_SUBSCRIPTION:
+						msg = gettext_noop("permission denied for subscription %s");
+						break;
+					case OBJECT_TABLE:
+						msg = gettext_noop("permission denied for table %s");
+						break;
+					case OBJECT_TABLESPACE:
+						msg = gettext_noop("permission denied for tablespace %s");
+						break;
+					case OBJECT_TSCONFIGURATION:
+						msg = gettext_noop("permission denied for text search configuration %s");
+						break;
+					case OBJECT_TSDICTIONARY:
+						msg = gettext_noop("permission denied for text search dictionary %s");
+						break;
+					case OBJECT_TYPE:
+						msg = gettext_noop("permission denied for type %s");
+						break;
+					case OBJECT_VIEW:
+						msg = gettext_noop("permission denied for view %s");
+						break;
+					/* these currently aren't used */
+					case OBJECT_ACCESS_METHOD:
+					case OBJECT_AMOP:
+					case OBJECT_AMPROC:
+					case OBJECT_ATTRIBUTE:
+					case OBJECT_CAST:
+					case OBJECT_DEFAULT:
+					case OBJECT_DEFACL:
+					case OBJECT_DOMCONSTRAINT:
+					case OBJECT_PUBLICATION_REL:
+					case OBJECT_ROLE:
+					case OBJECT_RULE:
+					case OBJECT_TABCONSTRAINT:
+					case OBJECT_TRANSFORM:
+					case OBJECT_TRIGGER:
+					case OBJECT_TSPARSER:
+					case OBJECT_TSTEMPLATE:
+					case OBJECT_USER_MAPPING:
+						elog(ERROR, "unsupported object type %d", objtype);
+						msg = "???";
+				}
+
+				ereport(ERROR,
+						(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+						 errmsg(msg, objectname)));
+				break;
+			}
 		case ACLCHECK_NOT_OWNER:
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(not_owner_msg[objectkind], objectname)));
-			break;
+			{
+				const char *msg;
+
+				switch (objtype)
+				{
+					case OBJECT_AGGREGATE:
+						msg = gettext_noop("must be owner of aggregate %s");
+						break;
+					case OBJECT_COLLATION:
+						msg = gettext_noop("must be owner of collation %s");
+						break;
+					case OBJECT_COLUMN:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_CONVERSION:
+						msg = gettext_noop("must be owner of conversion %s");
+						break;
+					case OBJECT_DATABASE:
+						msg = gettext_noop("must be owner of database %s");
+						break;
+					case OBJECT_DOMAIN:
+						msg = gettext_noop("must be owner of domain %s");
+						break;
+					case OBJECT_EVENT_TRIGGER:
+						msg = gettext_noop("must be owner of event trigger %s");
+						break;
+					case OBJECT_EXTENSION:
+						msg = gettext_noop("must be owner of extension %s");
+						break;
+					case OBJECT_FDW:
+						msg = gettext_noop("must be owner of foreign-data wrapper %s");
+						break;
+					case OBJECT_FOREIGN_SERVER:
+						msg = gettext_noop("must be owner of foreign server %s");
+						break;
+					case OBJECT_FOREIGN_TABLE:
+						msg = gettext_noop("must be owner of foreign table %s");
+						break;
+					case OBJECT_FUNCTION:
+						msg = gettext_noop("must be owner of function %s");
+						break;
+					case OBJECT_INDEX:
+						msg = gettext_noop("must be owner of index %s");
+						break;
+					case OBJECT_LANGUAGE:
+						msg = gettext_noop("must be owner of language %s");
+						break;
+					case OBJECT_LARGEOBJECT:
+						msg = gettext_noop("must be owner of large object %s");
+						break;
+					case OBJECT_MATVIEW:
+						msg = gettext_noop("must be owner of materialized view %s");
+						break;
+					case OBJECT_OPCLASS:
+						msg = gettext_noop("must be owner of operator class %s");
+						break;
+					case OBJECT_OPERATOR:
+						msg = gettext_noop("must be owner of operator %s");
+						break;
+					case OBJECT_OPFAMILY:
+						msg = gettext_noop("must be owner of operator family %s");
+						break;
+					case OBJECT_POLICY:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_PROCEDURE:
+						msg = gettext_noop("must be owner of procedure %s");
+						break;
+					case OBJECT_PUBLICATION:
+						msg = gettext_noop("must be owner of publication %s");
+						break;
+					case OBJECT_RELATION:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_ROUTINE:
+						msg = gettext_noop("must be owner of routine %s");
+						break;
+					case OBJECT_SEQUENCE:
+						msg = gettext_noop("must be owner of sequence %s");
+						break;
+					case OBJECT_SUBSCRIPTION:
+						msg = gettext_noop("must be owner of subscription %s");
+						break;
+					case OBJECT_TABLE:
+						msg = gettext_noop("must be owner of table %s");
+						break;
+					case OBJECT_TYPE:
+						msg = gettext_noop("must be owner of type %s");
+						break;
+					case OBJECT_VIEW:
+						msg = gettext_noop("must be owner of view %s");
+						break;
+					case OBJECT_SCHEMA:
+						msg = gettext_noop("must be owner of schema %s");
+						break;
+					case OBJECT_STATISTIC_EXT:
+						msg = gettext_noop("must be owner of statistics object %s");
+						break;
+					case OBJECT_TABLESPACE:
+						msg = gettext_noop("must be owner of tablespace %s");
+						break;
+					case OBJECT_TSCONFIGURATION:
+						msg = gettext_noop("must be owner of text search configuration %s");
+						break;
+					case OBJECT_TSDICTIONARY:
+						msg = gettext_noop("must be owner of text search dictionary %s");
+						break;
+					/* these currently aren't used */
+					case OBJECT_ACCESS_METHOD:
+					case OBJECT_AMOP:
+					case OBJECT_AMPROC:
+					case OBJECT_ATTRIBUTE:
+					case OBJECT_CAST:
+					case OBJECT_DEFAULT:
+					case OBJECT_DEFACL:
+					case OBJECT_DOMCONSTRAINT:
+					case OBJECT_PUBLICATION_REL:
+					case OBJECT_ROLE:
+					case OBJECT_RULE:
+					case OBJECT_TABCONSTRAINT:
+					case OBJECT_TRANSFORM:
+					case OBJECT_TRIGGER:
+					case OBJECT_TSPARSER:
+					case OBJECT_TSTEMPLATE:
+					case OBJECT_USER_MAPPING:
+						elog(ERROR, "unsupported object type %d", objtype);
+						msg = "???";
+				}
+
+				ereport(ERROR,
+						(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+						 errmsg(msg, objectname)));
+				break;
+			}
 		default:
 			elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
 			break;
@@ -3480,7 +3634,7 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
 
 
 void
-aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error_col(AclResult aclerr, ObjectType objtype,
 				   const char *objectname, const char *colname)
 {
 	switch (aclerr)
@@ -3496,9 +3650,7 @@ aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
 			break;
 		case ACLCHECK_NOT_OWNER:
 			/* relation msg is OK since columns don't have separate owners */
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(not_owner_msg[objectkind], objectname)));
+			aclcheck_error(aclerr, objtype, objectname);
 			break;
 		default:
 			elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
@@ -3516,7 +3668,7 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
 {
 	Oid			element_type = get_element_type(typeOid);
 
-	aclcheck_error(aclerr, ACL_KIND_TYPE, format_type_be(element_type ? element_type : typeOid));
+	aclcheck_error(aclerr, OBJECT_TYPE, format_type_be(element_type ? element_type : typeOid));
 }
 
 
@@ -3524,48 +3676,48 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
  * Relay for the various pg_*_mask routines depending on object kind
  */
 static AclMode
-pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum, Oid roleid,
+pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid,
 		   AclMode mask, AclMaskHow how)
 {
-	switch (objkind)
+	switch (objtype)
 	{
-		case ACL_KIND_COLUMN:
+		case OBJECT_COLUMN:
 			return
 				pg_class_aclmask(table_oid, roleid, mask, how) |
 				pg_attribute_aclmask(table_oid, attnum, roleid, mask, how);
-		case ACL_KIND_CLASS:
-		case ACL_KIND_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			return pg_class_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_DATABASE:
+		case OBJECT_DATABASE:
 			return pg_database_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_PROC:
+		case OBJECT_FUNCTION:
 			return pg_proc_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return pg_language_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return pg_largeobject_aclmask_snapshot(table_oid, roleid,
 												   mask, how, NULL);
-		case ACL_KIND_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return pg_namespace_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_STATISTICS:
+		case OBJECT_STATISTIC_EXT:
 			elog(ERROR, "grantable rights not supported for statistics objects");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return pg_tablespace_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_FDW:
+		case OBJECT_FDW:
 			return pg_foreign_data_wrapper_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return pg_foreign_server_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_EVENT_TRIGGER:
+		case OBJECT_EVENT_TRIGGER:
 			elog(ERROR, "grantable rights not supported for event triggers");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TYPE:
+		case OBJECT_TYPE:
 			return pg_type_aclmask(table_oid, roleid, mask, how);
 		default:
-			elog(ERROR, "unrecognized objkind: %d",
-				 (int) objkind);
+			elog(ERROR, "unrecognized objtype: %d",
+				 (int) objtype);
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
 	}
diff --git a/src/backend/catalog/namespace.c b/src/backend/catalog/namespace.c
index 0a2fb1b93a..89edaf1b7d 100644
--- a/src/backend/catalog/namespace.c
+++ b/src/backend/catalog/namespace.c
@@ -560,7 +560,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
 		/* Check namespace permissions. */
 		aclresult = pg_namespace_aclcheck(nspid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(nspid));
 
 		if (retry)
@@ -585,7 +585,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
 		if (lockmode != NoLock && OidIsValid(relid))
 		{
 			if (!pg_class_ownercheck(relid, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 							   relation->relname);
 			if (relid != oldrelid)
 				LockRelationOid(relid, lockmode);
@@ -2874,7 +2874,7 @@ LookupExplicitNamespace(const char *nspname, bool missing_ok)
 
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   nspname);
 	/* Schema search hook for this lookup */
 	InvokeNamespaceSearchHook(namespaceId, true);
@@ -2911,7 +2911,7 @@ LookupCreationNamespace(const char *nspname)
 
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   nspname);
 
 	return namespaceId;
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index 0df9c9eac1..5cf0b11d5e 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -104,7 +104,7 @@ typedef struct
 	AttrNumber	attnum_namespace;	/* attnum of namespace field */
 	AttrNumber	attnum_owner;	/* attnum of owner field */
 	AttrNumber	attnum_acl;		/* attnum of acl field */
-	AclObjectKind acl_kind;		/* ACL_KIND_* of this object type */
+	ObjectType	objtype;		/* OBJECT_* of this object type */
 	bool		is_nsp_name_unique; /* can the nsp/name combination (or name
 									 * alone, if there's no namespace) be
 									 * considered a unique identifier for an
@@ -146,7 +146,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_collation_collnamespace,
 		Anum_pg_collation_collowner,
 		InvalidAttrNumber,
-		ACL_KIND_COLLATION,
+		OBJECT_COLLATION,
 		true
 	},
 	{
@@ -170,7 +170,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_conversion_connamespace,
 		Anum_pg_conversion_conowner,
 		InvalidAttrNumber,
-		ACL_KIND_CONVERSION,
+		OBJECT_CONVERSION,
 		true
 	},
 	{
@@ -182,7 +182,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_database_datdba,
 		Anum_pg_database_datacl,
-		ACL_KIND_DATABASE,
+		OBJECT_DATABASE,
 		true
 	},
 	{
@@ -194,7 +194,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,		/* extension doesn't belong to extnamespace */
 		Anum_pg_extension_extowner,
 		InvalidAttrNumber,
-		ACL_KIND_EXTENSION,
+		OBJECT_EXTENSION,
 		true
 	},
 	{
@@ -206,7 +206,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_foreign_data_wrapper_fdwowner,
 		Anum_pg_foreign_data_wrapper_fdwacl,
-		ACL_KIND_FDW,
+		OBJECT_FDW,
 		true
 	},
 	{
@@ -218,7 +218,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_foreign_server_srvowner,
 		Anum_pg_foreign_server_srvacl,
-		ACL_KIND_FOREIGN_SERVER,
+		OBJECT_FOREIGN_SERVER,
 		true
 	},
 	{
@@ -230,7 +230,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_proc_pronamespace,
 		Anum_pg_proc_proowner,
 		Anum_pg_proc_proacl,
-		ACL_KIND_PROC,
+		OBJECT_FUNCTION,
 		false
 	},
 	{
@@ -242,7 +242,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_language_lanowner,
 		Anum_pg_language_lanacl,
-		ACL_KIND_LANGUAGE,
+		OBJECT_LANGUAGE,
 		true
 	},
 	{
@@ -254,7 +254,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_largeobject_metadata_lomowner,
 		Anum_pg_largeobject_metadata_lomacl,
-		ACL_KIND_LARGEOBJECT,
+		OBJECT_LARGEOBJECT,
 		false
 	},
 	{
@@ -266,7 +266,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_opclass_opcnamespace,
 		Anum_pg_opclass_opcowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPCLASS,
+		OBJECT_OPCLASS,
 		true
 	},
 	{
@@ -278,7 +278,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_operator_oprnamespace,
 		Anum_pg_operator_oprowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPER,
+		OBJECT_OPERATOR,
 		false
 	},
 	{
@@ -290,7 +290,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_opfamily_opfnamespace,
 		Anum_pg_opfamily_opfowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPFAMILY,
+		OBJECT_OPFAMILY,
 		true
 	},
 	{
@@ -326,7 +326,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_namespace_nspowner,
 		Anum_pg_namespace_nspacl,
-		ACL_KIND_NAMESPACE,
+		OBJECT_SCHEMA,
 		true
 	},
 	{
@@ -338,7 +338,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_class_relnamespace,
 		Anum_pg_class_relowner,
 		Anum_pg_class_relacl,
-		ACL_KIND_CLASS,
+		OBJECT_RELATION,
 		true
 	},
 	{
@@ -350,7 +350,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_tablespace_spcowner,
 		Anum_pg_tablespace_spcacl,
-		ACL_KIND_TABLESPACE,
+		OBJECT_TABLESPACE,
 		true
 	},
 	{
@@ -392,7 +392,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_event_trigger_evtowner,
 		InvalidAttrNumber,
-		ACL_KIND_EVENT_TRIGGER,
+		OBJECT_EVENT_TRIGGER,
 		true
 	},
 	{
@@ -404,7 +404,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_ts_config_cfgnamespace,
 		Anum_pg_ts_config_cfgowner,
 		InvalidAttrNumber,
-		ACL_KIND_TSCONFIGURATION,
+		OBJECT_TSCONFIGURATION,
 		true
 	},
 	{
@@ -416,7 +416,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_ts_dict_dictnamespace,
 		Anum_pg_ts_dict_dictowner,
 		InvalidAttrNumber,
-		ACL_KIND_TSDICTIONARY,
+		OBJECT_TSDICTIONARY,
 		true
 	},
 	{
@@ -452,7 +452,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_type_typnamespace,
 		Anum_pg_type_typowner,
 		Anum_pg_type_typacl,
-		ACL_KIND_TYPE,
+		OBJECT_TYPE,
 		true
 	},
 	{
@@ -464,7 +464,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_publication_pubowner,
 		InvalidAttrNumber,
-		ACL_KIND_PUBLICATION,
+		OBJECT_PUBLICATION,
 		true
 	},
 	{
@@ -476,7 +476,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_subscription_subowner,
 		InvalidAttrNumber,
-		ACL_KIND_SUBSCRIPTION,
+		OBJECT_SUBSCRIPTION,
 		true
 	},
 	{
@@ -488,7 +488,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_statistic_ext_stxnamespace,
 		Anum_pg_statistic_ext_stxowner,
 		InvalidAttrNumber,		/* no ACL (same as relation) */
-		ACL_KIND_STATISTICS,
+		OBJECT_STATISTIC_EXT,
 		true
 	}
 };
@@ -2242,12 +2242,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 		case OBJECT_POLICY:
 		case OBJECT_TABCONSTRAINT:
 			if (!pg_class_ownercheck(RelationGetRelid(relation), roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   RelationGetRelationName(relation));
 			break;
 		case OBJECT_DATABASE:
 			if (!pg_database_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TYPE:
@@ -2262,62 +2262,62 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 		case OBJECT_PROCEDURE:
 		case OBJECT_ROUTINE:
 			if (!pg_proc_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString((castNode(ObjectWithArgs, object))->objname));
 			break;
 		case OBJECT_OPERATOR:
 			if (!pg_oper_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString((castNode(ObjectWithArgs, object))->objname));
 			break;
 		case OBJECT_SCHEMA:
 			if (!pg_namespace_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_COLLATION:
 			if (!pg_collation_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_CONVERSION:
 			if (!pg_conversion_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_EXTENSION:
 			if (!pg_extension_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_FDW:
 			if (!pg_foreign_data_wrapper_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FDW,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_FOREIGN_SERVER:
 			if (!pg_foreign_server_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_EVENT_TRIGGER:
 			if (!pg_event_trigger_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_LANGUAGE:
 			if (!pg_language_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_OPCLASS:
 			if (!pg_opclass_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_OPFAMILY:
 			if (!pg_opfamily_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPFAMILY,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_LARGEOBJECT:
@@ -2347,12 +2347,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 			break;
 		case OBJECT_PUBLICATION:
 			if (!pg_publication_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_SUBSCRIPTION:
 			if (!pg_subscription_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TRANSFORM:
@@ -2366,17 +2366,17 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 			break;
 		case OBJECT_TABLESPACE:
 			if (!pg_tablespace_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TSDICTIONARY:
 			if (!pg_ts_dict_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_TSCONFIGURATION:
 			if (!pg_ts_config_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_ROLE:
@@ -2540,12 +2540,12 @@ get_object_attnum_acl(Oid class_id)
 	return prop->attnum_acl;
 }
 
-AclObjectKind
-get_object_aclkind(Oid class_id)
+ObjectType
+get_object_type(Oid class_id)
 {
 	const ObjectPropertyType *prop = get_object_property_data(class_id);
 
-	return prop->acl_kind;
+	return prop->objtype;
 }
 
 bool
diff --git a/src/backend/catalog/pg_aggregate.c b/src/backend/catalog/pg_aggregate.c
index ca3fd819b4..603ef8aecf 100644
--- a/src/backend/catalog/pg_aggregate.c
+++ b/src/backend/catalog/pg_aggregate.c
@@ -865,7 +865,7 @@ lookup_agg_function(List *fnName,
 	/* Check aggregate creator has permission to call the function */
 	aclresult = pg_proc_aclcheck(fnOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fnOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(fnOid));
 
 	return fnOid;
 }
diff --git a/src/backend/catalog/pg_operator.c b/src/backend/catalog/pg_operator.c
index 61093dc473..75582df4aa 100644
--- a/src/backend/catalog/pg_operator.c
+++ b/src/backend/catalog/pg_operator.c
@@ -425,7 +425,7 @@ OperatorCreate(const char *operatorName,
 	 */
 	if (OidIsValid(operatorObjectId) &&
 		!pg_oper_ownercheck(operatorObjectId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 					   operatorName);
 
 	/*
@@ -445,7 +445,7 @@ OperatorCreate(const char *operatorName,
 		/* Permission check: must own other operator */
 		if (OidIsValid(commutatorId) &&
 			!pg_oper_ownercheck(commutatorId, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 						   NameListToString(commutatorName));
 
 		/*
@@ -470,7 +470,7 @@ OperatorCreate(const char *operatorName,
 		/* Permission check: must own other operator */
 		if (OidIsValid(negatorId) &&
 			!pg_oper_ownercheck(negatorId, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 						   NameListToString(negatorName));
 	}
 	else
@@ -618,7 +618,7 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
 	aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(),
 									  ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(otherNamespace));
 
 	other_oid = OperatorShellMake(otherName,
diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c
index 2f3912b0e7..a2db360dc1 100644
--- a/src/backend/catalog/pg_proc.c
+++ b/src/backend/catalog/pg_proc.c
@@ -400,7 +400,7 @@ ProcedureCreate(const char *procedureName,
 					 errmsg("function \"%s\" already exists with same argument types",
 							procedureName)));
 		if (!pg_proc_ownercheck(HeapTupleGetOid(oldtup), proowner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 						   procedureName);
 
 		/*
diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c
index e1c6a3602d..ef56642575 100644
--- a/src/backend/catalog/pg_type.c
+++ b/src/backend/catalog/pg_type.c
@@ -413,7 +413,7 @@ TypeCreate(Oid newTypeOid,
 		 * shell type must have been created by same owner
 		 */
 		if (((Form_pg_type) GETSTRUCT(tup))->typowner != ownerId)
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, typeName);
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TYPE, typeName);
 
 		/* trouble if caller wanted to force the OID */
 		if (OidIsValid(newTypeOid))
diff --git a/src/backend/commands/aggregatecmds.c b/src/backend/commands/aggregatecmds.c
index 2e2ee883e2..051dc6621c 100644
--- a/src/backend/commands/aggregatecmds.c
+++ b/src/backend/commands/aggregatecmds.c
@@ -103,7 +103,7 @@ DefineAggregate(ParseState *pstate, List *name, List *args, bool oldstyle, List
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(aggNamespace));
 
 	/* Deconstruct the output of the aggr_args grammar production */
diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c
index 21e3f1efe1..fa9d47296a 100644
--- a/src/backend/commands/alter.c
+++ b/src/backend/commands/alter.c
@@ -171,7 +171,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	AclObjectKind acl_kind = get_object_aclkind(classId);
+	ObjectType	objtype = get_object_type(classId);
 	HeapTuple	oldtup;
 	HeapTuple	newtup;
 	Datum		datum;
@@ -223,7 +223,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 		ownerId = DatumGetObjectId(datum);
 
 		if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId)))
-			aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, old_name);
+			aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name);
 
 		/* User must have CREATE privilege on the namespace */
 		if (OidIsValid(namespaceId))
@@ -231,7 +231,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 			aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 											  ACL_CREATE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+				aclcheck_error(aclresult, OBJECT_SCHEMA,
 							   get_namespace_name(namespaceId));
 		}
 	}
@@ -663,7 +663,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	AclObjectKind acl_kind = get_object_aclkind(classId);
+	ObjectType	objtype = get_object_type(classId);
 	Oid			oldNspOid;
 	Datum		name,
 				namespace;
@@ -719,13 +719,13 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
 		ownerId = DatumGetObjectId(owner);
 
 		if (!has_privs_of_role(GetUserId(), ownerId))
-			aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind,
+			aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 						   NameStr(*(DatumGetName(name))));
 
 		/* User must have CREATE privilege on new namespace */
 		aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(nspOid));
 	}
 
@@ -942,7 +942,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 		/* Superusers can bypass permission checks */
 		if (!superuser())
 		{
-			AclObjectKind aclkind = get_object_aclkind(classId);
+			ObjectType objtype = get_object_type(classId);
 
 			/* must be owner */
 			if (!has_privs_of_role(GetUserId(), old_ownerId))
@@ -963,7 +963,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 							 HeapTupleGetOid(oldtup));
 					objname = namebuf;
 				}
-				aclcheck_error(ACLCHECK_NOT_OWNER, aclkind, objname);
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname);
 			}
 			/* Must be able to become new owner */
 			check_is_member_of_role(GetUserId(), new_ownerId);
@@ -976,7 +976,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 				aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId,
 												  ACL_CREATE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					aclcheck_error(aclresult, OBJECT_SCHEMA,
 								   get_namespace_name(namespaceId));
 			}
 		}
diff --git a/src/backend/commands/collationcmds.c b/src/backend/commands/collationcmds.c
index 9437731276..09a3beca8f 100644
--- a/src/backend/commands/collationcmds.c
+++ b/src/backend/commands/collationcmds.c
@@ -74,7 +74,7 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e
 
 	aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(collNamespace));
 
 	foreach(pl, parameters)
@@ -278,7 +278,7 @@ AlterCollation(AlterCollationStmt *stmt)
 	collOid = get_collation_oid(stmt->collname, false);
 
 	if (!pg_collation_ownercheck(collOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_COLLATION,
 					   NameListToString(stmt->collname));
 
 	tup = SearchSysCacheCopy1(COLLOID, ObjectIdGetDatum(collOid));
diff --git a/src/backend/commands/conversioncmds.c b/src/backend/commands/conversioncmds.c
index 9861d3df22..6a8bcd39a9 100644
--- a/src/backend/commands/conversioncmds.c
+++ b/src/backend/commands/conversioncmds.c
@@ -55,7 +55,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceId));
 
 	/* Check the encoding names */
@@ -90,7 +90,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
 	/* Check we have EXECUTE rights for the function */
 	aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(func_name));
 
 	/*
diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c
index eb1a4695c0..b06374d451 100644
--- a/src/backend/commands/dbcommands.c
+++ b/src/backend/commands/dbcommands.c
@@ -422,7 +422,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
 		aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   tablespacename);
 
 		/* pg_global must never be the default tablespace */
@@ -822,7 +822,7 @@ dropdb(const char *dbname, bool missing_ok)
 	 * Permission checks
 	 */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   dbname);
 
 	/* DROP hook for the database being removed */
@@ -997,7 +997,7 @@ RenameDatabase(const char *oldname, const char *newname)
 
 	/* must be owner */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   oldname);
 
 	/* must have createdb rights */
@@ -1112,7 +1112,7 @@ movedb(const char *dbname, const char *tblspcname)
 	 * Permission checks
 	 */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   dbname);
 
 	/*
@@ -1134,7 +1134,7 @@ movedb(const char *dbname, const char *tblspcname)
 	aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(),
 									   ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+		aclcheck_error(aclresult, OBJECT_TABLESPACE,
 					   tblspcname);
 
 	/*
@@ -1515,7 +1515,7 @@ AlterDatabase(ParseState *pstate, AlterDatabaseStmt *stmt, bool isTopLevel)
 	dboid = HeapTupleGetOid(tuple);
 
 	if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   stmt->dbname);
 
 	/*
@@ -1583,7 +1583,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
 	shdepLockAndCheckObject(DatabaseRelationId, datid);
 
 	if (!pg_database_ownercheck(datid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   stmt->dbname);
 
 	AlterSetting(datid, InvalidOid, stmt->setstmt);
@@ -1646,7 +1646,7 @@ AlterDatabaseOwner(const char *dbname, Oid newOwnerId)
 
 		/* Otherwise, must be owner of the existing object */
 		if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 						   dbname);
 
 		/* Must be able to become new owner */
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index 61ba310412..7a11096e50 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -519,7 +519,7 @@ AlterEventTrigger(AlterEventTrigStmt *stmt)
 	trigoid = HeapTupleGetOid(tup);
 
 	if (!pg_event_trigger_ownercheck(trigoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
 					   stmt->trigname);
 
 	/* tuple is a copy, so we can modify it below */
@@ -610,7 +610,7 @@ AlterEventTriggerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		return;
 
 	if (!pg_event_trigger_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
 					   NameStr(form->evtname));
 
 	/* New owner must be a superuser */
diff --git a/src/backend/commands/extension.c b/src/backend/commands/extension.c
index 9f77d25352..cd3b47d55f 100644
--- a/src/backend/commands/extension.c
+++ b/src/backend/commands/extension.c
@@ -2704,13 +2704,13 @@ AlterExtensionNamespace(const char *extensionName, const char *newschema, Oid *o
 	 * check ownership of the individual member objects ...
 	 */
 	if (!pg_extension_ownercheck(extensionOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   extensionName);
 
 	/* Permission check: must have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE, newschema);
+		aclcheck_error(aclresult, OBJECT_SCHEMA, newschema);
 
 	/*
 	 * If the schema is currently a member of the extension, disallow moving
@@ -2924,7 +2924,7 @@ ExecAlterExtensionStmt(ParseState *pstate, AlterExtensionStmt *stmt)
 
 	/* Permission check: must own extension */
 	if (!pg_extension_ownercheck(extensionOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   stmt->extname);
 
 	/*
@@ -3182,7 +3182,7 @@ ExecAlterExtensionContentsStmt(AlterExtensionContentsStmt *stmt,
 
 	/* Permission check: must own extension */
 	if (!pg_extension_ownercheck(extension.objectId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   stmt->extname);
 
 	/*
diff --git a/src/backend/commands/foreigncmds.c b/src/backend/commands/foreigncmds.c
index 9ad991507f..dcd9098230 100644
--- a/src/backend/commands/foreigncmds.c
+++ b/src/backend/commands/foreigncmds.c
@@ -358,7 +358,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 
 			/* Must be owner */
 			if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 							   NameStr(form->srvname));
 
 			/* Must be able to become new owner */
@@ -370,7 +370,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 			{
 				ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw);
 
-				aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+				aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
 			}
 		}
 
@@ -907,7 +907,7 @@ CreateForeignServer(CreateForeignServerStmt *stmt)
 
 	aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+		aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
 
 	/*
 	 * Insert tuple into pg_foreign_server.
@@ -1010,7 +1010,7 @@ AlterForeignServer(AlterForeignServerStmt *stmt)
 	 * Only owner or a superuser can ALTER a SERVER.
 	 */
 	if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 					   stmt->servername);
 
 	memset(repl_val, 0, sizeof(repl_val));
@@ -1119,10 +1119,10 @@ user_mapping_ddl_aclcheck(Oid umuserid, Oid serverid, const char *servername)
 
 			aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, servername);
+				aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername);
 		}
 		else
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 						   servername);
 	}
 }
@@ -1477,7 +1477,7 @@ CreateForeignTable(CreateForeignTableStmt *stmt, Oid relid)
 	server = GetForeignServerByName(stmt->servername, false);
 	aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+		aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
 
 	fdw = GetForeignDataWrapper(server->fdwid);
 
@@ -1536,7 +1536,7 @@ ImportForeignSchema(ImportForeignSchemaStmt *stmt)
 	server = GetForeignServerByName(stmt->server_name, false);
 	aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+		aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
 
 	/* Check that the schema exists and we have CREATE permissions on it */
 	(void) LookupCreationNamespace(stmt->local_schema);
diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c
index 2a9c90133d..8f73606f4d 100644
--- a/src/backend/commands/functioncmds.c
+++ b/src/backend/commands/functioncmds.c
@@ -146,7 +146,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
 		aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 										  ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(namespaceId));
 		address = TypeShellMake(typname, namespaceId, GetUserId());
 		rettype = address.objectId;
@@ -953,7 +953,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceId));
 
 	/* default attributes */
@@ -995,14 +995,14 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
 
 		aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+			aclcheck_error(aclresult, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 	else
 	{
 		/* if untrusted language, must be superuser */
 		if (!superuser())
-			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 
@@ -1254,7 +1254,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt)
 
 	/* Permission check: must own function */
 	if (!pg_proc_ownercheck(funcOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype,
 					   NameListToString(stmt->func->objname));
 
 	if (procForm->proisagg)
@@ -1911,7 +1911,7 @@ CreateTransform(CreateTransformStmt *stmt)
 
 	aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_LANGUAGE, stmt->lang);
+		aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang);
 
 	/*
 	 * Get the functions
@@ -1921,11 +1921,11 @@ CreateTransform(CreateTransformStmt *stmt)
 		fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false);
 
 		if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
 
 		aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+			aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
 
 		tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(fromsqlfuncid));
 		if (!HeapTupleIsValid(tuple))
@@ -1947,11 +1947,11 @@ CreateTransform(CreateTransformStmt *stmt)
 		tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false);
 
 		if (!pg_proc_ownercheck(tosqlfuncid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
 
 		aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+			aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
 
 		tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(tosqlfuncid));
 		if (!HeapTupleIsValid(tuple))
@@ -2209,14 +2209,14 @@ ExecuteDoStmt(DoStmt *stmt)
 		aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(),
 										 ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+			aclcheck_error(aclresult, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 	else
 	{
 		/* if untrusted language, must be superuser */
 		if (!superuser())
-			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 
@@ -2270,7 +2270,7 @@ ExecuteCallStmt(ParseState *pstate, CallStmt *stmt)
 
 	aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fexpr->funcid));
+		aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid));
 	InvokeFunctionExecuteHook(fexpr->funcid);
 
 	nargs = list_length(fexpr->args);
diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c
index 97091dd9fb..31992512e5 100644
--- a/src/backend/commands/indexcmds.c
+++ b/src/backend/commands/indexcmds.c
@@ -431,7 +431,7 @@ DefineIndex(Oid relationId,
 		aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 										  ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(namespaceId));
 	}
 
@@ -458,7 +458,7 @@ DefineIndex(Oid relationId,
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tablespaceId));
 	}
 
@@ -1836,7 +1836,7 @@ RangeVarCallbackForReindexIndex(const RangeVar *relation,
 
 	/* Check permissions */
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, relation->relname);
 
 	/* Lock heap before index to avoid deadlock. */
 	if (relId != oldRelId)
@@ -1915,7 +1915,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
 		objectOid = get_namespace_oid(objectName, false);
 
 		if (!pg_namespace_ownercheck(objectOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 						   objectName);
 	}
 	else
@@ -1927,7 +1927,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
 					(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
 					 errmsg("can only reindex the currently open database")));
 		if (!pg_database_ownercheck(objectOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 						   objectName);
 	}
 
diff --git a/src/backend/commands/lockcmds.c b/src/backend/commands/lockcmds.c
index 9fe9e022b0..fba81dba19 100644
--- a/src/backend/commands/lockcmds.c
+++ b/src/backend/commands/lockcmds.c
@@ -96,7 +96,7 @@ RangeVarCallbackForLockTable(const RangeVar *rv, Oid relid, Oid oldrelid,
 	/* Check permissions. */
 	aclresult = LockTableAclCheck(relid, lockmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(aclresult, OBJECT_RELATION, rv->relname);
 }
 
 /*
@@ -127,7 +127,7 @@ LockTableRecurse(Oid reloid, LOCKMODE lockmode, bool nowait)
 
 			if (!relname)
 				continue;		/* child concurrently dropped, just skip it */
-			aclcheck_error(aclresult, ACL_KIND_CLASS, relname);
+			aclcheck_error(aclresult, OBJECT_RELATION, relname);
 		}
 
 		/* We have enough rights to lock the relation; do so. */
diff --git a/src/backend/commands/opclasscmds.c b/src/backend/commands/opclasscmds.c
index 35c7c67bf5..0fb5345b6c 100644
--- a/src/backend/commands/opclasscmds.c
+++ b/src/backend/commands/opclasscmds.c
@@ -353,7 +353,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/* Get necessary info about access method */
@@ -497,11 +497,11 @@ DefineOpClass(CreateOpClassStmt *stmt)
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own operator and its underlying function */
 				if (!pg_oper_ownercheck(operOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 								   get_opname(operOid));
 				funcOid = get_opcode(operOid);
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -525,7 +525,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own function */
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -730,7 +730,7 @@ DefineOpFamily(CreateOpFamilyStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/* Get access method OID, throwing an error if it doesn't exist. */
@@ -871,11 +871,11 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own operator and its underlying function */
 				if (!pg_oper_ownercheck(operOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 								   get_opname(operOid));
 				funcOid = get_opcode(operOid);
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -899,7 +899,7 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own function */
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
diff --git a/src/backend/commands/operatorcmds.c b/src/backend/commands/operatorcmds.c
index 6674b41eec..7b52fa9f50 100644
--- a/src/backend/commands/operatorcmds.c
+++ b/src/backend/commands/operatorcmds.c
@@ -95,7 +95,7 @@ DefineOperator(List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(oprNamespace));
 
 	/*
@@ -215,7 +215,7 @@ DefineOperator(List *names, List *parameters)
 	 */
 	aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(functionName));
 
 	rettype = get_func_rettype(functionOid);
@@ -281,7 +281,7 @@ ValidateRestrictionEstimator(List *restrictionName)
 	/* Require EXECUTE rights for the estimator */
 	aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(restrictionName));
 
 	return restrictionOid;
@@ -327,7 +327,7 @@ ValidateJoinEstimator(List *joinName)
 	/* Require EXECUTE rights for the estimator */
 	aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(joinName));
 
 	return joinOid;
@@ -457,7 +457,7 @@ AlterOperator(AlterOperatorStmt *stmt)
 
 	/* Check permissions. Must be owner. */
 	if (!pg_oper_ownercheck(oprId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 					   NameStr(oprForm->oprname));
 
 	/*
diff --git a/src/backend/commands/policy.c b/src/backend/commands/policy.c
index 9ced4ee34c..b57c1b8f05 100644
--- a/src/backend/commands/policy.c
+++ b/src/backend/commands/policy.c
@@ -78,7 +78,7 @@ RangeVarCallbackForPolicy(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
diff --git a/src/backend/commands/proclang.c b/src/backend/commands/proclang.c
index 1a239fabea..487502f389 100644
--- a/src/backend/commands/proclang.c
+++ b/src/backend/commands/proclang.c
@@ -97,7 +97,7 @@ CreateProceduralLanguage(CreatePLangStmt *stmt)
 						 errmsg("must be superuser to create procedural language \"%s\"",
 								stmt->plname)));
 			if (!pg_database_ownercheck(MyDatabaseId, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 							   get_database_name(MyDatabaseId));
 		}
 
@@ -366,7 +366,7 @@ create_proc_lang(const char *languageName, bool replace,
 					(errcode(ERRCODE_DUPLICATE_OBJECT),
 					 errmsg("language \"%s\" already exists", languageName)));
 		if (!pg_language_ownercheck(HeapTupleGetOid(oldtup), languageOwner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_LANGUAGE,
 						   languageName);
 
 		/*
diff --git a/src/backend/commands/publicationcmds.c b/src/backend/commands/publicationcmds.c
index f298d3d381..55b25ebe23 100644
--- a/src/backend/commands/publicationcmds.c
+++ b/src/backend/commands/publicationcmds.c
@@ -150,7 +150,7 @@ CreatePublication(CreatePublicationStmt *stmt)
 	/* must have CREATE privilege on database */
 	aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	/* FOR ALL TABLES requires superuser */
@@ -403,7 +403,7 @@ AlterPublication(AlterPublicationStmt *stmt)
 
 	/* must be owner */
 	if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
 					   stmt->pubname);
 
 	if (stmt->options)
@@ -582,7 +582,7 @@ PublicationAddTables(Oid pubid, List *rels, bool if_not_exists,
 
 		/* Must be owner of the table or superuser. */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		obj = publication_add_relation(pubid, rel, if_not_exists);
@@ -649,7 +649,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 
 		/* Must be owner */
 		if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
 						   NameStr(form->pubname));
 
 		/* Must be able to become new owner */
@@ -658,7 +658,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		/* New owner must have CREATE privilege on database */
 		aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_DATABASE,
+			aclcheck_error(aclresult, OBJECT_DATABASE,
 						   get_database_name(MyDatabaseId));
 
 		if (form->puballtables && !superuser_arg(newOwnerId))
diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c
index f9ea73f923..23b04665b8 100644
--- a/src/backend/commands/schemacmds.c
+++ b/src/backend/commands/schemacmds.c
@@ -94,7 +94,7 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
 	 */
 	aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	check_is_member_of_role(saved_uid, owner_uid);
@@ -265,13 +265,13 @@ RenameSchema(const char *oldname, const char *newname)
 
 	/* must be owner */
 	if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 					   oldname);
 
 	/* must have CREATE privilege on database */
 	aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	if (!allowSystemTableMods && IsReservedName(newname))
@@ -373,7 +373,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
 
 		/* Otherwise, must be owner of the existing object */
 		if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 						   NameStr(nspForm->nspname));
 
 		/* Must be able to become new owner */
@@ -391,7 +391,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
 		aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(),
 										 ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_DATABASE,
+			aclcheck_error(aclresult, OBJECT_DATABASE,
 						   get_database_name(MyDatabaseId));
 
 		memset(repl_null, false, sizeof(repl_null));
diff --git a/src/backend/commands/statscmds.c b/src/backend/commands/statscmds.c
index c70a28de4b..e75631bb97 100644
--- a/src/backend/commands/statscmds.c
+++ b/src/backend/commands/statscmds.c
@@ -141,7 +141,7 @@ CreateStatistics(CreateStatsStmt *stmt)
 
 		/* You must own the relation to create stats on it */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 	}
 
diff --git a/src/backend/commands/subscriptioncmds.c b/src/backend/commands/subscriptioncmds.c
index 086a6ef85e..eb18f83ef1 100644
--- a/src/backend/commands/subscriptioncmds.c
+++ b/src/backend/commands/subscriptioncmds.c
@@ -637,7 +637,7 @@ AlterSubscription(AlterSubscriptionStmt *stmt)
 
 	/* must be owner */
 	if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   stmt->subname);
 
 	subid = HeapTupleGetOid(tup);
@@ -856,7 +856,7 @@ DropSubscription(DropSubscriptionStmt *stmt, bool isTopLevel)
 
 	/* must be owner */
 	if (!pg_subscription_ownercheck(subid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   stmt->subname);
 
 	/* DROP hook for the subscription being removed */
@@ -1024,7 +1024,7 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		return;
 
 	if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   NameStr(form->subname));
 
 	/* New owner must be a superuser */
diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c
index d979ce266d..134b670c3c 100644
--- a/src/backend/commands/tablecmds.c
+++ b/src/backend/commands/tablecmds.c
@@ -589,7 +589,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tablespaceId));
 	}
 
@@ -1193,7 +1193,7 @@ RangeVarCallbackForDropRelation(const RangeVar *rel, Oid relOid, Oid oldRelOid,
 	/* Allow DROP to either table owner or schema owner */
 	if (!pg_class_ownercheck(relOid, GetUserId()) &&
 		!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   rel->relname);
 
 	if (!allowSystemTableMods && IsSystemClass(relOid, classform))
@@ -1375,7 +1375,7 @@ ExecuteTruncate(TruncateStmt *stmt)
 
 				/* This check must match AlterSequence! */
 				if (!pg_class_ownercheck(seq_relid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SEQUENCE,
 								   RelationGetRelationName(seq_rel));
 
 				seq_relids = lappend_oid(seq_relids, seq_relid);
@@ -1563,7 +1563,7 @@ truncate_check_rel(Relation rel)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_TRUNCATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -1849,7 +1849,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence,
 		 * demand that creator of a child table own the parent.
 		 */
 		if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(relation));
 
 		/*
@@ -2552,7 +2552,7 @@ renameatt_check(Oid myrelid, Form_pg_class classform, bool recursing)
 	 * permissions checking.  only the owner of a class can change its schema.
 	 */
 	if (!pg_class_ownercheck(myrelid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   NameStr(classform->relname));
 	if (!allowSystemTableMods && IsSystemClass(myrelid, classform))
 		ereport(ERROR,
@@ -4770,7 +4770,7 @@ ATSimplePermissions(Relation rel, int allowed_targets)
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -6213,7 +6213,7 @@ ATPrepSetStatistics(Relation rel, const char *colName, int16 colNum, Node *newVa
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 }
 
@@ -8197,7 +8197,7 @@ checkFkeyPermissions(Relation rel, int16 *attnums, int natts)
 		aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i],
 										  roleid, ACL_REFERENCES);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 	}
 }
@@ -10105,7 +10105,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
 
 				/* Otherwise, must be owner of the existing object */
 				if (!pg_class_ownercheck(relationOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 								   RelationGetRelationName(target_rel));
 
 				/* Must be able to become new owner */
@@ -10115,7 +10115,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
 				aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId,
 												  ACL_CREATE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					aclcheck_error(aclresult, OBJECT_SCHEMA,
 								   get_namespace_name(namespaceOid));
 			}
 		}
@@ -10410,7 +10410,7 @@ ATPrepSetTableSpace(AlteredTableInfo *tab, Relation rel, const char *tablespacen
 
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE, tablespacename);
+			aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename);
 	}
 
 	/* Save info for Phase 3 to do the real work */
@@ -10844,7 +10844,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
 		aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(new_tablespaceoid));
 	}
 
@@ -10915,7 +10915,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
 		 * Caller must be considered an owner on the table to move it.
 		 */
 		if (!pg_class_ownercheck(relOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   NameStr(relForm->relname));
 
 		if (stmt->nowait &&
@@ -13160,7 +13160,7 @@ RangeVarCallbackOwnsTable(const RangeVar *relation,
 
 	/* Check permissions */
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, relation->relname);
 }
 
 /*
@@ -13182,7 +13182,7 @@ RangeVarCallbackOwnsRelation(const RangeVar *relation,
 		elog(ERROR, "cache lookup failed for relation %u", relId);
 
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   relation->relname);
 
 	if (!allowSystemTableMods &&
@@ -13218,7 +13218,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
@@ -13238,7 +13238,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
 		aclresult = pg_namespace_aclcheck(classform->relnamespace,
 										  GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(classform->relnamespace));
 		reltype = ((RenameStmt *) stmt)->renameType;
 	}
diff --git a/src/backend/commands/tablespace.c b/src/backend/commands/tablespace.c
index d574e4dd00..24e07c7f08 100644
--- a/src/backend/commands/tablespace.c
+++ b/src/backend/commands/tablespace.c
@@ -444,13 +444,13 @@ DropTableSpace(DropTableSpaceStmt *stmt)
 
 	/* Must be tablespace owner */
 	if (!pg_tablespace_ownercheck(tablespaceoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
 					   tablespacename);
 
 	/* Disallow drop of the standard tablespaces, even by superuser */
 	if (tablespaceoid == GLOBALTABLESPACE_OID ||
 		tablespaceoid == DEFAULTTABLESPACE_OID)
-		aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE,
 					   tablespacename);
 
 	/* DROP hook for the tablespace being removed */
@@ -941,7 +941,7 @@ RenameTableSpace(const char *oldname, const char *newname)
 
 	/* Must be owner */
 	if (!pg_tablespace_ownercheck(HeapTupleGetOid(newtuple), GetUserId()))
-		aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, oldname);
+		aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, oldname);
 
 	/* Validate new name */
 	if (!allowSystemTableMods && IsReservedName(newname))
@@ -1017,7 +1017,7 @@ AlterTableSpaceOptions(AlterTableSpaceOptionsStmt *stmt)
 
 	/* Must be owner of the existing object */
 	if (!pg_tablespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
 					   stmt->tablespacename);
 
 	/* Generate new proposed spcoptions (text array) */
@@ -1232,7 +1232,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source)
 			if (aclresult != ACLCHECK_OK)
 			{
 				if (source >= PGC_S_INTERACTIVE)
-					aclcheck_error(aclresult, ACL_KIND_TABLESPACE, curname);
+					aclcheck_error(aclresult, OBJECT_TABLESPACE, curname);
 				continue;
 			}
 
diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c
index 92ae3822d8..b1a1e4c65d 100644
--- a/src/backend/commands/trigger.c
+++ b/src/backend/commands/trigger.c
@@ -284,7 +284,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 		aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 									  ACL_TRIGGER);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		if (OidIsValid(constrrelid))
@@ -292,7 +292,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 			aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
 										  ACL_TRIGGER);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_CLASS,
+				aclcheck_error(aclresult, OBJECT_RELATION,
 							   get_rel_name(constrrelid));
 		}
 	}
@@ -592,7 +592,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 	{
 		aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   NameListToString(stmt->funcname));
 	}
 	funcrettype = get_func_rettype(funcoid);
@@ -1422,7 +1422,7 @@ RangeVarCallbackForRenameTrigger(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its triggers */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 	if (!allowSystemTableMods && IsSystemClass(relid, form))
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
diff --git a/src/backend/commands/tsearchcmds.c b/src/backend/commands/tsearchcmds.c
index adc7cd67a7..777677fbd3 100644
--- a/src/backend/commands/tsearchcmds.c
+++ b/src/backend/commands/tsearchcmds.c
@@ -428,7 +428,7 @@ DefineTSDictionary(List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/*
@@ -549,7 +549,7 @@ AlterTSDictionary(AlterTSDictionaryStmt *stmt)
 
 	/* must be owner */
 	if (!pg_ts_dict_ownercheck(dictId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSDICTIONARY,
 					   NameListToString(stmt->dictname));
 
 	/* deserialize the existing set of options */
@@ -980,7 +980,7 @@ DefineTSConfiguration(List *names, List *parameters, ObjectAddress *copied)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/*
@@ -1189,7 +1189,7 @@ AlterTSConfiguration(AlterTSConfigurationStmt *stmt)
 
 	/* must be owner */
 	if (!pg_ts_config_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSCONFIGURATION,
 					   NameListToString(stmt->cfgname));
 
 	relMap = heap_open(TSConfigMapRelationId, RowExclusiveLock);
diff --git a/src/backend/commands/typecmds.c b/src/backend/commands/typecmds.c
index f86af4c054..ec1ee20261 100644
--- a/src/backend/commands/typecmds.c
+++ b/src/backend/commands/typecmds.c
@@ -190,7 +190,7 @@ DefineType(ParseState *pstate, List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(typeNamespace));
 #endif
 
@@ -526,25 +526,25 @@ DefineType(ParseState *pstate, List *names, List *parameters)
 #ifdef NOT_USED
 	/* XXX this is unnecessary given the superuser check above */
 	if (inputOid && !pg_proc_ownercheck(inputOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(inputName));
 	if (outputOid && !pg_proc_ownercheck(outputOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(outputName));
 	if (receiveOid && !pg_proc_ownercheck(receiveOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(receiveName));
 	if (sendOid && !pg_proc_ownercheck(sendOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(sendName));
 	if (typmodinOid && !pg_proc_ownercheck(typmodinOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(typmodinName));
 	if (typmodoutOid && !pg_proc_ownercheck(typmodoutOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(typmodoutName));
 	if (analyzeOid && !pg_proc_ownercheck(analyzeOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(analyzeName));
 #endif
 
@@ -772,7 +772,7 @@ DefineDomain(CreateDomainStmt *stmt)
 	aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
 									  ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(domainNamespace));
 
 	/*
@@ -1171,7 +1171,7 @@ DefineEnum(CreateEnumStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(enumNamespace));
 
 	/*
@@ -1398,7 +1398,7 @@ DefineRange(CreateRangeStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(typeNamespace));
 
 	/*
@@ -2042,7 +2042,7 @@ findRangeCanonicalFunction(List *procname, Oid typeOid)
 	/* Also, range type's creator must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
 
 	return procOid;
 }
@@ -2085,7 +2085,7 @@ findRangeSubtypeDiffFunction(List *procname, Oid subtype)
 	/* Also, range type's creator must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
 
 	return procOid;
 }
@@ -3380,7 +3380,7 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype)
 											  newOwnerId,
 											  ACL_CREATE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+				aclcheck_error(aclresult, OBJECT_SCHEMA,
 							   get_namespace_name(typTup->typnamespace));
 		}
 
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c
index f2941352d7..e4700cfd23 100644
--- a/src/backend/commands/user.c
+++ b/src/backend/commands/user.c
@@ -939,7 +939,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
 			 * ALTER DATABASE ... SET, so use the same permission check.
 			 */
 			if (!pg_database_ownercheck(databaseid, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 							   stmt->database);
 		}
 	}
diff --git a/src/backend/executor/execExpr.c b/src/backend/executor/execExpr.c
index e0839616e1..a877501394 100644
--- a/src/backend/executor/execExpr.c
+++ b/src/backend/executor/execExpr.c
@@ -883,7 +883,7 @@ ExecInitExprRec(Expr *node, PlanState *parent, ExprState *state,
 											 GetUserId(),
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(opexpr->opfuncid));
 				InvokeFunctionExecuteHook(opexpr->opfuncid);
 
@@ -2086,7 +2086,7 @@ ExecInitFunc(ExprEvalStep *scratch, Expr *node, List *args, Oid funcid,
 	/* Check permission to call function */
 	aclresult = pg_proc_aclcheck(funcid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(funcid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(funcid));
 	InvokeFunctionExecuteHook(funcid);
 
 	/*
diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c
index dbaa47f2d3..2ce7bbc596 100644
--- a/src/backend/executor/execMain.c
+++ b/src/backend/executor/execMain.c
@@ -579,7 +579,7 @@ ExecCheckRTPerms(List *rangeTable, bool ereport_on_violation)
 		{
 			Assert(rte->rtekind == RTE_RELATION);
 			if (ereport_on_violation)
-				aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_RELATION,
 							   get_rel_name(rte->relid));
 			return false;
 		}
diff --git a/src/backend/executor/execSRF.c b/src/backend/executor/execSRF.c
index c24d8b9ead..164f65e738 100644
--- a/src/backend/executor/execSRF.c
+++ b/src/backend/executor/execSRF.c
@@ -682,7 +682,7 @@ init_sexpr(Oid foid, Oid input_collation, Expr *node,
 	/* Check permission to call function */
 	aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(foid));
 	InvokeFunctionExecuteHook(foid);
 
 	/*
diff --git a/src/backend/executor/nodeAgg.c b/src/backend/executor/nodeAgg.c
index da6ef1a94c..97c874f5cd 100644
--- a/src/backend/executor/nodeAgg.c
+++ b/src/backend/executor/nodeAgg.c
@@ -3179,7 +3179,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 		aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(),
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_AGGREGATE,
 						   get_func_name(aggref->aggfnoid));
 		InvokeFunctionExecuteHook(aggref->aggfnoid);
 
@@ -3269,7 +3269,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 			aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(transfn_oid));
 			InvokeFunctionExecuteHook(transfn_oid);
 			if (OidIsValid(finalfn_oid))
@@ -3277,7 +3277,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(finalfn_oid));
 				InvokeFunctionExecuteHook(finalfn_oid);
 			}
@@ -3286,7 +3286,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(serialfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(serialfn_oid));
 				InvokeFunctionExecuteHook(serialfn_oid);
 			}
@@ -3295,7 +3295,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(deserialfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(deserialfn_oid));
 				InvokeFunctionExecuteHook(deserialfn_oid);
 			}
diff --git a/src/backend/executor/nodeWindowAgg.c b/src/backend/executor/nodeWindowAgg.c
index 02868749f6..71c935a472 100644
--- a/src/backend/executor/nodeWindowAgg.c
+++ b/src/backend/executor/nodeWindowAgg.c
@@ -1928,7 +1928,7 @@ ExecInitWindowAgg(WindowAgg *node, EState *estate, int eflags)
 		aclresult = pg_proc_aclcheck(wfunc->winfnoid, GetUserId(),
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   get_func_name(wfunc->winfnoid));
 		InvokeFunctionExecuteHook(wfunc->winfnoid);
 
@@ -2189,7 +2189,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 		aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   get_func_name(transfn_oid));
 		InvokeFunctionExecuteHook(transfn_oid);
 
@@ -2198,7 +2198,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 			aclresult = pg_proc_aclcheck(invtransfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(invtransfn_oid));
 			InvokeFunctionExecuteHook(invtransfn_oid);
 		}
@@ -2208,7 +2208,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 			aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(finalfn_oid));
 			InvokeFunctionExecuteHook(finalfn_oid);
 		}
diff --git a/src/backend/parser/parse_utilcmd.c b/src/backend/parser/parse_utilcmd.c
index f67379f8ed..5633676da6 100644
--- a/src/backend/parser/parse_utilcmd.c
+++ b/src/backend/parser/parse_utilcmd.c
@@ -954,7 +954,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
 		aclresult = pg_type_aclcheck(relation->rd_rel->reltype, GetUserId(),
 									 ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TYPE,
+			aclcheck_error(aclresult, OBJECT_TYPE,
 						   RelationGetRelationName(relation));
 	}
 	else
@@ -962,7 +962,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
 		aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(),
 									  ACL_SELECT);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(relation));
 	}
 
diff --git a/src/backend/rewrite/rewriteDefine.c b/src/backend/rewrite/rewriteDefine.c
index 247809927a..27857f056a 100644
--- a/src/backend/rewrite/rewriteDefine.c
+++ b/src/backend/rewrite/rewriteDefine.c
@@ -276,7 +276,7 @@ DefineQueryRewrite(const char *rulename,
 	 * Check user has permission to apply rules to this relation.
 	 */
 	if (!pg_class_ownercheck(event_relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(event_relation));
 
 	/*
@@ -864,7 +864,7 @@ EnableDisableRule(Relation rel, const char *rulename,
 	eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(ruletup))->ev_class;
 	Assert(eventRelationOid == owningRel);
 	if (!pg_class_ownercheck(eventRelationOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   get_rel_name(eventRelationOid));
 
 	/*
@@ -927,7 +927,7 @@ RangeVarCallbackForRenameRule(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its rules */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	ReleaseSysCache(tuple);
 }
diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c
index a434f7f857..17fffb2bd7 100644
--- a/src/backend/tcop/fastpath.c
+++ b/src/backend/tcop/fastpath.c
@@ -315,13 +315,13 @@ HandleFunctionRequest(StringInfo msgBuf)
 	 */
 	aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(fip->namespace));
 	InvokeNamespaceSearchHook(fip->namespace, true);
 
 	aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   get_func_name(fid));
 	InvokeFunctionExecuteHook(fid);
 
diff --git a/src/backend/utils/adt/dbsize.c b/src/backend/utils/adt/dbsize.c
index 58c0b01bdc..8e72e0654f 100644
--- a/src/backend/utils/adt/dbsize.c
+++ b/src/backend/utils/adt/dbsize.c
@@ -97,7 +97,7 @@ calculate_database_size(Oid dbOid)
 	if (aclresult != ACLCHECK_OK &&
 		!is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
 	{
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(dbOid));
 	}
 
@@ -183,7 +183,7 @@ calculate_tablespace_size(Oid tblspcOid)
 	{
 		aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tblspcOid));
 	}
 
diff --git a/src/backend/utils/adt/tid.c b/src/backend/utils/adt/tid.c
index 854097dd58..95aa43fb48 100644
--- a/src/backend/utils/adt/tid.c
+++ b/src/backend/utils/adt/tid.c
@@ -343,7 +343,7 @@ currtid_byreloid(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
@@ -377,7 +377,7 @@ currtid_byrelname(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
diff --git a/src/backend/utils/fmgr/fmgr.c b/src/backend/utils/fmgr/fmgr.c
index 975c968e3b..69874a8923 100644
--- a/src/backend/utils/fmgr/fmgr.c
+++ b/src/backend/utils/fmgr/fmgr.c
@@ -2124,7 +2124,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
 	aclresult = pg_language_aclcheck(procStruct->prolang, GetUserId(),
 									 ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+		aclcheck_error(aclresult, OBJECT_LANGUAGE,
 					   NameStr(langStruct->lanname));
 
 	/*
@@ -2134,7 +2134,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
 	 */
 	aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, NameStr(procStruct->proname));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, NameStr(procStruct->proname));
 
 	ReleaseSysCache(procTup);
 	ReleaseSysCache(langTup);
diff --git a/src/include/catalog/objectaddress.h b/src/include/catalog/objectaddress.h
index 5fc54d0e57..b32ff14359 100644
--- a/src/include/catalog/objectaddress.h
+++ b/src/include/catalog/objectaddress.h
@@ -62,7 +62,7 @@ extern AttrNumber get_object_attnum_name(Oid class_id);
 extern AttrNumber get_object_attnum_namespace(Oid class_id);
 extern AttrNumber get_object_attnum_owner(Oid class_id);
 extern AttrNumber get_object_attnum_acl(Oid class_id);
-extern AclObjectKind get_object_aclkind(Oid class_id);
+extern ObjectType get_object_type(Oid class_id);
 extern bool get_object_namensp_unique(Oid class_id);
 
 extern HeapTuple get_catalog_object_by_oid(Relation catalog,
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
index a8a6f35dde..fab87fecfa 100644
--- a/src/include/utils/acl.h
+++ b/src/include/utils/acl.h
@@ -182,37 +182,6 @@ typedef enum
 	ACLCHECK_NOT_OWNER
 } AclResult;
 
-/* this enum covers all object types that can have privilege errors */
-/* currently it's only used to tell aclcheck_error what to say */
-typedef enum AclObjectKind
-{
-	ACL_KIND_COLUMN,			/* pg_attribute */
-	ACL_KIND_CLASS,				/* pg_class */
-	ACL_KIND_SEQUENCE,			/* pg_sequence */
-	ACL_KIND_DATABASE,			/* pg_database */
-	ACL_KIND_PROC,				/* pg_proc */
-	ACL_KIND_OPER,				/* pg_operator */
-	ACL_KIND_TYPE,				/* pg_type */
-	ACL_KIND_LANGUAGE,			/* pg_language */
-	ACL_KIND_LARGEOBJECT,		/* pg_largeobject */
-	ACL_KIND_NAMESPACE,			/* pg_namespace */
-	ACL_KIND_OPCLASS,			/* pg_opclass */
-	ACL_KIND_OPFAMILY,			/* pg_opfamily */
-	ACL_KIND_COLLATION,			/* pg_collation */
-	ACL_KIND_CONVERSION,		/* pg_conversion */
-	ACL_KIND_STATISTICS,		/* pg_statistic_ext */
-	ACL_KIND_TABLESPACE,		/* pg_tablespace */
-	ACL_KIND_TSDICTIONARY,		/* pg_ts_dict */
-	ACL_KIND_TSCONFIGURATION,	/* pg_ts_config */
-	ACL_KIND_FDW,				/* pg_foreign_data_wrapper */
-	ACL_KIND_FOREIGN_SERVER,	/* pg_foreign_server */
-	ACL_KIND_EVENT_TRIGGER,		/* pg_event_trigger */
-	ACL_KIND_EXTENSION,			/* pg_extension */
-	ACL_KIND_PUBLICATION,		/* pg_publication */
-	ACL_KIND_SUBSCRIPTION,		/* pg_subscription */
-	MAX_ACL_KIND				/* MUST BE LAST */
-} AclObjectKind;
-
 
 /*
  * routines used internally
@@ -301,10 +270,10 @@ extern AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMo
 extern AclResult pg_foreign_server_aclcheck(Oid srv_oid, Oid roleid, AclMode mode);
 extern AclResult pg_type_aclcheck(Oid type_oid, Oid roleid, AclMode mode);
 
-extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error(AclResult aclerr, ObjectType objtype,
 			   const char *objectname);
 
-extern void aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error_col(AclResult aclerr, ObjectType objtype,
 				   const char *objectname, const char *colname);
 
 extern void aclcheck_error_type(AclResult aclerr, Oid typeOid);
diff --git a/src/pl/tcl/pltcl.c b/src/pl/tcl/pltcl.c
index e0792d93e1..690a81aa83 100644
--- a/src/pl/tcl/pltcl.c
+++ b/src/pl/tcl/pltcl.c
@@ -618,7 +618,7 @@ call_pltcl_start_proc(Oid prolang, bool pltrusted)
 	/* Current user must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, start_proc);
+		aclcheck_error(aclresult, OBJECT_FUNCTION, start_proc);
 
 	/* Get the function's pg_proc entry */
 	procTup = SearchSysCache1(PROCOID, ObjectIdGetDatum(procOid));
diff --git a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
index 77bdc9345d..b2d898a7d1 100644
--- a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
+++ b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
@@ -30,14 +30,14 @@ SECURITY LABEL FOR 'dummy' ON TABLE dummy_seclabel_tbl1 IS 'unclassified';	-- OK
 SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified';	-- fail
 ERROR:  security label provider "unknown_seclabel" is not loaded
 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified';	-- fail (not owner)
-ERROR:  must be owner of relation dummy_seclabel_tbl2
+ERROR:  must be owner of table dummy_seclabel_tbl2
 SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret';		-- fail (not superuser)
 ERROR:  only superuser can set 'secret' label
 SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified';	-- fail (not found)
 ERROR:  relation "dummy_seclabel_tbl3" does not exist
 SET SESSION AUTHORIZATION regress_dummy_seclabel_user2;
 SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified';		-- fail
-ERROR:  must be owner of relation dummy_seclabel_tbl1
+ERROR:  must be owner of table dummy_seclabel_tbl1
 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified';			-- OK
 --
 -- Test for shared database object
diff --git a/src/test/regress/expected/create_procedure.out b/src/test/regress/expected/create_procedure.out
index 5538ef2f2b..9a5be38a76 100644
--- a/src/test/regress/expected/create_procedure.out
+++ b/src/test/regress/expected/create_procedure.out
@@ -73,7 +73,7 @@ GRANT INSERT ON cp_test TO regress_user1;
 REVOKE EXECUTE ON PROCEDURE ptest1(text) FROM PUBLIC;
 SET ROLE regress_user1;
 CALL ptest1('a');  -- error
-ERROR:  permission denied for function ptest1
+ERROR:  permission denied for procedure ptest1
 RESET ROLE;
 GRANT EXECUTE ON PROCEDURE ptest1(text) TO regress_user1;
 SET ROLE regress_user1;
diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out
index e6994f0490..87e9211f6a 100644
--- a/src/test/regress/expected/privileges.out
+++ b/src/test/regress/expected/privileges.out
@@ -694,9 +694,9 @@ SET SESSION AUTHORIZATION regress_user3;
 SELECT testfunc1(5); -- fail
 ERROR:  permission denied for function testfunc1
 SELECT testagg1(x) FROM (VALUES (1), (2), (3)) _(x); -- fail
-ERROR:  permission denied for function testagg1
+ERROR:  permission denied for aggregate testagg1
 CALL testproc1(6); -- fail
-ERROR:  permission denied for function testproc1
+ERROR:  permission denied for procedure testproc1
 SELECT col1 FROM atest2 WHERE col2 = true; -- fail
 ERROR:  permission denied for relation atest2
 SELECT testfunc4(true); -- ok
@@ -722,9 +722,9 @@ CALL testproc1(6); -- ok
 DROP FUNCTION testfunc1(int); -- fail
 ERROR:  must be owner of function testfunc1
 DROP AGGREGATE testagg1(int); -- fail
-ERROR:  must be owner of function testagg1
+ERROR:  must be owner of aggregate testagg1
 DROP PROCEDURE testproc1(int); -- fail
-ERROR:  must be owner of function testproc1
+ERROR:  must be owner of procedure testproc1
 \c -
 DROP FUNCTION testfunc1(int); -- ok
 -- restore to sanity
-- 
2.15.1

From 9ff42bc49718a2bb03f985aff52f32c629d91c03 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Wed, 11 Oct 2017 18:35:19 -0400
Subject: [PATCH v3 1/2] Replace GrantObjectType with ObjectType

There used to be a lot of different *Type and *Kind symbol groups to
address objects within different commands, most of which have been
replaced by ObjectType, starting with
b256f2426433c56b4bea3a8102757749885b81ba.  But this conversion was never
done for the ACL commands until now.

This change ends up being just a plain replacement of the types and
symbols, without any code restructuring needed, except deleting some now
redundant code.
---
 src/backend/catalog/aclchk.c         | 242 +++++++++++++++++------------------
 src/backend/catalog/heap.c           |   4 +-
 src/backend/catalog/objectaddress.c  |   1 +
 src/backend/catalog/pg_namespace.c   |   2 +-
 src/backend/catalog/pg_proc.c        |   2 +-
 src/backend/catalog/pg_type.c        |   2 +-
 src/backend/commands/event_trigger.c | 186 ++++++++++++++++-----------
 src/backend/parser/gram.y            |  54 ++++----
 src/backend/tcop/utility.c           |   2 +-
 src/backend/utils/adt/acl.c          |  58 ++++-----
 src/include/commands/event_trigger.h |   1 -
 src/include/nodes/parsenodes.h       |  22 +---
 src/include/tcop/deparse_utility.h   |   2 +-
 src/include/utils/acl.h              |   6 +-
 src/include/utils/aclchk_internal.h  |   4 +-
 15 files changed, 305 insertions(+), 283 deletions(-)

diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index e481cf3d11..06c2086295 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -86,7 +86,7 @@ typedef struct
 	Oid			nspid;			/* namespace, or InvalidOid if none */
 	/* remaining fields are same as in InternalGrant: */
 	bool		is_grant;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	bool		all_privs;
 	AclMode		privileges;
 	List	   *grantees;
@@ -116,8 +116,8 @@ static void ExecGrant_Type(InternalGrant *grantStmt);
 static void SetDefaultACLsInSchemas(InternalDefaultACL *iacls, List *nspnames);
 static void SetDefaultACL(InternalDefaultACL *iacls);
 
-static List *objectNamesToOids(GrantObjectType objtype, List *objnames);
-static List *objectsInSchemaToOids(GrantObjectType objtype, List *nspnames);
+static List *objectNamesToOids(ObjectType objtype, List *objnames);
+static List *objectsInSchemaToOids(ObjectType objtype, List *nspnames);
 static List *getRelationsInNamespace(Oid namespaceId, char relkind);
 static void expand_col_privileges(List *colnames, Oid table_oid,
 					  AclMode this_privileges,
@@ -266,7 +266,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 			whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
 		case ACL_KIND_NAMESPACE:
-			whole_mask = ACL_ALL_RIGHTS_NAMESPACE;
+			whole_mask = ACL_ALL_RIGHTS_SCHEMA;
 			break;
 		case ACL_KIND_TABLESPACE:
 			whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
@@ -441,68 +441,68 @@ ExecuteGrantStmt(GrantStmt *stmt)
 
 	/*
 	 * Convert stmt->privileges, a list of AccessPriv nodes, into an AclMode
-	 * bitmask.  Note: objtype can't be ACL_OBJECT_COLUMN.
+	 * bitmask.  Note: objtype can't be OBJECT_COLUMN.
 	 */
 	switch (stmt->objtype)
 	{
+		case OBJECT_RELATION:
 			/*
 			 * Because this might be a sequence, we test both relation and
 			 * sequence bits, and later do a more limited test when we know
 			 * the object type.
 			 */
-		case ACL_OBJECT_RELATION:
 			all_privileges = ACL_ALL_RIGHTS_RELATION | ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for sequence");
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			all_privileges = ACL_ALL_RIGHTS_DATABASE;
 			errormsg = gettext_noop("invalid privilege type %s for database");
 			break;
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for domain");
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for function");
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			all_privileges = ACL_ALL_RIGHTS_LANGUAGE;
 			errormsg = gettext_noop("invalid privilege type %s for language");
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			all_privileges = ACL_ALL_RIGHTS_LARGEOBJECT;
 			errormsg = gettext_noop("invalid privilege type %s for large object");
 			break;
-		case ACL_OBJECT_NAMESPACE:
-			all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		case OBJECT_SCHEMA:
+			all_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			errormsg = gettext_noop("invalid privilege type %s for schema");
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for procedure");
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for routine");
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			all_privileges = ACL_ALL_RIGHTS_TABLESPACE;
 			errormsg = gettext_noop("invalid privilege type %s for tablespace");
 			break;
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for type");
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			all_privileges = ACL_ALL_RIGHTS_FDW;
 			errormsg = gettext_noop("invalid privilege type %s for foreign-data wrapper");
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			all_privileges = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			errormsg = gettext_noop("invalid privilege type %s for foreign server");
 			break;
@@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
 			 */
 			if (privnode->cols)
 			{
-				if (stmt->objtype != ACL_OBJECT_RELATION)
+				if (stmt->objtype != OBJECT_RELATION)
 					ereport(ERROR,
 							(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 							 errmsg("column privileges are only valid for relations")));
@@ -574,38 +574,38 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 {
 	switch (istmt->objtype)
 	{
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			ExecGrant_Relation(istmt);
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			ExecGrant_Database(istmt);
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			ExecGrant_Type(istmt);
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			ExecGrant_Fdw(istmt);
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			ExecGrant_ForeignServer(istmt);
 			break;
-		case ACL_OBJECT_FUNCTION:
-		case ACL_OBJECT_PROCEDURE:
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_FUNCTION:
+		case OBJECT_PROCEDURE:
+		case OBJECT_ROUTINE:
 			ExecGrant_Function(istmt);
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			ExecGrant_Language(istmt);
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			ExecGrant_Largeobject(istmt);
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			ExecGrant_Namespace(istmt);
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			ExecGrant_Tablespace(istmt);
 			break;
 		default:
@@ -619,7 +619,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 	 * the functions a chance to adjust the istmt with privileges actually
 	 * granted.
 	 */
-	if (EventTriggerSupportsGrantObjectType(istmt->objtype))
+	if (EventTriggerSupportsObjectType(istmt->objtype))
 		EventTriggerCollectGrant(istmt);
 }
 
@@ -634,7 +634,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
  * to fail.
  */
 static List *
-objectNamesToOids(GrantObjectType objtype, List *objnames)
+objectNamesToOids(ObjectType objtype, List *objnames)
 {
 	List	   *objects = NIL;
 	ListCell   *cell;
@@ -643,8 +643,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 
 	switch (objtype)
 	{
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			foreach(cell, objnames)
 			{
 				RangeVar   *relvar = (RangeVar *) lfirst(cell);
@@ -654,7 +654,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, relOid);
 			}
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			foreach(cell, objnames)
 			{
 				char	   *dbname = strVal(lfirst(cell));
@@ -664,8 +664,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, dbid);
 			}
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			foreach(cell, objnames)
 			{
 				List	   *typname = (List *) lfirst(cell);
@@ -675,7 +675,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -685,7 +685,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, funcid);
 			}
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			foreach(cell, objnames)
 			{
 				char	   *langname = strVal(lfirst(cell));
@@ -695,7 +695,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			foreach(cell, objnames)
 			{
 				Oid			lobjOid = oidparse(lfirst(cell));
@@ -709,7 +709,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, lobjOid);
 			}
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			foreach(cell, objnames)
 			{
 				char	   *nspname = strVal(lfirst(cell));
@@ -719,7 +719,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -729,7 +729,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, procid);
 			}
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -739,7 +739,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, routid);
 			}
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			foreach(cell, objnames)
 			{
 				char	   *spcname = strVal(lfirst(cell));
@@ -749,7 +749,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, spcoid);
 			}
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			foreach(cell, objnames)
 			{
 				char	   *fdwname = strVal(lfirst(cell));
@@ -758,7 +758,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, fdwid);
 			}
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			foreach(cell, objnames)
 			{
 				char	   *srvname = strVal(lfirst(cell));
@@ -783,7 +783,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
  * no privilege checking on the individual objects here.
  */
 static List *
-objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
+objectsInSchemaToOids(ObjectType objtype, List *nspnames)
 {
 	List	   *objects = NIL;
 	ListCell   *cell;
@@ -798,7 +798,7 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 
 		switch (objtype)
 		{
-			case ACL_OBJECT_RELATION:
+			case OBJECT_RELATION:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION);
 				objects = list_concat(objects, objs);
 				objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW);
@@ -810,13 +810,13 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 				objs = getRelationsInNamespace(namespaceId, RELKIND_PARTITIONED_TABLE);
 				objects = list_concat(objects, objs);
 				break;
-			case ACL_OBJECT_SEQUENCE:
+			case OBJECT_SEQUENCE:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_SEQUENCE);
 				objects = list_concat(objects, objs);
 				break;
-			case ACL_OBJECT_FUNCTION:
-			case ACL_OBJECT_PROCEDURE:
-			case ACL_OBJECT_ROUTINE:
+			case OBJECT_FUNCTION:
+			case OBJECT_PROCEDURE:
+			case OBJECT_ROUTINE:
 				{
 					ScanKeyData key[2];
 					int			keycount;
@@ -835,12 +835,12 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 					 * When looking for procedures, check for return type ==0.
 					 * When looking for routines, don't check the return type.
 					 */
-					if (objtype == ACL_OBJECT_FUNCTION)
+					if (objtype == OBJECT_FUNCTION)
 						ScanKeyInit(&key[keycount++],
 									Anum_pg_proc_prorettype,
 									BTEqualStrategyNumber, F_OIDNE,
 									InvalidOid);
-					else if (objtype == ACL_OBJECT_PROCEDURE)
+					else if (objtype == OBJECT_PROCEDURE)
 						ScanKeyInit(&key[keycount++],
 									Anum_pg_proc_prorettype,
 									BTEqualStrategyNumber, F_OIDEQ,
@@ -993,32 +993,32 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s
 	 */
 	switch (action->objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			all_privileges = ACL_ALL_RIGHTS_RELATION;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for sequence");
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for function");
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for procedure");
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for routine");
 			break;
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for type");
 			break;
-		case ACL_OBJECT_NAMESPACE:
-			all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		case OBJECT_SCHEMA:
+			all_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			errormsg = gettext_noop("invalid privilege type %s for schema");
 			break;
 		default:
@@ -1184,38 +1184,38 @@ SetDefaultACL(InternalDefaultACL *iacls)
 	 */
 	switch (iacls->objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			objtype = DEFACLOBJ_RELATION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_RELATION;
 			break;
 
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			objtype = DEFACLOBJ_SEQUENCE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
 
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			objtype = DEFACLOBJ_FUNCTION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			break;
 
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			objtype = DEFACLOBJ_TYPE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_TYPE;
 			break;
 
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			if (OidIsValid(iacls->nspid))
 				ereport(ERROR,
 						(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 						 errmsg("cannot use IN SCHEMA clause when using GRANT/REVOKE ON SCHEMAS")));
 			objtype = DEFACLOBJ_NAMESPACE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
-				this_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+				this_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			break;
 
 		default:
@@ -1430,19 +1430,19 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		switch (pg_default_acl_tuple->defaclobjtype)
 		{
 			case DEFACLOBJ_RELATION:
-				iacls.objtype = ACL_OBJECT_RELATION;
+				iacls.objtype = OBJECT_RELATION;
 				break;
 			case DEFACLOBJ_SEQUENCE:
-				iacls.objtype = ACL_OBJECT_SEQUENCE;
+				iacls.objtype = OBJECT_SEQUENCE;
 				break;
 			case DEFACLOBJ_FUNCTION:
-				iacls.objtype = ACL_OBJECT_FUNCTION;
+				iacls.objtype = OBJECT_FUNCTION;
 				break;
 			case DEFACLOBJ_TYPE:
-				iacls.objtype = ACL_OBJECT_TYPE;
+				iacls.objtype = OBJECT_TYPE;
 				break;
 			case DEFACLOBJ_NAMESPACE:
-				iacls.objtype = ACL_OBJECT_NAMESPACE;
+				iacls.objtype = OBJECT_SCHEMA;
 				break;
 			default:
 				/* Shouldn't get here */
@@ -1472,34 +1472,34 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		{
 			case RelationRelationId:
 				/* it's OK to use RELATION for a sequence */
-				istmt.objtype = ACL_OBJECT_RELATION;
+				istmt.objtype = OBJECT_RELATION;
 				break;
 			case DatabaseRelationId:
-				istmt.objtype = ACL_OBJECT_DATABASE;
+				istmt.objtype = OBJECT_DATABASE;
 				break;
 			case TypeRelationId:
-				istmt.objtype = ACL_OBJECT_TYPE;
+				istmt.objtype = OBJECT_TYPE;
 				break;
 			case ProcedureRelationId:
-				istmt.objtype = ACL_OBJECT_ROUTINE;
+				istmt.objtype = OBJECT_ROUTINE;
 				break;
 			case LanguageRelationId:
-				istmt.objtype = ACL_OBJECT_LANGUAGE;
+				istmt.objtype = OBJECT_LANGUAGE;
 				break;
 			case LargeObjectRelationId:
-				istmt.objtype = ACL_OBJECT_LARGEOBJECT;
+				istmt.objtype = OBJECT_LARGEOBJECT;
 				break;
 			case NamespaceRelationId:
-				istmt.objtype = ACL_OBJECT_NAMESPACE;
+				istmt.objtype = OBJECT_SCHEMA;
 				break;
 			case TableSpaceRelationId:
-				istmt.objtype = ACL_OBJECT_TABLESPACE;
+				istmt.objtype = OBJECT_TABLESPACE;
 				break;
 			case ForeignServerRelationId:
-				istmt.objtype = ACL_OBJECT_FOREIGN_SERVER;
+				istmt.objtype = OBJECT_FOREIGN_SERVER;
 				break;
 			case ForeignDataWrapperRelationId:
-				istmt.objtype = ACL_OBJECT_FDW;
+				istmt.objtype = OBJECT_FDW;
 				break;
 			default:
 				elog(ERROR, "unexpected object class %u", classid);
@@ -1682,7 +1682,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
 							   &isNull);
 	if (isNull)
 	{
-		old_acl = acldefault(ACL_OBJECT_COLUMN, ownerId);
+		old_acl = acldefault(OBJECT_COLUMN, ownerId);
 		/* There are no old member roles according to the catalogs */
 		noldmembers = 0;
 		oldmembers = NULL;
@@ -1838,7 +1838,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 							NameStr(pg_class_tuple->relname))));
 
 		/* Used GRANT SEQUENCE on a non-sequence? */
-		if (istmt->objtype == ACL_OBJECT_SEQUENCE &&
+		if (istmt->objtype == OBJECT_SEQUENCE &&
 			pg_class_tuple->relkind != RELKIND_SEQUENCE)
 			ereport(ERROR,
 					(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@@ -1862,7 +1862,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 		 * permissions.  The OR of table and sequence permissions were already
 		 * checked.
 		 */
-		if (istmt->objtype == ACL_OBJECT_RELATION)
+		if (istmt->objtype == OBJECT_RELATION)
 		{
 			if (pg_class_tuple->relkind == RELKIND_SEQUENCE)
 			{
@@ -1941,10 +1941,10 @@ ExecGrant_Relation(InternalGrant *istmt)
 			switch (pg_class_tuple->relkind)
 			{
 				case RELKIND_SEQUENCE:
-					old_acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
+					old_acl = acldefault(OBJECT_SEQUENCE, ownerId);
 					break;
 				default:
-					old_acl = acldefault(ACL_OBJECT_RELATION, ownerId);
+					old_acl = acldefault(OBJECT_RELATION, ownerId);
 					break;
 			}
 			/* There are no old member roles according to the catalogs */
@@ -2169,7 +2169,7 @@ ExecGrant_Database(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
+			old_acl = acldefault(OBJECT_DATABASE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2291,7 +2291,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FDW, ownerId);
+			old_acl = acldefault(OBJECT_FDW, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2417,7 +2417,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
+			old_acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2541,7 +2541,7 @@ ExecGrant_Function(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
+			old_acl = acldefault(OBJECT_FUNCTION, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2672,7 +2672,7 @@ ExecGrant_Language(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
+			old_acl = acldefault(OBJECT_LANGUAGE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2810,7 +2810,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
+			old_acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2894,7 +2894,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 	ListCell   *cell;
 
 	if (istmt->all_privs && istmt->privileges == ACL_NO_RIGHTS)
-		istmt->privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		istmt->privileges = ACL_ALL_RIGHTS_SCHEMA;
 
 	relation = heap_open(NamespaceRelationId, RowExclusiveLock);
 
@@ -2936,7 +2936,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
+			old_acl = acldefault(OBJECT_SCHEMA, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -3060,7 +3060,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
+			old_acl = acldefault(OBJECT_TABLESPACE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -3178,7 +3178,7 @@ ExecGrant_Type(InternalGrant *istmt)
 					 errhint("Set the privileges of the element type instead.")));
 
 		/* Used GRANT DOMAIN on a non-domain? */
-		if (istmt->objtype == ACL_OBJECT_DOMAIN &&
+		if (istmt->objtype == OBJECT_DOMAIN &&
 			pg_type_tuple->typtype != TYPTYPE_DOMAIN)
 			ereport(ERROR,
 					(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@@ -3744,10 +3744,10 @@ pg_class_aclmask(Oid table_oid, Oid roleid,
 		switch (classForm->relkind)
 		{
 			case RELKIND_SEQUENCE:
-				acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
+				acl = acldefault(OBJECT_SEQUENCE, ownerId);
 				break;
 			default:
-				acl = acldefault(ACL_OBJECT_RELATION, ownerId);
+				acl = acldefault(OBJECT_RELATION, ownerId);
 				break;
 		}
 		aclDatum = (Datum) 0;
@@ -3803,7 +3803,7 @@ pg_database_aclmask(Oid db_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
+		acl = acldefault(OBJECT_DATABASE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3857,7 +3857,7 @@ pg_proc_aclmask(Oid proc_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
+		acl = acldefault(OBJECT_FUNCTION, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3911,7 +3911,7 @@ pg_language_aclmask(Oid lang_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
+		acl = acldefault(OBJECT_LANGUAGE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3991,7 +3991,7 @@ pg_largeobject_aclmask_snapshot(Oid lobj_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
+		acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4054,7 +4054,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
 	{
 		if (pg_database_aclcheck(MyDatabaseId, roleid,
 								 ACL_CREATE_TEMP) == ACLCHECK_OK)
-			return mask & ACL_ALL_RIGHTS_NAMESPACE;
+			return mask & ACL_ALL_RIGHTS_SCHEMA;
 		else
 			return mask & ACL_USAGE;
 	}
@@ -4075,7 +4075,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
+		acl = acldefault(OBJECT_SCHEMA, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4131,7 +4131,7 @@ pg_tablespace_aclmask(Oid spc_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
+		acl = acldefault(OBJECT_TABLESPACE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4193,7 +4193,7 @@ pg_foreign_data_wrapper_aclmask(Oid fdw_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FDW, ownerId);
+		acl = acldefault(OBJECT_FDW, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4255,7 +4255,7 @@ pg_foreign_server_aclmask(Oid srv_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
+		acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4332,7 +4332,7 @@ pg_type_aclmask(Oid type_oid, Oid roleid, AclMode mask, AclMaskHow how)
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_TYPE, ownerId);
+		acl = acldefault(OBJECT_TYPE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -5301,7 +5301,7 @@ get_default_acl_internal(Oid roleId, Oid nsp_oid, char objtype)
  * Returns NULL if built-in system defaults should be used
  */
 Acl *
-get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
+get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid)
 {
 	Acl		   *result;
 	Acl		   *glob_acl;
@@ -5319,23 +5319,23 @@ get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
 	/* Check if object type is supported in pg_default_acl */
 	switch (objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			defaclobjtype = DEFACLOBJ_RELATION;
 			break;
 
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			defaclobjtype = DEFACLOBJ_SEQUENCE;
 			break;
 
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			defaclobjtype = DEFACLOBJ_FUNCTION;
 			break;
 
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			defaclobjtype = DEFACLOBJ_TYPE;
 			break;
 
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			defaclobjtype = DEFACLOBJ_NAMESPACE;
 			break;
 
diff --git a/src/backend/catalog/heap.c b/src/backend/catalog/heap.c
index 4319fc6b8c..23a08b0a17 100644
--- a/src/backend/catalog/heap.c
+++ b/src/backend/catalog/heap.c
@@ -1142,11 +1142,11 @@ heap_create_with_catalog(const char *relname,
 			case RELKIND_MATVIEW:
 			case RELKIND_FOREIGN_TABLE:
 			case RELKIND_PARTITIONED_TABLE:
-				relacl = get_user_default_acl(ACL_OBJECT_RELATION, ownerid,
+				relacl = get_user_default_acl(OBJECT_RELATION, ownerid,
 											  relnamespace);
 				break;
 			case RELKIND_SEQUENCE:
-				relacl = get_user_default_acl(ACL_OBJECT_SEQUENCE, ownerid,
+				relacl = get_user_default_acl(OBJECT_SEQUENCE, ownerid,
 											  relnamespace);
 				break;
 			default:
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index 9553675975..0df9c9eac1 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -2112,6 +2112,7 @@ pg_get_object_address(PG_FUNCTION_ARGS)
 		case OBJECT_MATVIEW:
 		case OBJECT_INDEX:
 		case OBJECT_FOREIGN_TABLE:
+		case OBJECT_RELATION:
 		case OBJECT_COLUMN:
 		case OBJECT_ATTRIBUTE:
 		case OBJECT_COLLATION:
diff --git a/src/backend/catalog/pg_namespace.c b/src/backend/catalog/pg_namespace.c
index 3e20d051c2..3be3d88bf8 100644
--- a/src/backend/catalog/pg_namespace.c
+++ b/src/backend/catalog/pg_namespace.c
@@ -63,7 +63,7 @@ NamespaceCreate(const char *nspName, Oid ownerId, bool isTemp)
 				 errmsg("schema \"%s\" already exists", nspName)));
 
 	if (!isTemp)
-		nspacl = get_user_default_acl(ACL_OBJECT_NAMESPACE, ownerId,
+		nspacl = get_user_default_acl(OBJECT_SCHEMA, ownerId,
 									  InvalidOid);
 	else
 		nspacl = NULL;
diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c
index 7d05e4bdb2..2f3912b0e7 100644
--- a/src/backend/catalog/pg_proc.c
+++ b/src/backend/catalog/pg_proc.c
@@ -582,7 +582,7 @@ ProcedureCreate(const char *procedureName,
 		/* Creating a new procedure */
 
 		/* First, get default permissions and set up proacl */
-		proacl = get_user_default_acl(ACL_OBJECT_FUNCTION, proowner,
+		proacl = get_user_default_acl(OBJECT_FUNCTION, proowner,
 									  procNamespace);
 		if (proacl != NULL)
 			values[Anum_pg_proc_proacl - 1] = PointerGetDatum(proacl);
diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c
index e02d312008..e1c6a3602d 100644
--- a/src/backend/catalog/pg_type.c
+++ b/src/backend/catalog/pg_type.c
@@ -380,7 +380,7 @@ TypeCreate(Oid newTypeOid,
 	else
 		nulls[Anum_pg_type_typdefault - 1] = true;
 
-	typacl = get_user_default_acl(ACL_OBJECT_TYPE, ownerId,
+	typacl = get_user_default_acl(OBJECT_TYPE, ownerId,
 								  typeNamespace);
 	if (typacl != NULL)
 		values[Anum_pg_type_typacl - 1] = PointerGetDatum(typacl);
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index a602c20b41..6a88b2c10f 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -159,8 +159,8 @@ static Oid insert_event_trigger_tuple(const char *trigname, const char *eventnam
 static void validate_ddl_tags(const char *filtervar, List *taglist);
 static void validate_table_rewrite_tags(const char *filtervar, List *taglist);
 static void EventTriggerInvoke(List *fn_oid_list, EventTriggerData *trigdata);
-static const char *stringify_grantobjtype(GrantObjectType objtype);
-static const char *stringify_adefprivs_objtype(GrantObjectType objtype);
+static const char *stringify_grantobjtype(ObjectType objtype);
+static const char *stringify_adefprivs_objtype(ObjectType objtype);
 
 /*
  * Create an event trigger.
@@ -1108,6 +1108,7 @@ EventTriggerSupportsObjectType(ObjectType obtype)
 		case OBJECT_PROCEDURE:
 		case OBJECT_PUBLICATION:
 		case OBJECT_PUBLICATION_REL:
+		case OBJECT_RELATION:
 		case OBJECT_ROUTINE:
 		case OBJECT_RULE:
 		case OBJECT_SCHEMA:
@@ -1199,41 +1200,6 @@ EventTriggerSupportsObjectClass(ObjectClass objclass)
 	return false;
 }
 
-bool
-EventTriggerSupportsGrantObjectType(GrantObjectType objtype)
-{
-	switch (objtype)
-	{
-		case ACL_OBJECT_DATABASE:
-		case ACL_OBJECT_TABLESPACE:
-			/* no support for global objects */
-			return false;
-
-		case ACL_OBJECT_COLUMN:
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_FDW:
-		case ACL_OBJECT_FOREIGN_SERVER:
-		case ACL_OBJECT_FUNCTION:
-		case ACL_OBJECT_LANGUAGE:
-		case ACL_OBJECT_LARGEOBJECT:
-		case ACL_OBJECT_NAMESPACE:
-		case ACL_OBJECT_PROCEDURE:
-		case ACL_OBJECT_ROUTINE:
-		case ACL_OBJECT_TYPE:
-			return true;
-
-			/*
-			 * There's intentionally no default: case here; we want the
-			 * compiler to warn if a new ACL class hasn't been handled above.
-			 */
-	}
-
-	/* Shouldn't get here, but if we do, say "no support" */
-	return false;
-}
-
 /*
  * Prepare event trigger state for a new complete query to run, if necessary;
  * returns whether this was done.  If it was, EventTriggerEndCompleteQuery must
@@ -2219,92 +2185,166 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS)
 }
 
 /*
- * Return the GrantObjectType as a string, as it would appear in GRANT and
+ * Return the ObjectType as a string, as it would appear in GRANT and
  * REVOKE commands.
  */
 static const char *
-stringify_grantobjtype(GrantObjectType objtype)
+stringify_grantobjtype(ObjectType objtype)
 {
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			return "COLUMN";
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			return "TABLE";
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			return "SEQUENCE";
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			return "DATABASE";
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			return "DOMAIN";
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			return "FOREIGN DATA WRAPPER";
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return "FOREIGN SERVER";
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			return "FUNCTION";
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return "LANGUAGE";
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return "LARGE OBJECT";
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return "SCHEMA";
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			return "PROCEDURE";
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			return "ROUTINE";
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return "TABLESPACE";
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			return "TYPE";
+		/* these currently aren't used */
+		case OBJECT_ACCESS_METHOD:
+		case OBJECT_AGGREGATE:
+		case OBJECT_AMOP:
+		case OBJECT_AMPROC:
+		case OBJECT_ATTRIBUTE:
+		case OBJECT_CAST:
+		case OBJECT_COLLATION:
+		case OBJECT_CONVERSION:
+		case OBJECT_DEFAULT:
+		case OBJECT_DEFACL:
+		case OBJECT_DOMCONSTRAINT:
+		case OBJECT_EVENT_TRIGGER:
+		case OBJECT_EXTENSION:
+		case OBJECT_FOREIGN_TABLE:
+		case OBJECT_INDEX:
+		case OBJECT_MATVIEW:
+		case OBJECT_OPCLASS:
+		case OBJECT_OPERATOR:
+		case OBJECT_OPFAMILY:
+		case OBJECT_POLICY:
+		case OBJECT_PUBLICATION:
+		case OBJECT_PUBLICATION_REL:
+		case OBJECT_ROLE:
+		case OBJECT_RULE:
+		case OBJECT_STATISTIC_EXT:
+		case OBJECT_SUBSCRIPTION:
+		case OBJECT_TABCONSTRAINT:
+		case OBJECT_TABLE:
+		case OBJECT_TRANSFORM:
+		case OBJECT_TRIGGER:
+		case OBJECT_TSCONFIGURATION:
+		case OBJECT_TSDICTIONARY:
+		case OBJECT_TSPARSER:
+		case OBJECT_TSTEMPLATE:
+		case OBJECT_USER_MAPPING:
+		case OBJECT_VIEW:
+			elog(ERROR, "unsupported object type: %d", (int) objtype);
 	}
 
-	elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
 	return "???";				/* keep compiler quiet */
 }
 
 /*
- * Return the GrantObjectType as a string; as above, but use the spelling
+ * Return the ObjectType as a string; as above, but use the spelling
  * in ALTER DEFAULT PRIVILEGES commands instead.  Generally this is just
  * the plural.
  */
 static const char *
-stringify_adefprivs_objtype(GrantObjectType objtype)
+stringify_adefprivs_objtype(ObjectType objtype)
 {
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			return "COLUMNS";
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			return "TABLES";
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			return "SEQUENCES";
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			return "DATABASES";
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			return "DOMAINS";
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			return "FOREIGN DATA WRAPPERS";
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return "FOREIGN SERVERS";
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			return "FUNCTIONS";
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return "LANGUAGES";
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return "LARGE OBJECTS";
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return "SCHEMAS";
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			return "PROCEDURES";
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			return "ROUTINES";
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return "TABLESPACES";
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			return "TYPES";
+		/* these currently aren't used */
+		case OBJECT_ACCESS_METHOD:
+		case OBJECT_AGGREGATE:
+		case OBJECT_AMOP:
+		case OBJECT_AMPROC:
+		case OBJECT_ATTRIBUTE:
+		case OBJECT_CAST:
+		case OBJECT_COLLATION:
+		case OBJECT_CONVERSION:
+		case OBJECT_DEFAULT:
+		case OBJECT_DEFACL:
+		case OBJECT_DOMCONSTRAINT:
+		case OBJECT_EVENT_TRIGGER:
+		case OBJECT_EXTENSION:
+		case OBJECT_FOREIGN_TABLE:
+		case OBJECT_INDEX:
+		case OBJECT_MATVIEW:
+		case OBJECT_OPCLASS:
+		case OBJECT_OPERATOR:
+		case OBJECT_OPFAMILY:
+		case OBJECT_POLICY:
+		case OBJECT_PUBLICATION:
+		case OBJECT_PUBLICATION_REL:
+		case OBJECT_ROLE:
+		case OBJECT_RULE:
+		case OBJECT_STATISTIC_EXT:
+		case OBJECT_SUBSCRIPTION:
+		case OBJECT_TABCONSTRAINT:
+		case OBJECT_TABLE:
+		case OBJECT_TRANSFORM:
+		case OBJECT_TRIGGER:
+		case OBJECT_TSCONFIGURATION:
+		case OBJECT_TSDICTIONARY:
+		case OBJECT_TSPARSER:
+		case OBJECT_TSTEMPLATE:
+		case OBJECT_USER_MAPPING:
+		case OBJECT_VIEW:
+			elog(ERROR, "unsupported object type: %d", (int) objtype);
 	}
 
-	elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
 	return "???";				/* keep compiler quiet */
 }
diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y
index ebfc94f896..3a27f83f83 100644
--- a/src/backend/parser/gram.y
+++ b/src/backend/parser/gram.y
@@ -115,7 +115,7 @@
 typedef struct PrivTarget
 {
 	GrantTargetType targtype;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	List	   *objs;
 } PrivTarget;
 
@@ -7002,7 +7002,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $1;
 					$$ = n;
 				}
@@ -7010,7 +7010,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7018,7 +7018,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_SEQUENCE;
+					n->objtype = OBJECT_SEQUENCE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7026,7 +7026,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FDW;
+					n->objtype = OBJECT_FDW;
 					n->objs = $4;
 					$$ = n;
 				}
@@ -7034,7 +7034,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FOREIGN_SERVER;
+					n->objtype = OBJECT_FOREIGN_SERVER;
 					n->objs = $3;
 					$$ = n;
 				}
@@ -7042,7 +7042,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FUNCTION;
+					n->objtype = OBJECT_FUNCTION;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7050,7 +7050,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_PROCEDURE;
+					n->objtype = OBJECT_PROCEDURE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7058,7 +7058,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_ROUTINE;
+					n->objtype = OBJECT_ROUTINE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7066,7 +7066,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_DATABASE;
+					n->objtype = OBJECT_DATABASE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7074,7 +7074,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_DOMAIN;
+					n->objtype = OBJECT_DOMAIN;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7082,7 +7082,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_LANGUAGE;
+					n->objtype = OBJECT_LANGUAGE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7090,7 +7090,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_LARGEOBJECT;
+					n->objtype = OBJECT_LARGEOBJECT;
 					n->objs = $3;
 					$$ = n;
 				}
@@ -7098,7 +7098,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_NAMESPACE;
+					n->objtype = OBJECT_SCHEMA;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7106,7 +7106,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_TABLESPACE;
+					n->objtype = OBJECT_TABLESPACE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7114,7 +7114,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_TYPE;
+					n->objtype = OBJECT_TYPE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7122,7 +7122,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7130,7 +7130,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_SEQUENCE;
+					n->objtype = OBJECT_SEQUENCE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7138,7 +7138,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_FUNCTION;
+					n->objtype = OBJECT_FUNCTION;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7146,7 +7146,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_PROCEDURE;
+					n->objtype = OBJECT_PROCEDURE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7154,7 +7154,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_ROUTINE;
+					n->objtype = OBJECT_ROUTINE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7312,12 +7312,12 @@ DefACLAction:
 		;
 
 defacl_privilege_target:
-			TABLES			{ $$ = ACL_OBJECT_RELATION; }
-			| FUNCTIONS		{ $$ = ACL_OBJECT_FUNCTION; }
-			| ROUTINES		{ $$ = ACL_OBJECT_FUNCTION; }
-			| SEQUENCES		{ $$ = ACL_OBJECT_SEQUENCE; }
-			| TYPES_P		{ $$ = ACL_OBJECT_TYPE; }
-			| SCHEMAS		{ $$ = ACL_OBJECT_NAMESPACE; }
+			TABLES			{ $$ = OBJECT_RELATION; }
+			| FUNCTIONS		{ $$ = OBJECT_FUNCTION; }
+			| ROUTINES		{ $$ = OBJECT_FUNCTION; }
+			| SEQUENCES		{ $$ = OBJECT_SEQUENCE; }
+			| TYPES_P		{ $$ = OBJECT_TYPE; }
+			| SCHEMAS		{ $$ = OBJECT_SCHEMA; }
 		;
 
 
diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c
index 4da1f8f643..904f5149c8 100644
--- a/src/backend/tcop/utility.c
+++ b/src/backend/tcop/utility.c
@@ -827,7 +827,7 @@ standard_ProcessUtility(PlannedStmt *pstmt,
 			{
 				GrantStmt  *stmt = (GrantStmt *) parsetree;
 
-				if (EventTriggerSupportsGrantObjectType(stmt->objtype))
+				if (EventTriggerSupportsObjectType(stmt->objtype))
 					ProcessUtilitySlow(pstate, pstmt, queryString,
 									   context, params, queryEnv,
 									   dest, completionTag);
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index 2f2758fe91..04d0390684 100644
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -745,7 +745,7 @@ hash_aclitem_extended(PG_FUNCTION_ARGS)
  * absence of any pg_default_acl entry.
  */
 Acl *
-acldefault(GrantObjectType objtype, Oid ownerId)
+acldefault(ObjectType objtype, Oid ownerId)
 {
 	AclMode		world_default;
 	AclMode		owner_default;
@@ -755,56 +755,56 @@ acldefault(GrantObjectType objtype, Oid ownerId)
 
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			/* by default, columns have no extra privileges */
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_NO_RIGHTS;
 			break;
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_RELATION;
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			/* for backwards compatibility, grant some rights by default */
 			world_default = ACL_CREATE_TEMP | ACL_CONNECT;
 			owner_default = ACL_ALL_RIGHTS_DATABASE;
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			/* Grant EXECUTE by default, for now */
 			world_default = ACL_EXECUTE;
 			owner_default = ACL_ALL_RIGHTS_FUNCTION;
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			/* Grant USAGE by default, for now */
 			world_default = ACL_USAGE;
 			owner_default = ACL_ALL_RIGHTS_LANGUAGE;
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			world_default = ACL_NO_RIGHTS;
-			owner_default = ACL_ALL_RIGHTS_NAMESPACE;
+			owner_default = ACL_ALL_RIGHTS_SCHEMA;
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_TABLESPACE;
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_FDW;
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			world_default = ACL_USAGE;
 			owner_default = ACL_ALL_RIGHTS_TYPE;
 			break;
@@ -855,7 +855,7 @@ acldefault(GrantObjectType objtype, Oid ownerId)
 
 /*
  * SQL-accessible version of acldefault().  Hackish mapping from "char" type to
- * ACL_OBJECT_* values, but it's only used in the information schema, not
+ * OBJECT_* values, but it's only used in the information schema, not
  * documented for general use.
  */
 Datum
@@ -863,45 +863,45 @@ acldefault_sql(PG_FUNCTION_ARGS)
 {
 	char		objtypec = PG_GETARG_CHAR(0);
 	Oid			owner = PG_GETARG_OID(1);
-	GrantObjectType objtype = 0;
+	ObjectType	objtype = 0;
 
 	switch (objtypec)
 	{
 		case 'c':
-			objtype = ACL_OBJECT_COLUMN;
+			objtype = OBJECT_COLUMN;
 			break;
 		case 'r':
-			objtype = ACL_OBJECT_RELATION;
+			objtype = OBJECT_RELATION;
 			break;
 		case 's':
-			objtype = ACL_OBJECT_SEQUENCE;
+			objtype = OBJECT_SEQUENCE;
 			break;
 		case 'd':
-			objtype = ACL_OBJECT_DATABASE;
+			objtype = OBJECT_DATABASE;
 			break;
 		case 'f':
-			objtype = ACL_OBJECT_FUNCTION;
+			objtype = OBJECT_FUNCTION;
 			break;
 		case 'l':
-			objtype = ACL_OBJECT_LANGUAGE;
+			objtype = OBJECT_LANGUAGE;
 			break;
 		case 'L':
-			objtype = ACL_OBJECT_LARGEOBJECT;
+			objtype = OBJECT_LARGEOBJECT;
 			break;
 		case 'n':
-			objtype = ACL_OBJECT_NAMESPACE;
+			objtype = OBJECT_SCHEMA;
 			break;
 		case 't':
-			objtype = ACL_OBJECT_TABLESPACE;
+			objtype = OBJECT_TABLESPACE;
 			break;
 		case 'F':
-			objtype = ACL_OBJECT_FDW;
+			objtype = OBJECT_FDW;
 			break;
 		case 'S':
-			objtype = ACL_OBJECT_FOREIGN_SERVER;
+			objtype = OBJECT_FOREIGN_SERVER;
 			break;
 		case 'T':
-			objtype = ACL_OBJECT_TYPE;
+			objtype = OBJECT_TYPE;
 			break;
 		default:
 			elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
diff --git a/src/include/commands/event_trigger.h b/src/include/commands/event_trigger.h
index 2ce528272c..5b118c34e3 100644
--- a/src/include/commands/event_trigger.h
+++ b/src/include/commands/event_trigger.h
@@ -50,7 +50,6 @@ extern void AlterEventTriggerOwner_oid(Oid, Oid newOwnerId);
 
 extern bool EventTriggerSupportsObjectType(ObjectType obtype);
 extern bool EventTriggerSupportsObjectClass(ObjectClass objclass);
-extern bool EventTriggerSupportsGrantObjectType(GrantObjectType objtype);
 extern void EventTriggerDDLCommandStart(Node *parsetree);
 extern void EventTriggerDDLCommandEnd(Node *parsetree);
 extern void EventTriggerSQLDrop(Node *parsetree);
diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h
index 2eaa6b2774..14f23ccb9e 100644
--- a/src/include/nodes/parsenodes.h
+++ b/src/include/nodes/parsenodes.h
@@ -1645,6 +1645,7 @@ typedef enum ObjectType
 	OBJECT_PROCEDURE,
 	OBJECT_PUBLICATION,
 	OBJECT_PUBLICATION_REL,
+	OBJECT_RELATION,
 	OBJECT_ROLE,
 	OBJECT_ROUTINE,
 	OBJECT_RULE,
@@ -1845,31 +1846,12 @@ typedef enum GrantTargetType
 	ACL_TARGET_DEFAULTS			/* ALTER DEFAULT PRIVILEGES */
 } GrantTargetType;
 
-typedef enum GrantObjectType
-{
-	ACL_OBJECT_COLUMN,			/* column */
-	ACL_OBJECT_RELATION,		/* table, view */
-	ACL_OBJECT_SEQUENCE,		/* sequence */
-	ACL_OBJECT_DATABASE,		/* database */
-	ACL_OBJECT_DOMAIN,			/* domain */
-	ACL_OBJECT_FDW,				/* foreign-data wrapper */
-	ACL_OBJECT_FOREIGN_SERVER,	/* foreign server */
-	ACL_OBJECT_FUNCTION,		/* function */
-	ACL_OBJECT_LANGUAGE,		/* procedural language */
-	ACL_OBJECT_LARGEOBJECT,		/* largeobject */
-	ACL_OBJECT_NAMESPACE,		/* namespace */
-	ACL_OBJECT_PROCEDURE,		/* procedure */
-	ACL_OBJECT_ROUTINE,			/* routine */
-	ACL_OBJECT_TABLESPACE,		/* tablespace */
-	ACL_OBJECT_TYPE				/* type */
-} GrantObjectType;
-
 typedef struct GrantStmt
 {
 	NodeTag		type;
 	bool		is_grant;		/* true = GRANT, false = REVOKE */
 	GrantTargetType targtype;	/* type of the grant target */
-	GrantObjectType objtype;	/* kind of object being operated on */
+	ObjectType	objtype;		/* kind of object being operated on */
 	List	   *objects;		/* list of RangeVar nodes, ObjectWithArgs
 								 * nodes, or plain names (as Value strings) */
 	List	   *privileges;		/* list of AccessPriv nodes */
diff --git a/src/include/tcop/deparse_utility.h b/src/include/tcop/deparse_utility.h
index 9c4e608934..ce8bfbae6b 100644
--- a/src/include/tcop/deparse_utility.h
+++ b/src/include/tcop/deparse_utility.h
@@ -97,7 +97,7 @@ typedef struct CollectedCommand
 		/* ALTER DEFAULT PRIVILEGES */
 		struct
 		{
-			GrantObjectType objtype;
+			ObjectType	objtype;
 		}			defprivs;
 	}			d;
 } CollectedCommand;
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
index 254a811aff..a8a6f35dde 100644
--- a/src/include/utils/acl.h
+++ b/src/include/utils/acl.h
@@ -163,7 +163,7 @@ typedef ArrayType Acl;
 #define ACL_ALL_RIGHTS_FUNCTION		(ACL_EXECUTE)
 #define ACL_ALL_RIGHTS_LANGUAGE		(ACL_USAGE)
 #define ACL_ALL_RIGHTS_LARGEOBJECT	(ACL_SELECT|ACL_UPDATE)
-#define ACL_ALL_RIGHTS_NAMESPACE	(ACL_USAGE|ACL_CREATE)
+#define ACL_ALL_RIGHTS_SCHEMA		(ACL_USAGE|ACL_CREATE)
 #define ACL_ALL_RIGHTS_TABLESPACE	(ACL_CREATE)
 #define ACL_ALL_RIGHTS_TYPE			(ACL_USAGE)
 
@@ -217,8 +217,8 @@ typedef enum AclObjectKind
 /*
  * routines used internally
  */
-extern Acl *acldefault(GrantObjectType objtype, Oid ownerId);
-extern Acl *get_user_default_acl(GrantObjectType objtype, Oid ownerId,
+extern Acl *acldefault(ObjectType objtype, Oid ownerId);
+extern Acl *get_user_default_acl(ObjectType objtype, Oid ownerId,
 					 Oid nsp_oid);
 
 extern Acl *aclupdate(const Acl *old_acl, const AclItem *mod_aip,
diff --git a/src/include/utils/aclchk_internal.h b/src/include/utils/aclchk_internal.h
index 3374edb638..31f4b92c16 100644
--- a/src/include/utils/aclchk_internal.h
+++ b/src/include/utils/aclchk_internal.h
@@ -26,12 +26,12 @@
  * Note: 'all_privs' and 'privileges' represent object-level privileges only.
  * There might also be column-level privilege specifications, which are
  * represented in col_privs (this is a list of untransformed AccessPriv nodes).
- * Column privileges are only valid for objtype ACL_OBJECT_RELATION.
+ * Column privileges are only valid for objtype OBJECT_RELATION.
  */
 typedef struct
 {
 	bool		is_grant;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	List	   *objects;
 	bool		all_privs;
 	AclMode		privileges;

base-commit: 7d3583ad9ae54b44119973a9d6d731c9cc74c86e
-- 
2.15.1

From b812b72e66ccffaa547c0b998b9328bd3b17fc9a Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Sat, 2 Dec 2017 09:26:34 -0500
Subject: [PATCH v3 2/2] Replace AclObjectKind with ObjectType

AclObjectKind was basically just another enumeration for object types,
and we already have a preferred one for that.  It's only used in
aclcheck_error.  By using ObjectType instead, we can also give some more
precise error messages, for example "index" instead of "relation".
---
 contrib/dblink/dblink.c                            |   4 +-
 contrib/pg_prewarm/pg_prewarm.c                    |   2 +-
 contrib/pgrowlocks/pgrowlocks.c                    |   2 +-
 src/backend/access/brin/brin.c                     |   4 +-
 src/backend/access/gin/ginfast.c                   |   2 +-
 src/backend/catalog/aclchk.c                       | 508 +++++++++++++--------
 src/backend/catalog/namespace.c                    |   8 +-
 src/backend/catalog/objectaddress.c                |  90 ++--
 src/backend/catalog/pg_aggregate.c                 |   2 +-
 src/backend/catalog/pg_operator.c                  |   8 +-
 src/backend/catalog/pg_proc.c                      |   2 +-
 src/backend/catalog/pg_type.c                      |   2 +-
 src/backend/commands/aggregatecmds.c               |   2 +-
 src/backend/commands/alter.c                       |  18 +-
 src/backend/commands/collationcmds.c               |   4 +-
 src/backend/commands/conversioncmds.c              |   4 +-
 src/backend/commands/dbcommands.c                  |  16 +-
 src/backend/commands/event_trigger.c               |   4 +-
 src/backend/commands/extension.c                   |   8 +-
 src/backend/commands/foreigncmds.c                 |  16 +-
 src/backend/commands/functioncmds.c                |  26 +-
 src/backend/commands/indexcmds.c                   |  10 +-
 src/backend/commands/lockcmds.c                    |   4 +-
 src/backend/commands/opclasscmds.c                 |  16 +-
 src/backend/commands/operatorcmds.c                |  10 +-
 src/backend/commands/policy.c                      |   2 +-
 src/backend/commands/proclang.c                    |   4 +-
 src/backend/commands/publicationcmds.c             |  10 +-
 src/backend/commands/schemacmds.c                  |  10 +-
 src/backend/commands/statscmds.c                   |   2 +-
 src/backend/commands/subscriptioncmds.c            |   6 +-
 src/backend/commands/tablecmds.c                   |  36 +-
 src/backend/commands/tablespace.c                  |  10 +-
 src/backend/commands/trigger.c                     |   8 +-
 src/backend/commands/tsearchcmds.c                 |   8 +-
 src/backend/commands/typecmds.c                    |  28 +-
 src/backend/commands/user.c                        |   2 +-
 src/backend/executor/execExpr.c                    |   4 +-
 src/backend/executor/execMain.c                    |   2 +-
 src/backend/executor/execSRF.c                     |   2 +-
 src/backend/executor/nodeAgg.c                     |  10 +-
 src/backend/executor/nodeWindowAgg.c               |   8 +-
 src/backend/parser/parse_utilcmd.c                 |   4 +-
 src/backend/rewrite/rewriteDefine.c                |   6 +-
 src/backend/tcop/fastpath.c                        |   4 +-
 src/backend/utils/adt/dbsize.c                     |   4 +-
 src/backend/utils/adt/tid.c                        |   4 +-
 src/backend/utils/fmgr/fmgr.c                      |   4 +-
 src/include/catalog/objectaddress.h                |   2 +-
 src/include/utils/acl.h                            |  35 +-
 src/pl/tcl/pltcl.c                                 |   2 +-
 .../dummy_seclabel/expected/dummy_seclabel.out     |   4 +-
 src/test/regress/expected/create_procedure.out     |   2 +-
 src/test/regress/expected/privileges.out           |   8 +-
 54 files changed, 562 insertions(+), 441 deletions(-)

diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c
index a7e22b378a..87bd6f730b 100644
--- a/contrib/dblink/dblink.c
+++ b/contrib/dblink/dblink.c
@@ -2504,7 +2504,7 @@ get_rel_from_relname(text *relname_text, LOCKMODE lockmode, AclMode aclmode)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  aclmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	return rel;
@@ -2789,7 +2789,7 @@ get_connect_string(const char *servername)
 		/* Check permissions, user must have usage on the server. */
 		aclresult = pg_foreign_server_aclcheck(serverid, userid, ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, foreign_server->servername);
+			aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, foreign_server->servername);
 
 		foreach(cell, fdw->options)
 		{
diff --git a/contrib/pg_prewarm/pg_prewarm.c b/contrib/pg_prewarm/pg_prewarm.c
index fec62b1a54..295297274b 100644
--- a/contrib/pg_prewarm/pg_prewarm.c
+++ b/contrib/pg_prewarm/pg_prewarm.c
@@ -107,7 +107,7 @@ pg_prewarm(PG_FUNCTION_ARGS)
 	rel = relation_open(relOid, AccessShareLock);
 	aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS, get_rel_name(relOid));
+		aclcheck_error(aclresult, OBJECT_RELATION, get_rel_name(relOid));
 
 	/* Check that the fork exists. */
 	RelationOpenSmgr(rel);
diff --git a/contrib/pgrowlocks/pgrowlocks.c b/contrib/pgrowlocks/pgrowlocks.c
index eabca65bd2..38e10e59a8 100644
--- a/contrib/pgrowlocks/pgrowlocks.c
+++ b/contrib/pgrowlocks/pgrowlocks.c
@@ -121,7 +121,7 @@ pgrowlocks(PG_FUNCTION_ARGS)
 			aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
 
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL);
diff --git a/src/backend/access/brin/brin.c b/src/backend/access/brin/brin.c
index 9fbb093b3c..628d447a61 100644
--- a/src/backend/access/brin/brin.c
+++ b/src/backend/access/brin/brin.c
@@ -894,7 +894,7 @@ brin_summarize_range(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	/*
@@ -965,7 +965,7 @@ brin_desummarize_range(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	/*
diff --git a/src/backend/access/gin/ginfast.c b/src/backend/access/gin/ginfast.c
index 95c8bd7b43..5010f608e0 100644
--- a/src/backend/access/gin/ginfast.c
+++ b/src/backend/access/gin/ginfast.c
@@ -1035,7 +1035,7 @@ gin_clean_pending_list(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	memset(&stats, 0, sizeof(stats));
diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index 06c2086295..d097ab1d62 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -132,9 +132,9 @@ static const char *privilege_to_string(AclMode privilege);
 static AclMode restrict_and_check_grant(bool is_grant, AclMode avail_goptions,
 						 bool all_privs, AclMode privileges,
 						 Oid objectId, Oid grantorId,
-						 AclObjectKind objkind, const char *objname,
+						 ObjectType objtype, const char *objname,
 						 AttrNumber att_number, const char *colname);
-static AclMode pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum,
+static AclMode pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum,
 		   Oid roleid, AclMode mask, AclMaskHow how);
 static void recordExtensionInitPriv(Oid objoid, Oid classoid, int objsubid,
 						Acl *new_acl);
@@ -236,56 +236,56 @@ merge_acl_with_grant(Acl *old_acl, bool is_grant,
 static AclMode
 restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 						 AclMode privileges, Oid objectId, Oid grantorId,
-						 AclObjectKind objkind, const char *objname,
+						 ObjectType objtype, const char *objname,
 						 AttrNumber att_number, const char *colname)
 {
 	AclMode		this_privileges;
 	AclMode		whole_mask;
 
-	switch (objkind)
+	switch (objtype)
 	{
-		case ACL_KIND_COLUMN:
+		case OBJECT_COLUMN:
 			whole_mask = ACL_ALL_RIGHTS_COLUMN;
 			break;
-		case ACL_KIND_CLASS:
+		case OBJECT_RELATION:
 			whole_mask = ACL_ALL_RIGHTS_RELATION;
 			break;
-		case ACL_KIND_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			whole_mask = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
-		case ACL_KIND_DATABASE:
+		case OBJECT_DATABASE:
 			whole_mask = ACL_ALL_RIGHTS_DATABASE;
 			break;
-		case ACL_KIND_PROC:
+		case OBJECT_FUNCTION:
 			whole_mask = ACL_ALL_RIGHTS_FUNCTION;
 			break;
-		case ACL_KIND_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			whole_mask = ACL_ALL_RIGHTS_LANGUAGE;
 			break;
-		case ACL_KIND_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
-		case ACL_KIND_NAMESPACE:
+		case OBJECT_SCHEMA:
 			whole_mask = ACL_ALL_RIGHTS_SCHEMA;
 			break;
-		case ACL_KIND_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
 			break;
-		case ACL_KIND_FDW:
+		case OBJECT_FDW:
 			whole_mask = ACL_ALL_RIGHTS_FDW;
 			break;
-		case ACL_KIND_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			whole_mask = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			break;
-		case ACL_KIND_EVENT_TRIGGER:
+		case OBJECT_EVENT_TRIGGER:
 			elog(ERROR, "grantable rights not supported for event triggers");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TYPE:
+		case OBJECT_TYPE:
 			whole_mask = ACL_ALL_RIGHTS_TYPE;
 			break;
 		default:
-			elog(ERROR, "unrecognized object kind: %d", objkind);
+			elog(ERROR, "unrecognized object type: %d", objtype);
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
 	}
@@ -297,14 +297,14 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	 */
 	if (avail_goptions == ACL_NO_RIGHTS)
 	{
-		if (pg_aclmask(objkind, objectId, att_number, grantorId,
+		if (pg_aclmask(objtype, objectId, att_number, grantorId,
 					   whole_mask | ACL_GRANT_OPTION_FOR(whole_mask),
 					   ACLMASK_ANY) == ACL_NO_RIGHTS)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
-				aclcheck_error_col(ACLCHECK_NO_PRIV, objkind, objname, colname);
+			if (objtype == OBJECT_COLUMN && colname)
+				aclcheck_error_col(ACLCHECK_NO_PRIV, objtype, objname, colname);
 			else
-				aclcheck_error(ACLCHECK_NO_PRIV, objkind, objname);
+				aclcheck_error(ACLCHECK_NO_PRIV, objtype, objname);
 		}
 	}
 
@@ -320,7 +320,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	{
 		if (this_privileges == 0)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
 						 errmsg("no privileges were granted for column \"%s\" of relation \"%s\"",
@@ -333,7 +333,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		}
 		else if (!all_privs && this_privileges != privileges)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
 						 errmsg("not all privileges were granted for column \"%s\" of relation \"%s\"",
@@ -349,7 +349,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	{
 		if (this_privileges == 0)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
 						 errmsg("no privileges could be revoked for column \"%s\" of relation \"%s\"",
@@ -362,7 +362,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		}
 		else if (!all_privs && this_privileges != privileges)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
 						 errmsg("not all privileges could be revoked for column \"%s\" of relation \"%s\"",
@@ -1721,7 +1721,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
 		restrict_and_check_grant(istmt->is_grant, avail_goptions,
 								 (col_privileges == ACL_ALL_RIGHTS_COLUMN),
 								 col_privileges,
-								 relOid, grantorId, ACL_KIND_COLUMN,
+								 relOid, grantorId, OBJECT_COLUMN,
 								 relname, attnum,
 								 NameStr(pg_attribute_tuple->attname));
 
@@ -1975,7 +1975,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 			bool		replaces[Natts_pg_class];
 			int			nnewmembers;
 			Oid		   *newmembers;
-			AclObjectKind aclkind;
+			ObjectType	objtype;
 
 			/* Determine ID to do the grant as, and available grant options */
 			select_best_grantor(GetUserId(), this_privileges,
@@ -1985,10 +1985,10 @@ ExecGrant_Relation(InternalGrant *istmt)
 			switch (pg_class_tuple->relkind)
 			{
 				case RELKIND_SEQUENCE:
-					aclkind = ACL_KIND_SEQUENCE;
+					objtype = OBJECT_SEQUENCE;
 					break;
 				default:
-					aclkind = ACL_KIND_CLASS;
+					objtype = OBJECT_RELATION;
 					break;
 			}
 
@@ -1999,7 +1999,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 			this_privileges =
 				restrict_and_check_grant(istmt->is_grant, avail_goptions,
 										 istmt->all_privs, this_privileges,
-										 relOid, grantorId, aclkind,
+										 relOid, grantorId, objtype,
 										 NameStr(pg_class_tuple->relname),
 										 0, NULL);
 
@@ -2193,7 +2193,7 @@ ExecGrant_Database(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 datId, grantorId, ACL_KIND_DATABASE,
+									 datId, grantorId, OBJECT_DATABASE,
 									 NameStr(pg_database_tuple->datname),
 									 0, NULL);
 
@@ -2315,7 +2315,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 fdwid, grantorId, ACL_KIND_FDW,
+									 fdwid, grantorId, OBJECT_FDW,
 									 NameStr(pg_fdw_tuple->fdwname),
 									 0, NULL);
 
@@ -2441,7 +2441,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 srvid, grantorId, ACL_KIND_FOREIGN_SERVER,
+									 srvid, grantorId, OBJECT_FOREIGN_SERVER,
 									 NameStr(pg_server_tuple->srvname),
 									 0, NULL);
 
@@ -2565,7 +2565,7 @@ ExecGrant_Function(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 funcId, grantorId, ACL_KIND_PROC,
+									 funcId, grantorId, OBJECT_FUNCTION,
 									 NameStr(pg_proc_tuple->proname),
 									 0, NULL);
 
@@ -2696,7 +2696,7 @@ ExecGrant_Language(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 langId, grantorId, ACL_KIND_LANGUAGE,
+									 langId, grantorId, OBJECT_LANGUAGE,
 									 NameStr(pg_language_tuple->lanname),
 									 0, NULL);
 
@@ -2835,7 +2835,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 loid, grantorId, ACL_KIND_LARGEOBJECT,
+									 loid, grantorId, OBJECT_LARGEOBJECT,
 									 loname, 0, NULL);
 
 		/*
@@ -2960,7 +2960,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 nspid, grantorId, ACL_KIND_NAMESPACE,
+									 nspid, grantorId, OBJECT_SCHEMA,
 									 NameStr(pg_namespace_tuple->nspname),
 									 0, NULL);
 
@@ -3084,7 +3084,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 tblId, grantorId, ACL_KIND_TABLESPACE,
+									 tblId, grantorId, OBJECT_TABLESPACE,
 									 NameStr(pg_tablespace_tuple->spcname),
 									 0, NULL);
 
@@ -3218,7 +3218,7 @@ ExecGrant_Type(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 typId, grantorId, ACL_KIND_TYPE,
+									 typId, grantorId, OBJECT_TYPE,
 									 NameStr(pg_type_tuple->typname),
 									 0, NULL);
 
@@ -3347,114 +3347,8 @@ privilege_to_string(AclMode privilege)
  * Note: we do not double-quote the %s's below, because many callers
  * supply strings that might be already quoted.
  */
-
-static const char *const no_priv_msg[MAX_ACL_KIND] =
-{
-	/* ACL_KIND_COLUMN */
-	gettext_noop("permission denied for column %s"),
-	/* ACL_KIND_CLASS */
-	gettext_noop("permission denied for relation %s"),
-	/* ACL_KIND_SEQUENCE */
-	gettext_noop("permission denied for sequence %s"),
-	/* ACL_KIND_DATABASE */
-	gettext_noop("permission denied for database %s"),
-	/* ACL_KIND_PROC */
-	gettext_noop("permission denied for function %s"),
-	/* ACL_KIND_OPER */
-	gettext_noop("permission denied for operator %s"),
-	/* ACL_KIND_TYPE */
-	gettext_noop("permission denied for type %s"),
-	/* ACL_KIND_LANGUAGE */
-	gettext_noop("permission denied for language %s"),
-	/* ACL_KIND_LARGEOBJECT */
-	gettext_noop("permission denied for large object %s"),
-	/* ACL_KIND_NAMESPACE */
-	gettext_noop("permission denied for schema %s"),
-	/* ACL_KIND_OPCLASS */
-	gettext_noop("permission denied for operator class %s"),
-	/* ACL_KIND_OPFAMILY */
-	gettext_noop("permission denied for operator family %s"),
-	/* ACL_KIND_COLLATION */
-	gettext_noop("permission denied for collation %s"),
-	/* ACL_KIND_CONVERSION */
-	gettext_noop("permission denied for conversion %s"),
-	/* ACL_KIND_STATISTICS */
-	gettext_noop("permission denied for statistics object %s"),
-	/* ACL_KIND_TABLESPACE */
-	gettext_noop("permission denied for tablespace %s"),
-	/* ACL_KIND_TSDICTIONARY */
-	gettext_noop("permission denied for text search dictionary %s"),
-	/* ACL_KIND_TSCONFIGURATION */
-	gettext_noop("permission denied for text search configuration %s"),
-	/* ACL_KIND_FDW */
-	gettext_noop("permission denied for foreign-data wrapper %s"),
-	/* ACL_KIND_FOREIGN_SERVER */
-	gettext_noop("permission denied for foreign server %s"),
-	/* ACL_KIND_EVENT_TRIGGER */
-	gettext_noop("permission denied for event trigger %s"),
-	/* ACL_KIND_EXTENSION */
-	gettext_noop("permission denied for extension %s"),
-	/* ACL_KIND_PUBLICATION */
-	gettext_noop("permission denied for publication %s"),
-	/* ACL_KIND_SUBSCRIPTION */
-	gettext_noop("permission denied for subscription %s"),
-};
-
-static const char *const not_owner_msg[MAX_ACL_KIND] =
-{
-	/* ACL_KIND_COLUMN */
-	gettext_noop("must be owner of relation %s"),
-	/* ACL_KIND_CLASS */
-	gettext_noop("must be owner of relation %s"),
-	/* ACL_KIND_SEQUENCE */
-	gettext_noop("must be owner of sequence %s"),
-	/* ACL_KIND_DATABASE */
-	gettext_noop("must be owner of database %s"),
-	/* ACL_KIND_PROC */
-	gettext_noop("must be owner of function %s"),
-	/* ACL_KIND_OPER */
-	gettext_noop("must be owner of operator %s"),
-	/* ACL_KIND_TYPE */
-	gettext_noop("must be owner of type %s"),
-	/* ACL_KIND_LANGUAGE */
-	gettext_noop("must be owner of language %s"),
-	/* ACL_KIND_LARGEOBJECT */
-	gettext_noop("must be owner of large object %s"),
-	/* ACL_KIND_NAMESPACE */
-	gettext_noop("must be owner of schema %s"),
-	/* ACL_KIND_OPCLASS */
-	gettext_noop("must be owner of operator class %s"),
-	/* ACL_KIND_OPFAMILY */
-	gettext_noop("must be owner of operator family %s"),
-	/* ACL_KIND_COLLATION */
-	gettext_noop("must be owner of collation %s"),
-	/* ACL_KIND_CONVERSION */
-	gettext_noop("must be owner of conversion %s"),
-	/* ACL_KIND_STATISTICS */
-	gettext_noop("must be owner of statistics object %s"),
-	/* ACL_KIND_TABLESPACE */
-	gettext_noop("must be owner of tablespace %s"),
-	/* ACL_KIND_TSDICTIONARY */
-	gettext_noop("must be owner of text search dictionary %s"),
-	/* ACL_KIND_TSCONFIGURATION */
-	gettext_noop("must be owner of text search configuration %s"),
-	/* ACL_KIND_FDW */
-	gettext_noop("must be owner of foreign-data wrapper %s"),
-	/* ACL_KIND_FOREIGN_SERVER */
-	gettext_noop("must be owner of foreign server %s"),
-	/* ACL_KIND_EVENT_TRIGGER */
-	gettext_noop("must be owner of event trigger %s"),
-	/* ACL_KIND_EXTENSION */
-	gettext_noop("must be owner of extension %s"),
-	/* ACL_KIND_PUBLICATION */
-	gettext_noop("must be owner of publication %s"),
-	/* ACL_KIND_SUBSCRIPTION */
-	gettext_noop("must be owner of subscription %s"),
-};
-
-
 void
-aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error(AclResult aclerr, ObjectType objtype,
 			   const char *objectname)
 {
 	switch (aclerr)
@@ -3463,15 +3357,275 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
 			/* no error, so return to caller */
 			break;
 		case ACLCHECK_NO_PRIV:
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(no_priv_msg[objectkind], objectname)));
-			break;
+			{
+				const char *msg;
+
+				switch (objtype)
+				{
+					case OBJECT_AGGREGATE:
+						msg = gettext_noop("permission denied for aggregate %s");
+						break;
+					case OBJECT_COLLATION:
+						msg = gettext_noop("permission denied for collation %s");
+						break;
+					case OBJECT_COLUMN:
+						msg = gettext_noop("permission denied for column %s");
+						break;
+					case OBJECT_CONVERSION:
+						msg = gettext_noop("permission denied for conversion %s");
+						break;
+					case OBJECT_DATABASE:
+						msg = gettext_noop("permission denied for database %s");
+						break;
+					case OBJECT_DOMAIN:
+						msg = gettext_noop("permission denied for domain %s");
+						break;
+					case OBJECT_EVENT_TRIGGER:
+						msg = gettext_noop("permission denied for event trigger %s");
+						break;
+					case OBJECT_EXTENSION:
+						msg = gettext_noop("permission denied for extension %s");
+						break;
+					case OBJECT_FDW:
+						msg = gettext_noop("permission denied for foreign-data wrapper %s");
+						break;
+					case OBJECT_FOREIGN_SERVER:
+						msg = gettext_noop("permission denied for foreign server %s");
+						break;
+					case OBJECT_FOREIGN_TABLE:
+						msg = gettext_noop("permission denied for foreign table %s");
+						break;
+					case OBJECT_FUNCTION:
+						msg = gettext_noop("permission denied for function %s");
+						break;
+					case OBJECT_INDEX:
+						msg = gettext_noop("permission denied for index %s");
+						break;
+					case OBJECT_LANGUAGE:
+						msg = gettext_noop("permission denied for language %s");
+						break;
+					case OBJECT_LARGEOBJECT:
+						msg = gettext_noop("permission denied for large object %s");
+						break;
+					case OBJECT_MATVIEW:
+						msg = gettext_noop("permission denied for materialized view %s");
+						break;
+					case OBJECT_OPCLASS:
+						msg = gettext_noop("permission denied for operator class %s");
+						break;
+					case OBJECT_OPERATOR:
+						msg = gettext_noop("permission denied for operator %s");
+						break;
+					case OBJECT_OPFAMILY:
+						msg = gettext_noop("permission denied for operator family %s");
+						break;
+					case OBJECT_POLICY:
+						msg = gettext_noop("permission denied for policy %s");
+						break;
+					case OBJECT_PROCEDURE:
+						msg = gettext_noop("permission denied for procedure %s");
+						break;
+					case OBJECT_PUBLICATION:
+						msg = gettext_noop("permission denied for publication %s");
+						break;
+					case OBJECT_RELATION:
+						msg = gettext_noop("permission denied for relation %s");
+						break;
+					case OBJECT_ROUTINE:
+						msg = gettext_noop("permission denied for routine %s");
+						break;
+					case OBJECT_SCHEMA:
+						msg = gettext_noop("permission denied for schema %s");
+						break;
+					case OBJECT_SEQUENCE:
+						msg = gettext_noop("permission denied for sequence %s");
+						break;
+					case OBJECT_STATISTIC_EXT:
+						msg = gettext_noop("permission denied for statistics object %s");
+						break;
+					case OBJECT_SUBSCRIPTION:
+						msg = gettext_noop("permission denied for subscription %s");
+						break;
+					case OBJECT_TABLE:
+						msg = gettext_noop("permission denied for table %s");
+						break;
+					case OBJECT_TABLESPACE:
+						msg = gettext_noop("permission denied for tablespace %s");
+						break;
+					case OBJECT_TSCONFIGURATION:
+						msg = gettext_noop("permission denied for text search configuration %s");
+						break;
+					case OBJECT_TSDICTIONARY:
+						msg = gettext_noop("permission denied for text search dictionary %s");
+						break;
+					case OBJECT_TYPE:
+						msg = gettext_noop("permission denied for type %s");
+						break;
+					case OBJECT_VIEW:
+						msg = gettext_noop("permission denied for view %s");
+						break;
+					/* these currently aren't used */
+					case OBJECT_ACCESS_METHOD:
+					case OBJECT_AMOP:
+					case OBJECT_AMPROC:
+					case OBJECT_ATTRIBUTE:
+					case OBJECT_CAST:
+					case OBJECT_DEFAULT:
+					case OBJECT_DEFACL:
+					case OBJECT_DOMCONSTRAINT:
+					case OBJECT_PUBLICATION_REL:
+					case OBJECT_ROLE:
+					case OBJECT_RULE:
+					case OBJECT_TABCONSTRAINT:
+					case OBJECT_TRANSFORM:
+					case OBJECT_TRIGGER:
+					case OBJECT_TSPARSER:
+					case OBJECT_TSTEMPLATE:
+					case OBJECT_USER_MAPPING:
+						elog(ERROR, "unsupported object type %d", objtype);
+						msg = "???";
+				}
+
+				ereport(ERROR,
+						(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+						 errmsg(msg, objectname)));
+				break;
+			}
 		case ACLCHECK_NOT_OWNER:
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(not_owner_msg[objectkind], objectname)));
-			break;
+			{
+				const char *msg;
+
+				switch (objtype)
+				{
+					case OBJECT_AGGREGATE:
+						msg = gettext_noop("must be owner of aggregate %s");
+						break;
+					case OBJECT_COLLATION:
+						msg = gettext_noop("must be owner of collation %s");
+						break;
+					case OBJECT_COLUMN:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_CONVERSION:
+						msg = gettext_noop("must be owner of conversion %s");
+						break;
+					case OBJECT_DATABASE:
+						msg = gettext_noop("must be owner of database %s");
+						break;
+					case OBJECT_DOMAIN:
+						msg = gettext_noop("must be owner of domain %s");
+						break;
+					case OBJECT_EVENT_TRIGGER:
+						msg = gettext_noop("must be owner of event trigger %s");
+						break;
+					case OBJECT_EXTENSION:
+						msg = gettext_noop("must be owner of extension %s");
+						break;
+					case OBJECT_FDW:
+						msg = gettext_noop("must be owner of foreign-data wrapper %s");
+						break;
+					case OBJECT_FOREIGN_SERVER:
+						msg = gettext_noop("must be owner of foreign server %s");
+						break;
+					case OBJECT_FOREIGN_TABLE:
+						msg = gettext_noop("must be owner of foreign table %s");
+						break;
+					case OBJECT_FUNCTION:
+						msg = gettext_noop("must be owner of function %s");
+						break;
+					case OBJECT_INDEX:
+						msg = gettext_noop("must be owner of index %s");
+						break;
+					case OBJECT_LANGUAGE:
+						msg = gettext_noop("must be owner of language %s");
+						break;
+					case OBJECT_LARGEOBJECT:
+						msg = gettext_noop("must be owner of large object %s");
+						break;
+					case OBJECT_MATVIEW:
+						msg = gettext_noop("must be owner of materialized view %s");
+						break;
+					case OBJECT_OPCLASS:
+						msg = gettext_noop("must be owner of operator class %s");
+						break;
+					case OBJECT_OPERATOR:
+						msg = gettext_noop("must be owner of operator %s");
+						break;
+					case OBJECT_OPFAMILY:
+						msg = gettext_noop("must be owner of operator family %s");
+						break;
+					case OBJECT_POLICY:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_PROCEDURE:
+						msg = gettext_noop("must be owner of procedure %s");
+						break;
+					case OBJECT_PUBLICATION:
+						msg = gettext_noop("must be owner of publication %s");
+						break;
+					case OBJECT_RELATION:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_ROUTINE:
+						msg = gettext_noop("must be owner of routine %s");
+						break;
+					case OBJECT_SEQUENCE:
+						msg = gettext_noop("must be owner of sequence %s");
+						break;
+					case OBJECT_SUBSCRIPTION:
+						msg = gettext_noop("must be owner of subscription %s");
+						break;
+					case OBJECT_TABLE:
+						msg = gettext_noop("must be owner of table %s");
+						break;
+					case OBJECT_TYPE:
+						msg = gettext_noop("must be owner of type %s");
+						break;
+					case OBJECT_VIEW:
+						msg = gettext_noop("must be owner of view %s");
+						break;
+					case OBJECT_SCHEMA:
+						msg = gettext_noop("must be owner of schema %s");
+						break;
+					case OBJECT_STATISTIC_EXT:
+						msg = gettext_noop("must be owner of statistics object %s");
+						break;
+					case OBJECT_TABLESPACE:
+						msg = gettext_noop("must be owner of tablespace %s");
+						break;
+					case OBJECT_TSCONFIGURATION:
+						msg = gettext_noop("must be owner of text search configuration %s");
+						break;
+					case OBJECT_TSDICTIONARY:
+						msg = gettext_noop("must be owner of text search dictionary %s");
+						break;
+					/* these currently aren't used */
+					case OBJECT_ACCESS_METHOD:
+					case OBJECT_AMOP:
+					case OBJECT_AMPROC:
+					case OBJECT_ATTRIBUTE:
+					case OBJECT_CAST:
+					case OBJECT_DEFAULT:
+					case OBJECT_DEFACL:
+					case OBJECT_DOMCONSTRAINT:
+					case OBJECT_PUBLICATION_REL:
+					case OBJECT_ROLE:
+					case OBJECT_RULE:
+					case OBJECT_TABCONSTRAINT:
+					case OBJECT_TRANSFORM:
+					case OBJECT_TRIGGER:
+					case OBJECT_TSPARSER:
+					case OBJECT_TSTEMPLATE:
+					case OBJECT_USER_MAPPING:
+						elog(ERROR, "unsupported object type %d", objtype);
+						msg = "???";
+				}
+
+				ereport(ERROR,
+						(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+						 errmsg(msg, objectname)));
+				break;
+			}
 		default:
 			elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
 			break;
@@ -3480,7 +3634,7 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
 
 
 void
-aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error_col(AclResult aclerr, ObjectType objtype,
 				   const char *objectname, const char *colname)
 {
 	switch (aclerr)
@@ -3496,9 +3650,7 @@ aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
 			break;
 		case ACLCHECK_NOT_OWNER:
 			/* relation msg is OK since columns don't have separate owners */
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(not_owner_msg[objectkind], objectname)));
+			aclcheck_error(aclerr, objtype, objectname);
 			break;
 		default:
 			elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
@@ -3516,7 +3668,7 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
 {
 	Oid			element_type = get_element_type(typeOid);
 
-	aclcheck_error(aclerr, ACL_KIND_TYPE, format_type_be(element_type ? element_type : typeOid));
+	aclcheck_error(aclerr, OBJECT_TYPE, format_type_be(element_type ? element_type : typeOid));
 }
 
 
@@ -3524,48 +3676,48 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
  * Relay for the various pg_*_mask routines depending on object kind
  */
 static AclMode
-pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum, Oid roleid,
+pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid,
 		   AclMode mask, AclMaskHow how)
 {
-	switch (objkind)
+	switch (objtype)
 	{
-		case ACL_KIND_COLUMN:
+		case OBJECT_COLUMN:
 			return
 				pg_class_aclmask(table_oid, roleid, mask, how) |
 				pg_attribute_aclmask(table_oid, attnum, roleid, mask, how);
-		case ACL_KIND_CLASS:
-		case ACL_KIND_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			return pg_class_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_DATABASE:
+		case OBJECT_DATABASE:
 			return pg_database_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_PROC:
+		case OBJECT_FUNCTION:
 			return pg_proc_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return pg_language_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return pg_largeobject_aclmask_snapshot(table_oid, roleid,
 												   mask, how, NULL);
-		case ACL_KIND_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return pg_namespace_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_STATISTICS:
+		case OBJECT_STATISTIC_EXT:
 			elog(ERROR, "grantable rights not supported for statistics objects");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return pg_tablespace_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_FDW:
+		case OBJECT_FDW:
 			return pg_foreign_data_wrapper_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return pg_foreign_server_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_EVENT_TRIGGER:
+		case OBJECT_EVENT_TRIGGER:
 			elog(ERROR, "grantable rights not supported for event triggers");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TYPE:
+		case OBJECT_TYPE:
 			return pg_type_aclmask(table_oid, roleid, mask, how);
 		default:
-			elog(ERROR, "unrecognized objkind: %d",
-				 (int) objkind);
+			elog(ERROR, "unrecognized objtype: %d",
+				 (int) objtype);
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
 	}
diff --git a/src/backend/catalog/namespace.c b/src/backend/catalog/namespace.c
index 0a2fb1b93a..89edaf1b7d 100644
--- a/src/backend/catalog/namespace.c
+++ b/src/backend/catalog/namespace.c
@@ -560,7 +560,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
 		/* Check namespace permissions. */
 		aclresult = pg_namespace_aclcheck(nspid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(nspid));
 
 		if (retry)
@@ -585,7 +585,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
 		if (lockmode != NoLock && OidIsValid(relid))
 		{
 			if (!pg_class_ownercheck(relid, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 							   relation->relname);
 			if (relid != oldrelid)
 				LockRelationOid(relid, lockmode);
@@ -2874,7 +2874,7 @@ LookupExplicitNamespace(const char *nspname, bool missing_ok)
 
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   nspname);
 	/* Schema search hook for this lookup */
 	InvokeNamespaceSearchHook(namespaceId, true);
@@ -2911,7 +2911,7 @@ LookupCreationNamespace(const char *nspname)
 
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   nspname);
 
 	return namespaceId;
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index 0df9c9eac1..5cf0b11d5e 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -104,7 +104,7 @@ typedef struct
 	AttrNumber	attnum_namespace;	/* attnum of namespace field */
 	AttrNumber	attnum_owner;	/* attnum of owner field */
 	AttrNumber	attnum_acl;		/* attnum of acl field */
-	AclObjectKind acl_kind;		/* ACL_KIND_* of this object type */
+	ObjectType	objtype;		/* OBJECT_* of this object type */
 	bool		is_nsp_name_unique; /* can the nsp/name combination (or name
 									 * alone, if there's no namespace) be
 									 * considered a unique identifier for an
@@ -146,7 +146,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_collation_collnamespace,
 		Anum_pg_collation_collowner,
 		InvalidAttrNumber,
-		ACL_KIND_COLLATION,
+		OBJECT_COLLATION,
 		true
 	},
 	{
@@ -170,7 +170,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_conversion_connamespace,
 		Anum_pg_conversion_conowner,
 		InvalidAttrNumber,
-		ACL_KIND_CONVERSION,
+		OBJECT_CONVERSION,
 		true
 	},
 	{
@@ -182,7 +182,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_database_datdba,
 		Anum_pg_database_datacl,
-		ACL_KIND_DATABASE,
+		OBJECT_DATABASE,
 		true
 	},
 	{
@@ -194,7 +194,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,		/* extension doesn't belong to extnamespace */
 		Anum_pg_extension_extowner,
 		InvalidAttrNumber,
-		ACL_KIND_EXTENSION,
+		OBJECT_EXTENSION,
 		true
 	},
 	{
@@ -206,7 +206,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_foreign_data_wrapper_fdwowner,
 		Anum_pg_foreign_data_wrapper_fdwacl,
-		ACL_KIND_FDW,
+		OBJECT_FDW,
 		true
 	},
 	{
@@ -218,7 +218,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_foreign_server_srvowner,
 		Anum_pg_foreign_server_srvacl,
-		ACL_KIND_FOREIGN_SERVER,
+		OBJECT_FOREIGN_SERVER,
 		true
 	},
 	{
@@ -230,7 +230,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_proc_pronamespace,
 		Anum_pg_proc_proowner,
 		Anum_pg_proc_proacl,
-		ACL_KIND_PROC,
+		OBJECT_FUNCTION,
 		false
 	},
 	{
@@ -242,7 +242,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_language_lanowner,
 		Anum_pg_language_lanacl,
-		ACL_KIND_LANGUAGE,
+		OBJECT_LANGUAGE,
 		true
 	},
 	{
@@ -254,7 +254,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_largeobject_metadata_lomowner,
 		Anum_pg_largeobject_metadata_lomacl,
-		ACL_KIND_LARGEOBJECT,
+		OBJECT_LARGEOBJECT,
 		false
 	},
 	{
@@ -266,7 +266,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_opclass_opcnamespace,
 		Anum_pg_opclass_opcowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPCLASS,
+		OBJECT_OPCLASS,
 		true
 	},
 	{
@@ -278,7 +278,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_operator_oprnamespace,
 		Anum_pg_operator_oprowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPER,
+		OBJECT_OPERATOR,
 		false
 	},
 	{
@@ -290,7 +290,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_opfamily_opfnamespace,
 		Anum_pg_opfamily_opfowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPFAMILY,
+		OBJECT_OPFAMILY,
 		true
 	},
 	{
@@ -326,7 +326,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_namespace_nspowner,
 		Anum_pg_namespace_nspacl,
-		ACL_KIND_NAMESPACE,
+		OBJECT_SCHEMA,
 		true
 	},
 	{
@@ -338,7 +338,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_class_relnamespace,
 		Anum_pg_class_relowner,
 		Anum_pg_class_relacl,
-		ACL_KIND_CLASS,
+		OBJECT_RELATION,
 		true
 	},
 	{
@@ -350,7 +350,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_tablespace_spcowner,
 		Anum_pg_tablespace_spcacl,
-		ACL_KIND_TABLESPACE,
+		OBJECT_TABLESPACE,
 		true
 	},
 	{
@@ -392,7 +392,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_event_trigger_evtowner,
 		InvalidAttrNumber,
-		ACL_KIND_EVENT_TRIGGER,
+		OBJECT_EVENT_TRIGGER,
 		true
 	},
 	{
@@ -404,7 +404,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_ts_config_cfgnamespace,
 		Anum_pg_ts_config_cfgowner,
 		InvalidAttrNumber,
-		ACL_KIND_TSCONFIGURATION,
+		OBJECT_TSCONFIGURATION,
 		true
 	},
 	{
@@ -416,7 +416,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_ts_dict_dictnamespace,
 		Anum_pg_ts_dict_dictowner,
 		InvalidAttrNumber,
-		ACL_KIND_TSDICTIONARY,
+		OBJECT_TSDICTIONARY,
 		true
 	},
 	{
@@ -452,7 +452,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_type_typnamespace,
 		Anum_pg_type_typowner,
 		Anum_pg_type_typacl,
-		ACL_KIND_TYPE,
+		OBJECT_TYPE,
 		true
 	},
 	{
@@ -464,7 +464,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_publication_pubowner,
 		InvalidAttrNumber,
-		ACL_KIND_PUBLICATION,
+		OBJECT_PUBLICATION,
 		true
 	},
 	{
@@ -476,7 +476,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_subscription_subowner,
 		InvalidAttrNumber,
-		ACL_KIND_SUBSCRIPTION,
+		OBJECT_SUBSCRIPTION,
 		true
 	},
 	{
@@ -488,7 +488,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_statistic_ext_stxnamespace,
 		Anum_pg_statistic_ext_stxowner,
 		InvalidAttrNumber,		/* no ACL (same as relation) */
-		ACL_KIND_STATISTICS,
+		OBJECT_STATISTIC_EXT,
 		true
 	}
 };
@@ -2242,12 +2242,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 		case OBJECT_POLICY:
 		case OBJECT_TABCONSTRAINT:
 			if (!pg_class_ownercheck(RelationGetRelid(relation), roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   RelationGetRelationName(relation));
 			break;
 		case OBJECT_DATABASE:
 			if (!pg_database_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TYPE:
@@ -2262,62 +2262,62 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 		case OBJECT_PROCEDURE:
 		case OBJECT_ROUTINE:
 			if (!pg_proc_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString((castNode(ObjectWithArgs, object))->objname));
 			break;
 		case OBJECT_OPERATOR:
 			if (!pg_oper_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString((castNode(ObjectWithArgs, object))->objname));
 			break;
 		case OBJECT_SCHEMA:
 			if (!pg_namespace_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_COLLATION:
 			if (!pg_collation_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_CONVERSION:
 			if (!pg_conversion_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_EXTENSION:
 			if (!pg_extension_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_FDW:
 			if (!pg_foreign_data_wrapper_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FDW,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_FOREIGN_SERVER:
 			if (!pg_foreign_server_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_EVENT_TRIGGER:
 			if (!pg_event_trigger_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_LANGUAGE:
 			if (!pg_language_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_OPCLASS:
 			if (!pg_opclass_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_OPFAMILY:
 			if (!pg_opfamily_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPFAMILY,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_LARGEOBJECT:
@@ -2347,12 +2347,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 			break;
 		case OBJECT_PUBLICATION:
 			if (!pg_publication_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_SUBSCRIPTION:
 			if (!pg_subscription_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TRANSFORM:
@@ -2366,17 +2366,17 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 			break;
 		case OBJECT_TABLESPACE:
 			if (!pg_tablespace_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TSDICTIONARY:
 			if (!pg_ts_dict_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_TSCONFIGURATION:
 			if (!pg_ts_config_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_ROLE:
@@ -2540,12 +2540,12 @@ get_object_attnum_acl(Oid class_id)
 	return prop->attnum_acl;
 }
 
-AclObjectKind
-get_object_aclkind(Oid class_id)
+ObjectType
+get_object_type(Oid class_id)
 {
 	const ObjectPropertyType *prop = get_object_property_data(class_id);
 
-	return prop->acl_kind;
+	return prop->objtype;
 }
 
 bool
diff --git a/src/backend/catalog/pg_aggregate.c b/src/backend/catalog/pg_aggregate.c
index ca3fd819b4..603ef8aecf 100644
--- a/src/backend/catalog/pg_aggregate.c
+++ b/src/backend/catalog/pg_aggregate.c
@@ -865,7 +865,7 @@ lookup_agg_function(List *fnName,
 	/* Check aggregate creator has permission to call the function */
 	aclresult = pg_proc_aclcheck(fnOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fnOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(fnOid));
 
 	return fnOid;
 }
diff --git a/src/backend/catalog/pg_operator.c b/src/backend/catalog/pg_operator.c
index 61093dc473..75582df4aa 100644
--- a/src/backend/catalog/pg_operator.c
+++ b/src/backend/catalog/pg_operator.c
@@ -425,7 +425,7 @@ OperatorCreate(const char *operatorName,
 	 */
 	if (OidIsValid(operatorObjectId) &&
 		!pg_oper_ownercheck(operatorObjectId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 					   operatorName);
 
 	/*
@@ -445,7 +445,7 @@ OperatorCreate(const char *operatorName,
 		/* Permission check: must own other operator */
 		if (OidIsValid(commutatorId) &&
 			!pg_oper_ownercheck(commutatorId, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 						   NameListToString(commutatorName));
 
 		/*
@@ -470,7 +470,7 @@ OperatorCreate(const char *operatorName,
 		/* Permission check: must own other operator */
 		if (OidIsValid(negatorId) &&
 			!pg_oper_ownercheck(negatorId, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 						   NameListToString(negatorName));
 	}
 	else
@@ -618,7 +618,7 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
 	aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(),
 									  ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(otherNamespace));
 
 	other_oid = OperatorShellMake(otherName,
diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c
index 2f3912b0e7..a2db360dc1 100644
--- a/src/backend/catalog/pg_proc.c
+++ b/src/backend/catalog/pg_proc.c
@@ -400,7 +400,7 @@ ProcedureCreate(const char *procedureName,
 					 errmsg("function \"%s\" already exists with same argument types",
 							procedureName)));
 		if (!pg_proc_ownercheck(HeapTupleGetOid(oldtup), proowner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 						   procedureName);
 
 		/*
diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c
index e1c6a3602d..ef56642575 100644
--- a/src/backend/catalog/pg_type.c
+++ b/src/backend/catalog/pg_type.c
@@ -413,7 +413,7 @@ TypeCreate(Oid newTypeOid,
 		 * shell type must have been created by same owner
 		 */
 		if (((Form_pg_type) GETSTRUCT(tup))->typowner != ownerId)
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, typeName);
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TYPE, typeName);
 
 		/* trouble if caller wanted to force the OID */
 		if (OidIsValid(newTypeOid))
diff --git a/src/backend/commands/aggregatecmds.c b/src/backend/commands/aggregatecmds.c
index 2e2ee883e2..051dc6621c 100644
--- a/src/backend/commands/aggregatecmds.c
+++ b/src/backend/commands/aggregatecmds.c
@@ -103,7 +103,7 @@ DefineAggregate(ParseState *pstate, List *name, List *args, bool oldstyle, List
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(aggNamespace));
 
 	/* Deconstruct the output of the aggr_args grammar production */
diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c
index 21e3f1efe1..fa9d47296a 100644
--- a/src/backend/commands/alter.c
+++ b/src/backend/commands/alter.c
@@ -171,7 +171,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	AclObjectKind acl_kind = get_object_aclkind(classId);
+	ObjectType	objtype = get_object_type(classId);
 	HeapTuple	oldtup;
 	HeapTuple	newtup;
 	Datum		datum;
@@ -223,7 +223,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 		ownerId = DatumGetObjectId(datum);
 
 		if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId)))
-			aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, old_name);
+			aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name);
 
 		/* User must have CREATE privilege on the namespace */
 		if (OidIsValid(namespaceId))
@@ -231,7 +231,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 			aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 											  ACL_CREATE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+				aclcheck_error(aclresult, OBJECT_SCHEMA,
 							   get_namespace_name(namespaceId));
 		}
 	}
@@ -663,7 +663,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	AclObjectKind acl_kind = get_object_aclkind(classId);
+	ObjectType	objtype = get_object_type(classId);
 	Oid			oldNspOid;
 	Datum		name,
 				namespace;
@@ -719,13 +719,13 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
 		ownerId = DatumGetObjectId(owner);
 
 		if (!has_privs_of_role(GetUserId(), ownerId))
-			aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind,
+			aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 						   NameStr(*(DatumGetName(name))));
 
 		/* User must have CREATE privilege on new namespace */
 		aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(nspOid));
 	}
 
@@ -942,7 +942,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 		/* Superusers can bypass permission checks */
 		if (!superuser())
 		{
-			AclObjectKind aclkind = get_object_aclkind(classId);
+			ObjectType objtype = get_object_type(classId);
 
 			/* must be owner */
 			if (!has_privs_of_role(GetUserId(), old_ownerId))
@@ -963,7 +963,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 							 HeapTupleGetOid(oldtup));
 					objname = namebuf;
 				}
-				aclcheck_error(ACLCHECK_NOT_OWNER, aclkind, objname);
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname);
 			}
 			/* Must be able to become new owner */
 			check_is_member_of_role(GetUserId(), new_ownerId);
@@ -976,7 +976,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 				aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId,
 												  ACL_CREATE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					aclcheck_error(aclresult, OBJECT_SCHEMA,
 								   get_namespace_name(namespaceId));
 			}
 		}
diff --git a/src/backend/commands/collationcmds.c b/src/backend/commands/collationcmds.c
index 9437731276..09a3beca8f 100644
--- a/src/backend/commands/collationcmds.c
+++ b/src/backend/commands/collationcmds.c
@@ -74,7 +74,7 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e
 
 	aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(collNamespace));
 
 	foreach(pl, parameters)
@@ -278,7 +278,7 @@ AlterCollation(AlterCollationStmt *stmt)
 	collOid = get_collation_oid(stmt->collname, false);
 
 	if (!pg_collation_ownercheck(collOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_COLLATION,
 					   NameListToString(stmt->collname));
 
 	tup = SearchSysCacheCopy1(COLLOID, ObjectIdGetDatum(collOid));
diff --git a/src/backend/commands/conversioncmds.c b/src/backend/commands/conversioncmds.c
index 9861d3df22..6a8bcd39a9 100644
--- a/src/backend/commands/conversioncmds.c
+++ b/src/backend/commands/conversioncmds.c
@@ -55,7 +55,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceId));
 
 	/* Check the encoding names */
@@ -90,7 +90,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
 	/* Check we have EXECUTE rights for the function */
 	aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(func_name));
 
 	/*
diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c
index eb1a4695c0..b06374d451 100644
--- a/src/backend/commands/dbcommands.c
+++ b/src/backend/commands/dbcommands.c
@@ -422,7 +422,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
 		aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   tablespacename);
 
 		/* pg_global must never be the default tablespace */
@@ -822,7 +822,7 @@ dropdb(const char *dbname, bool missing_ok)
 	 * Permission checks
 	 */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   dbname);
 
 	/* DROP hook for the database being removed */
@@ -997,7 +997,7 @@ RenameDatabase(const char *oldname, const char *newname)
 
 	/* must be owner */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   oldname);
 
 	/* must have createdb rights */
@@ -1112,7 +1112,7 @@ movedb(const char *dbname, const char *tblspcname)
 	 * Permission checks
 	 */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   dbname);
 
 	/*
@@ -1134,7 +1134,7 @@ movedb(const char *dbname, const char *tblspcname)
 	aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(),
 									   ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+		aclcheck_error(aclresult, OBJECT_TABLESPACE,
 					   tblspcname);
 
 	/*
@@ -1515,7 +1515,7 @@ AlterDatabase(ParseState *pstate, AlterDatabaseStmt *stmt, bool isTopLevel)
 	dboid = HeapTupleGetOid(tuple);
 
 	if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   stmt->dbname);
 
 	/*
@@ -1583,7 +1583,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
 	shdepLockAndCheckObject(DatabaseRelationId, datid);
 
 	if (!pg_database_ownercheck(datid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   stmt->dbname);
 
 	AlterSetting(datid, InvalidOid, stmt->setstmt);
@@ -1646,7 +1646,7 @@ AlterDatabaseOwner(const char *dbname, Oid newOwnerId)
 
 		/* Otherwise, must be owner of the existing object */
 		if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 						   dbname);
 
 		/* Must be able to become new owner */
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index 6a88b2c10f..adb4b4b6ee 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -519,7 +519,7 @@ AlterEventTrigger(AlterEventTrigStmt *stmt)
 	trigoid = HeapTupleGetOid(tup);
 
 	if (!pg_event_trigger_ownercheck(trigoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
 					   stmt->trigname);
 
 	/* tuple is a copy, so we can modify it below */
@@ -610,7 +610,7 @@ AlterEventTriggerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		return;
 
 	if (!pg_event_trigger_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
 					   NameStr(form->evtname));
 
 	/* New owner must be a superuser */
diff --git a/src/backend/commands/extension.c b/src/backend/commands/extension.c
index 9f77d25352..cd3b47d55f 100644
--- a/src/backend/commands/extension.c
+++ b/src/backend/commands/extension.c
@@ -2704,13 +2704,13 @@ AlterExtensionNamespace(const char *extensionName, const char *newschema, Oid *o
 	 * check ownership of the individual member objects ...
 	 */
 	if (!pg_extension_ownercheck(extensionOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   extensionName);
 
 	/* Permission check: must have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE, newschema);
+		aclcheck_error(aclresult, OBJECT_SCHEMA, newschema);
 
 	/*
 	 * If the schema is currently a member of the extension, disallow moving
@@ -2924,7 +2924,7 @@ ExecAlterExtensionStmt(ParseState *pstate, AlterExtensionStmt *stmt)
 
 	/* Permission check: must own extension */
 	if (!pg_extension_ownercheck(extensionOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   stmt->extname);
 
 	/*
@@ -3182,7 +3182,7 @@ ExecAlterExtensionContentsStmt(AlterExtensionContentsStmt *stmt,
 
 	/* Permission check: must own extension */
 	if (!pg_extension_ownercheck(extension.objectId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   stmt->extname);
 
 	/*
diff --git a/src/backend/commands/foreigncmds.c b/src/backend/commands/foreigncmds.c
index 9ad991507f..dcd9098230 100644
--- a/src/backend/commands/foreigncmds.c
+++ b/src/backend/commands/foreigncmds.c
@@ -358,7 +358,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 
 			/* Must be owner */
 			if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 							   NameStr(form->srvname));
 
 			/* Must be able to become new owner */
@@ -370,7 +370,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 			{
 				ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw);
 
-				aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+				aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
 			}
 		}
 
@@ -907,7 +907,7 @@ CreateForeignServer(CreateForeignServerStmt *stmt)
 
 	aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+		aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
 
 	/*
 	 * Insert tuple into pg_foreign_server.
@@ -1010,7 +1010,7 @@ AlterForeignServer(AlterForeignServerStmt *stmt)
 	 * Only owner or a superuser can ALTER a SERVER.
 	 */
 	if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 					   stmt->servername);
 
 	memset(repl_val, 0, sizeof(repl_val));
@@ -1119,10 +1119,10 @@ user_mapping_ddl_aclcheck(Oid umuserid, Oid serverid, const char *servername)
 
 			aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, servername);
+				aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername);
 		}
 		else
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 						   servername);
 	}
 }
@@ -1477,7 +1477,7 @@ CreateForeignTable(CreateForeignTableStmt *stmt, Oid relid)
 	server = GetForeignServerByName(stmt->servername, false);
 	aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+		aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
 
 	fdw = GetForeignDataWrapper(server->fdwid);
 
@@ -1536,7 +1536,7 @@ ImportForeignSchema(ImportForeignSchemaStmt *stmt)
 	server = GetForeignServerByName(stmt->server_name, false);
 	aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+		aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
 
 	/* Check that the schema exists and we have CREATE permissions on it */
 	(void) LookupCreationNamespace(stmt->local_schema);
diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c
index 2a9c90133d..8f73606f4d 100644
--- a/src/backend/commands/functioncmds.c
+++ b/src/backend/commands/functioncmds.c
@@ -146,7 +146,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
 		aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 										  ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(namespaceId));
 		address = TypeShellMake(typname, namespaceId, GetUserId());
 		rettype = address.objectId;
@@ -953,7 +953,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceId));
 
 	/* default attributes */
@@ -995,14 +995,14 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
 
 		aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+			aclcheck_error(aclresult, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 	else
 	{
 		/* if untrusted language, must be superuser */
 		if (!superuser())
-			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 
@@ -1254,7 +1254,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt)
 
 	/* Permission check: must own function */
 	if (!pg_proc_ownercheck(funcOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype,
 					   NameListToString(stmt->func->objname));
 
 	if (procForm->proisagg)
@@ -1911,7 +1911,7 @@ CreateTransform(CreateTransformStmt *stmt)
 
 	aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_LANGUAGE, stmt->lang);
+		aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang);
 
 	/*
 	 * Get the functions
@@ -1921,11 +1921,11 @@ CreateTransform(CreateTransformStmt *stmt)
 		fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false);
 
 		if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
 
 		aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+			aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
 
 		tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(fromsqlfuncid));
 		if (!HeapTupleIsValid(tuple))
@@ -1947,11 +1947,11 @@ CreateTransform(CreateTransformStmt *stmt)
 		tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false);
 
 		if (!pg_proc_ownercheck(tosqlfuncid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
 
 		aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+			aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
 
 		tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(tosqlfuncid));
 		if (!HeapTupleIsValid(tuple))
@@ -2209,14 +2209,14 @@ ExecuteDoStmt(DoStmt *stmt)
 		aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(),
 										 ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+			aclcheck_error(aclresult, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 	else
 	{
 		/* if untrusted language, must be superuser */
 		if (!superuser())
-			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 
@@ -2270,7 +2270,7 @@ ExecuteCallStmt(ParseState *pstate, CallStmt *stmt)
 
 	aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fexpr->funcid));
+		aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid));
 	InvokeFunctionExecuteHook(fexpr->funcid);
 
 	nargs = list_length(fexpr->args);
diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c
index 97091dd9fb..31992512e5 100644
--- a/src/backend/commands/indexcmds.c
+++ b/src/backend/commands/indexcmds.c
@@ -431,7 +431,7 @@ DefineIndex(Oid relationId,
 		aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 										  ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(namespaceId));
 	}
 
@@ -458,7 +458,7 @@ DefineIndex(Oid relationId,
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tablespaceId));
 	}
 
@@ -1836,7 +1836,7 @@ RangeVarCallbackForReindexIndex(const RangeVar *relation,
 
 	/* Check permissions */
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, relation->relname);
 
 	/* Lock heap before index to avoid deadlock. */
 	if (relId != oldRelId)
@@ -1915,7 +1915,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
 		objectOid = get_namespace_oid(objectName, false);
 
 		if (!pg_namespace_ownercheck(objectOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 						   objectName);
 	}
 	else
@@ -1927,7 +1927,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
 					(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
 					 errmsg("can only reindex the currently open database")));
 		if (!pg_database_ownercheck(objectOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 						   objectName);
 	}
 
diff --git a/src/backend/commands/lockcmds.c b/src/backend/commands/lockcmds.c
index 9fe9e022b0..fba81dba19 100644
--- a/src/backend/commands/lockcmds.c
+++ b/src/backend/commands/lockcmds.c
@@ -96,7 +96,7 @@ RangeVarCallbackForLockTable(const RangeVar *rv, Oid relid, Oid oldrelid,
 	/* Check permissions. */
 	aclresult = LockTableAclCheck(relid, lockmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(aclresult, OBJECT_RELATION, rv->relname);
 }
 
 /*
@@ -127,7 +127,7 @@ LockTableRecurse(Oid reloid, LOCKMODE lockmode, bool nowait)
 
 			if (!relname)
 				continue;		/* child concurrently dropped, just skip it */
-			aclcheck_error(aclresult, ACL_KIND_CLASS, relname);
+			aclcheck_error(aclresult, OBJECT_RELATION, relname);
 		}
 
 		/* We have enough rights to lock the relation; do so. */
diff --git a/src/backend/commands/opclasscmds.c b/src/backend/commands/opclasscmds.c
index 35c7c67bf5..0fb5345b6c 100644
--- a/src/backend/commands/opclasscmds.c
+++ b/src/backend/commands/opclasscmds.c
@@ -353,7 +353,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/* Get necessary info about access method */
@@ -497,11 +497,11 @@ DefineOpClass(CreateOpClassStmt *stmt)
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own operator and its underlying function */
 				if (!pg_oper_ownercheck(operOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 								   get_opname(operOid));
 				funcOid = get_opcode(operOid);
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -525,7 +525,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own function */
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -730,7 +730,7 @@ DefineOpFamily(CreateOpFamilyStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/* Get access method OID, throwing an error if it doesn't exist. */
@@ -871,11 +871,11 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own operator and its underlying function */
 				if (!pg_oper_ownercheck(operOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 								   get_opname(operOid));
 				funcOid = get_opcode(operOid);
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -899,7 +899,7 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own function */
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
diff --git a/src/backend/commands/operatorcmds.c b/src/backend/commands/operatorcmds.c
index 6674b41eec..7b52fa9f50 100644
--- a/src/backend/commands/operatorcmds.c
+++ b/src/backend/commands/operatorcmds.c
@@ -95,7 +95,7 @@ DefineOperator(List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(oprNamespace));
 
 	/*
@@ -215,7 +215,7 @@ DefineOperator(List *names, List *parameters)
 	 */
 	aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(functionName));
 
 	rettype = get_func_rettype(functionOid);
@@ -281,7 +281,7 @@ ValidateRestrictionEstimator(List *restrictionName)
 	/* Require EXECUTE rights for the estimator */
 	aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(restrictionName));
 
 	return restrictionOid;
@@ -327,7 +327,7 @@ ValidateJoinEstimator(List *joinName)
 	/* Require EXECUTE rights for the estimator */
 	aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(joinName));
 
 	return joinOid;
@@ -457,7 +457,7 @@ AlterOperator(AlterOperatorStmt *stmt)
 
 	/* Check permissions. Must be owner. */
 	if (!pg_oper_ownercheck(oprId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 					   NameStr(oprForm->oprname));
 
 	/*
diff --git a/src/backend/commands/policy.c b/src/backend/commands/policy.c
index 9ced4ee34c..b57c1b8f05 100644
--- a/src/backend/commands/policy.c
+++ b/src/backend/commands/policy.c
@@ -78,7 +78,7 @@ RangeVarCallbackForPolicy(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
diff --git a/src/backend/commands/proclang.c b/src/backend/commands/proclang.c
index 1a239fabea..487502f389 100644
--- a/src/backend/commands/proclang.c
+++ b/src/backend/commands/proclang.c
@@ -97,7 +97,7 @@ CreateProceduralLanguage(CreatePLangStmt *stmt)
 						 errmsg("must be superuser to create procedural language \"%s\"",
 								stmt->plname)));
 			if (!pg_database_ownercheck(MyDatabaseId, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 							   get_database_name(MyDatabaseId));
 		}
 
@@ -366,7 +366,7 @@ create_proc_lang(const char *languageName, bool replace,
 					(errcode(ERRCODE_DUPLICATE_OBJECT),
 					 errmsg("language \"%s\" already exists", languageName)));
 		if (!pg_language_ownercheck(HeapTupleGetOid(oldtup), languageOwner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_LANGUAGE,
 						   languageName);
 
 		/*
diff --git a/src/backend/commands/publicationcmds.c b/src/backend/commands/publicationcmds.c
index f298d3d381..55b25ebe23 100644
--- a/src/backend/commands/publicationcmds.c
+++ b/src/backend/commands/publicationcmds.c
@@ -150,7 +150,7 @@ CreatePublication(CreatePublicationStmt *stmt)
 	/* must have CREATE privilege on database */
 	aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	/* FOR ALL TABLES requires superuser */
@@ -403,7 +403,7 @@ AlterPublication(AlterPublicationStmt *stmt)
 
 	/* must be owner */
 	if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
 					   stmt->pubname);
 
 	if (stmt->options)
@@ -582,7 +582,7 @@ PublicationAddTables(Oid pubid, List *rels, bool if_not_exists,
 
 		/* Must be owner of the table or superuser. */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		obj = publication_add_relation(pubid, rel, if_not_exists);
@@ -649,7 +649,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 
 		/* Must be owner */
 		if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
 						   NameStr(form->pubname));
 
 		/* Must be able to become new owner */
@@ -658,7 +658,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		/* New owner must have CREATE privilege on database */
 		aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_DATABASE,
+			aclcheck_error(aclresult, OBJECT_DATABASE,
 						   get_database_name(MyDatabaseId));
 
 		if (form->puballtables && !superuser_arg(newOwnerId))
diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c
index f9ea73f923..23b04665b8 100644
--- a/src/backend/commands/schemacmds.c
+++ b/src/backend/commands/schemacmds.c
@@ -94,7 +94,7 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
 	 */
 	aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	check_is_member_of_role(saved_uid, owner_uid);
@@ -265,13 +265,13 @@ RenameSchema(const char *oldname, const char *newname)
 
 	/* must be owner */
 	if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 					   oldname);
 
 	/* must have CREATE privilege on database */
 	aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	if (!allowSystemTableMods && IsReservedName(newname))
@@ -373,7 +373,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
 
 		/* Otherwise, must be owner of the existing object */
 		if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 						   NameStr(nspForm->nspname));
 
 		/* Must be able to become new owner */
@@ -391,7 +391,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
 		aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(),
 										 ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_DATABASE,
+			aclcheck_error(aclresult, OBJECT_DATABASE,
 						   get_database_name(MyDatabaseId));
 
 		memset(repl_null, false, sizeof(repl_null));
diff --git a/src/backend/commands/statscmds.c b/src/backend/commands/statscmds.c
index c70a28de4b..e75631bb97 100644
--- a/src/backend/commands/statscmds.c
+++ b/src/backend/commands/statscmds.c
@@ -141,7 +141,7 @@ CreateStatistics(CreateStatsStmt *stmt)
 
 		/* You must own the relation to create stats on it */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 	}
 
diff --git a/src/backend/commands/subscriptioncmds.c b/src/backend/commands/subscriptioncmds.c
index a7f426d52b..1e0061230c 100644
--- a/src/backend/commands/subscriptioncmds.c
+++ b/src/backend/commands/subscriptioncmds.c
@@ -635,7 +635,7 @@ AlterSubscription(AlterSubscriptionStmt *stmt)
 
 	/* must be owner */
 	if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   stmt->subname);
 
 	subid = HeapTupleGetOid(tup);
@@ -854,7 +854,7 @@ DropSubscription(DropSubscriptionStmt *stmt, bool isTopLevel)
 
 	/* must be owner */
 	if (!pg_subscription_ownercheck(subid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   stmt->subname);
 
 	/* DROP hook for the subscription being removed */
@@ -1022,7 +1022,7 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		return;
 
 	if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   NameStr(form->subname));
 
 	/* New owner must be a superuser */
diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c
index d979ce266d..134b670c3c 100644
--- a/src/backend/commands/tablecmds.c
+++ b/src/backend/commands/tablecmds.c
@@ -589,7 +589,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tablespaceId));
 	}
 
@@ -1193,7 +1193,7 @@ RangeVarCallbackForDropRelation(const RangeVar *rel, Oid relOid, Oid oldRelOid,
 	/* Allow DROP to either table owner or schema owner */
 	if (!pg_class_ownercheck(relOid, GetUserId()) &&
 		!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   rel->relname);
 
 	if (!allowSystemTableMods && IsSystemClass(relOid, classform))
@@ -1375,7 +1375,7 @@ ExecuteTruncate(TruncateStmt *stmt)
 
 				/* This check must match AlterSequence! */
 				if (!pg_class_ownercheck(seq_relid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SEQUENCE,
 								   RelationGetRelationName(seq_rel));
 
 				seq_relids = lappend_oid(seq_relids, seq_relid);
@@ -1563,7 +1563,7 @@ truncate_check_rel(Relation rel)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_TRUNCATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -1849,7 +1849,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence,
 		 * demand that creator of a child table own the parent.
 		 */
 		if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(relation));
 
 		/*
@@ -2552,7 +2552,7 @@ renameatt_check(Oid myrelid, Form_pg_class classform, bool recursing)
 	 * permissions checking.  only the owner of a class can change its schema.
 	 */
 	if (!pg_class_ownercheck(myrelid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   NameStr(classform->relname));
 	if (!allowSystemTableMods && IsSystemClass(myrelid, classform))
 		ereport(ERROR,
@@ -4770,7 +4770,7 @@ ATSimplePermissions(Relation rel, int allowed_targets)
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -6213,7 +6213,7 @@ ATPrepSetStatistics(Relation rel, const char *colName, int16 colNum, Node *newVa
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 }
 
@@ -8197,7 +8197,7 @@ checkFkeyPermissions(Relation rel, int16 *attnums, int natts)
 		aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i],
 										  roleid, ACL_REFERENCES);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 	}
 }
@@ -10105,7 +10105,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
 
 				/* Otherwise, must be owner of the existing object */
 				if (!pg_class_ownercheck(relationOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 								   RelationGetRelationName(target_rel));
 
 				/* Must be able to become new owner */
@@ -10115,7 +10115,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
 				aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId,
 												  ACL_CREATE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					aclcheck_error(aclresult, OBJECT_SCHEMA,
 								   get_namespace_name(namespaceOid));
 			}
 		}
@@ -10410,7 +10410,7 @@ ATPrepSetTableSpace(AlteredTableInfo *tab, Relation rel, const char *tablespacen
 
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE, tablespacename);
+			aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename);
 	}
 
 	/* Save info for Phase 3 to do the real work */
@@ -10844,7 +10844,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
 		aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(new_tablespaceoid));
 	}
 
@@ -10915,7 +10915,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
 		 * Caller must be considered an owner on the table to move it.
 		 */
 		if (!pg_class_ownercheck(relOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   NameStr(relForm->relname));
 
 		if (stmt->nowait &&
@@ -13160,7 +13160,7 @@ RangeVarCallbackOwnsTable(const RangeVar *relation,
 
 	/* Check permissions */
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, relation->relname);
 }
 
 /*
@@ -13182,7 +13182,7 @@ RangeVarCallbackOwnsRelation(const RangeVar *relation,
 		elog(ERROR, "cache lookup failed for relation %u", relId);
 
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   relation->relname);
 
 	if (!allowSystemTableMods &&
@@ -13218,7 +13218,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
@@ -13238,7 +13238,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
 		aclresult = pg_namespace_aclcheck(classform->relnamespace,
 										  GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(classform->relnamespace));
 		reltype = ((RenameStmt *) stmt)->renameType;
 	}
diff --git a/src/backend/commands/tablespace.c b/src/backend/commands/tablespace.c
index d574e4dd00..24e07c7f08 100644
--- a/src/backend/commands/tablespace.c
+++ b/src/backend/commands/tablespace.c
@@ -444,13 +444,13 @@ DropTableSpace(DropTableSpaceStmt *stmt)
 
 	/* Must be tablespace owner */
 	if (!pg_tablespace_ownercheck(tablespaceoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
 					   tablespacename);
 
 	/* Disallow drop of the standard tablespaces, even by superuser */
 	if (tablespaceoid == GLOBALTABLESPACE_OID ||
 		tablespaceoid == DEFAULTTABLESPACE_OID)
-		aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE,
 					   tablespacename);
 
 	/* DROP hook for the tablespace being removed */
@@ -941,7 +941,7 @@ RenameTableSpace(const char *oldname, const char *newname)
 
 	/* Must be owner */
 	if (!pg_tablespace_ownercheck(HeapTupleGetOid(newtuple), GetUserId()))
-		aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, oldname);
+		aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, oldname);
 
 	/* Validate new name */
 	if (!allowSystemTableMods && IsReservedName(newname))
@@ -1017,7 +1017,7 @@ AlterTableSpaceOptions(AlterTableSpaceOptionsStmt *stmt)
 
 	/* Must be owner of the existing object */
 	if (!pg_tablespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
 					   stmt->tablespacename);
 
 	/* Generate new proposed spcoptions (text array) */
@@ -1232,7 +1232,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source)
 			if (aclresult != ACLCHECK_OK)
 			{
 				if (source >= PGC_S_INTERACTIVE)
-					aclcheck_error(aclresult, ACL_KIND_TABLESPACE, curname);
+					aclcheck_error(aclresult, OBJECT_TABLESPACE, curname);
 				continue;
 			}
 
diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c
index 92ae3822d8..b1a1e4c65d 100644
--- a/src/backend/commands/trigger.c
+++ b/src/backend/commands/trigger.c
@@ -284,7 +284,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 		aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 									  ACL_TRIGGER);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		if (OidIsValid(constrrelid))
@@ -292,7 +292,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 			aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
 										  ACL_TRIGGER);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_CLASS,
+				aclcheck_error(aclresult, OBJECT_RELATION,
 							   get_rel_name(constrrelid));
 		}
 	}
@@ -592,7 +592,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 	{
 		aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   NameListToString(stmt->funcname));
 	}
 	funcrettype = get_func_rettype(funcoid);
@@ -1422,7 +1422,7 @@ RangeVarCallbackForRenameTrigger(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its triggers */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 	if (!allowSystemTableMods && IsSystemClass(relid, form))
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
diff --git a/src/backend/commands/tsearchcmds.c b/src/backend/commands/tsearchcmds.c
index adc7cd67a7..777677fbd3 100644
--- a/src/backend/commands/tsearchcmds.c
+++ b/src/backend/commands/tsearchcmds.c
@@ -428,7 +428,7 @@ DefineTSDictionary(List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/*
@@ -549,7 +549,7 @@ AlterTSDictionary(AlterTSDictionaryStmt *stmt)
 
 	/* must be owner */
 	if (!pg_ts_dict_ownercheck(dictId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSDICTIONARY,
 					   NameListToString(stmt->dictname));
 
 	/* deserialize the existing set of options */
@@ -980,7 +980,7 @@ DefineTSConfiguration(List *names, List *parameters, ObjectAddress *copied)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/*
@@ -1189,7 +1189,7 @@ AlterTSConfiguration(AlterTSConfigurationStmt *stmt)
 
 	/* must be owner */
 	if (!pg_ts_config_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSCONFIGURATION,
 					   NameListToString(stmt->cfgname));
 
 	relMap = heap_open(TSConfigMapRelationId, RowExclusiveLock);
diff --git a/src/backend/commands/typecmds.c b/src/backend/commands/typecmds.c
index f86af4c054..ec1ee20261 100644
--- a/src/backend/commands/typecmds.c
+++ b/src/backend/commands/typecmds.c
@@ -190,7 +190,7 @@ DefineType(ParseState *pstate, List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(typeNamespace));
 #endif
 
@@ -526,25 +526,25 @@ DefineType(ParseState *pstate, List *names, List *parameters)
 #ifdef NOT_USED
 	/* XXX this is unnecessary given the superuser check above */
 	if (inputOid && !pg_proc_ownercheck(inputOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(inputName));
 	if (outputOid && !pg_proc_ownercheck(outputOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(outputName));
 	if (receiveOid && !pg_proc_ownercheck(receiveOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(receiveName));
 	if (sendOid && !pg_proc_ownercheck(sendOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(sendName));
 	if (typmodinOid && !pg_proc_ownercheck(typmodinOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(typmodinName));
 	if (typmodoutOid && !pg_proc_ownercheck(typmodoutOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(typmodoutName));
 	if (analyzeOid && !pg_proc_ownercheck(analyzeOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(analyzeName));
 #endif
 
@@ -772,7 +772,7 @@ DefineDomain(CreateDomainStmt *stmt)
 	aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
 									  ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(domainNamespace));
 
 	/*
@@ -1171,7 +1171,7 @@ DefineEnum(CreateEnumStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(enumNamespace));
 
 	/*
@@ -1398,7 +1398,7 @@ DefineRange(CreateRangeStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(typeNamespace));
 
 	/*
@@ -2042,7 +2042,7 @@ findRangeCanonicalFunction(List *procname, Oid typeOid)
 	/* Also, range type's creator must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
 
 	return procOid;
 }
@@ -2085,7 +2085,7 @@ findRangeSubtypeDiffFunction(List *procname, Oid subtype)
 	/* Also, range type's creator must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
 
 	return procOid;
 }
@@ -3380,7 +3380,7 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype)
 											  newOwnerId,
 											  ACL_CREATE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+				aclcheck_error(aclresult, OBJECT_SCHEMA,
 							   get_namespace_name(typTup->typnamespace));
 		}
 
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c
index f2941352d7..e4700cfd23 100644
--- a/src/backend/commands/user.c
+++ b/src/backend/commands/user.c
@@ -939,7 +939,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
 			 * ALTER DATABASE ... SET, so use the same permission check.
 			 */
 			if (!pg_database_ownercheck(databaseid, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 							   stmt->database);
 		}
 	}
diff --git a/src/backend/executor/execExpr.c b/src/backend/executor/execExpr.c
index e0839616e1..a877501394 100644
--- a/src/backend/executor/execExpr.c
+++ b/src/backend/executor/execExpr.c
@@ -883,7 +883,7 @@ ExecInitExprRec(Expr *node, PlanState *parent, ExprState *state,
 											 GetUserId(),
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(opexpr->opfuncid));
 				InvokeFunctionExecuteHook(opexpr->opfuncid);
 
@@ -2086,7 +2086,7 @@ ExecInitFunc(ExprEvalStep *scratch, Expr *node, List *args, Oid funcid,
 	/* Check permission to call function */
 	aclresult = pg_proc_aclcheck(funcid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(funcid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(funcid));
 	InvokeFunctionExecuteHook(funcid);
 
 	/*
diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c
index dbaa47f2d3..2ce7bbc596 100644
--- a/src/backend/executor/execMain.c
+++ b/src/backend/executor/execMain.c
@@ -579,7 +579,7 @@ ExecCheckRTPerms(List *rangeTable, bool ereport_on_violation)
 		{
 			Assert(rte->rtekind == RTE_RELATION);
 			if (ereport_on_violation)
-				aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_RELATION,
 							   get_rel_name(rte->relid));
 			return false;
 		}
diff --git a/src/backend/executor/execSRF.c b/src/backend/executor/execSRF.c
index c24d8b9ead..164f65e738 100644
--- a/src/backend/executor/execSRF.c
+++ b/src/backend/executor/execSRF.c
@@ -682,7 +682,7 @@ init_sexpr(Oid foid, Oid input_collation, Expr *node,
 	/* Check permission to call function */
 	aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(foid));
 	InvokeFunctionExecuteHook(foid);
 
 	/*
diff --git a/src/backend/executor/nodeAgg.c b/src/backend/executor/nodeAgg.c
index da6ef1a94c..97c874f5cd 100644
--- a/src/backend/executor/nodeAgg.c
+++ b/src/backend/executor/nodeAgg.c
@@ -3179,7 +3179,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 		aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(),
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_AGGREGATE,
 						   get_func_name(aggref->aggfnoid));
 		InvokeFunctionExecuteHook(aggref->aggfnoid);
 
@@ -3269,7 +3269,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 			aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(transfn_oid));
 			InvokeFunctionExecuteHook(transfn_oid);
 			if (OidIsValid(finalfn_oid))
@@ -3277,7 +3277,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(finalfn_oid));
 				InvokeFunctionExecuteHook(finalfn_oid);
 			}
@@ -3286,7 +3286,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(serialfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(serialfn_oid));
 				InvokeFunctionExecuteHook(serialfn_oid);
 			}
@@ -3295,7 +3295,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(deserialfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(deserialfn_oid));
 				InvokeFunctionExecuteHook(deserialfn_oid);
 			}
diff --git a/src/backend/executor/nodeWindowAgg.c b/src/backend/executor/nodeWindowAgg.c
index 02868749f6..71c935a472 100644
--- a/src/backend/executor/nodeWindowAgg.c
+++ b/src/backend/executor/nodeWindowAgg.c
@@ -1928,7 +1928,7 @@ ExecInitWindowAgg(WindowAgg *node, EState *estate, int eflags)
 		aclresult = pg_proc_aclcheck(wfunc->winfnoid, GetUserId(),
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   get_func_name(wfunc->winfnoid));
 		InvokeFunctionExecuteHook(wfunc->winfnoid);
 
@@ -2189,7 +2189,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 		aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   get_func_name(transfn_oid));
 		InvokeFunctionExecuteHook(transfn_oid);
 
@@ -2198,7 +2198,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 			aclresult = pg_proc_aclcheck(invtransfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(invtransfn_oid));
 			InvokeFunctionExecuteHook(invtransfn_oid);
 		}
@@ -2208,7 +2208,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 			aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(finalfn_oid));
 			InvokeFunctionExecuteHook(finalfn_oid);
 		}
diff --git a/src/backend/parser/parse_utilcmd.c b/src/backend/parser/parse_utilcmd.c
index f67379f8ed..5633676da6 100644
--- a/src/backend/parser/parse_utilcmd.c
+++ b/src/backend/parser/parse_utilcmd.c
@@ -954,7 +954,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
 		aclresult = pg_type_aclcheck(relation->rd_rel->reltype, GetUserId(),
 									 ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TYPE,
+			aclcheck_error(aclresult, OBJECT_TYPE,
 						   RelationGetRelationName(relation));
 	}
 	else
@@ -962,7 +962,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
 		aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(),
 									  ACL_SELECT);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(relation));
 	}
 
diff --git a/src/backend/rewrite/rewriteDefine.c b/src/backend/rewrite/rewriteDefine.c
index 247809927a..27857f056a 100644
--- a/src/backend/rewrite/rewriteDefine.c
+++ b/src/backend/rewrite/rewriteDefine.c
@@ -276,7 +276,7 @@ DefineQueryRewrite(const char *rulename,
 	 * Check user has permission to apply rules to this relation.
 	 */
 	if (!pg_class_ownercheck(event_relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(event_relation));
 
 	/*
@@ -864,7 +864,7 @@ EnableDisableRule(Relation rel, const char *rulename,
 	eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(ruletup))->ev_class;
 	Assert(eventRelationOid == owningRel);
 	if (!pg_class_ownercheck(eventRelationOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   get_rel_name(eventRelationOid));
 
 	/*
@@ -927,7 +927,7 @@ RangeVarCallbackForRenameRule(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its rules */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	ReleaseSysCache(tuple);
 }
diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c
index a434f7f857..17fffb2bd7 100644
--- a/src/backend/tcop/fastpath.c
+++ b/src/backend/tcop/fastpath.c
@@ -315,13 +315,13 @@ HandleFunctionRequest(StringInfo msgBuf)
 	 */
 	aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(fip->namespace));
 	InvokeNamespaceSearchHook(fip->namespace, true);
 
 	aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   get_func_name(fid));
 	InvokeFunctionExecuteHook(fid);
 
diff --git a/src/backend/utils/adt/dbsize.c b/src/backend/utils/adt/dbsize.c
index 58c0b01bdc..8e72e0654f 100644
--- a/src/backend/utils/adt/dbsize.c
+++ b/src/backend/utils/adt/dbsize.c
@@ -97,7 +97,7 @@ calculate_database_size(Oid dbOid)
 	if (aclresult != ACLCHECK_OK &&
 		!is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
 	{
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(dbOid));
 	}
 
@@ -183,7 +183,7 @@ calculate_tablespace_size(Oid tblspcOid)
 	{
 		aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tblspcOid));
 	}
 
diff --git a/src/backend/utils/adt/tid.c b/src/backend/utils/adt/tid.c
index 854097dd58..95aa43fb48 100644
--- a/src/backend/utils/adt/tid.c
+++ b/src/backend/utils/adt/tid.c
@@ -343,7 +343,7 @@ currtid_byreloid(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
@@ -377,7 +377,7 @@ currtid_byrelname(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
diff --git a/src/backend/utils/fmgr/fmgr.c b/src/backend/utils/fmgr/fmgr.c
index 975c968e3b..69874a8923 100644
--- a/src/backend/utils/fmgr/fmgr.c
+++ b/src/backend/utils/fmgr/fmgr.c
@@ -2124,7 +2124,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
 	aclresult = pg_language_aclcheck(procStruct->prolang, GetUserId(),
 									 ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+		aclcheck_error(aclresult, OBJECT_LANGUAGE,
 					   NameStr(langStruct->lanname));
 
 	/*
@@ -2134,7 +2134,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
 	 */
 	aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, NameStr(procStruct->proname));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, NameStr(procStruct->proname));
 
 	ReleaseSysCache(procTup);
 	ReleaseSysCache(langTup);
diff --git a/src/include/catalog/objectaddress.h b/src/include/catalog/objectaddress.h
index 5fc54d0e57..b32ff14359 100644
--- a/src/include/catalog/objectaddress.h
+++ b/src/include/catalog/objectaddress.h
@@ -62,7 +62,7 @@ extern AttrNumber get_object_attnum_name(Oid class_id);
 extern AttrNumber get_object_attnum_namespace(Oid class_id);
 extern AttrNumber get_object_attnum_owner(Oid class_id);
 extern AttrNumber get_object_attnum_acl(Oid class_id);
-extern AclObjectKind get_object_aclkind(Oid class_id);
+extern ObjectType get_object_type(Oid class_id);
 extern bool get_object_namensp_unique(Oid class_id);
 
 extern HeapTuple get_catalog_object_by_oid(Relation catalog,
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
index a8a6f35dde..fab87fecfa 100644
--- a/src/include/utils/acl.h
+++ b/src/include/utils/acl.h
@@ -182,37 +182,6 @@ typedef enum
 	ACLCHECK_NOT_OWNER
 } AclResult;
 
-/* this enum covers all object types that can have privilege errors */
-/* currently it's only used to tell aclcheck_error what to say */
-typedef enum AclObjectKind
-{
-	ACL_KIND_COLUMN,			/* pg_attribute */
-	ACL_KIND_CLASS,				/* pg_class */
-	ACL_KIND_SEQUENCE,			/* pg_sequence */
-	ACL_KIND_DATABASE,			/* pg_database */
-	ACL_KIND_PROC,				/* pg_proc */
-	ACL_KIND_OPER,				/* pg_operator */
-	ACL_KIND_TYPE,				/* pg_type */
-	ACL_KIND_LANGUAGE,			/* pg_language */
-	ACL_KIND_LARGEOBJECT,		/* pg_largeobject */
-	ACL_KIND_NAMESPACE,			/* pg_namespace */
-	ACL_KIND_OPCLASS,			/* pg_opclass */
-	ACL_KIND_OPFAMILY,			/* pg_opfamily */
-	ACL_KIND_COLLATION,			/* pg_collation */
-	ACL_KIND_CONVERSION,		/* pg_conversion */
-	ACL_KIND_STATISTICS,		/* pg_statistic_ext */
-	ACL_KIND_TABLESPACE,		/* pg_tablespace */
-	ACL_KIND_TSDICTIONARY,		/* pg_ts_dict */
-	ACL_KIND_TSCONFIGURATION,	/* pg_ts_config */
-	ACL_KIND_FDW,				/* pg_foreign_data_wrapper */
-	ACL_KIND_FOREIGN_SERVER,	/* pg_foreign_server */
-	ACL_KIND_EVENT_TRIGGER,		/* pg_event_trigger */
-	ACL_KIND_EXTENSION,			/* pg_extension */
-	ACL_KIND_PUBLICATION,		/* pg_publication */
-	ACL_KIND_SUBSCRIPTION,		/* pg_subscription */
-	MAX_ACL_KIND				/* MUST BE LAST */
-} AclObjectKind;
-
 
 /*
  * routines used internally
@@ -301,10 +270,10 @@ extern AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMo
 extern AclResult pg_foreign_server_aclcheck(Oid srv_oid, Oid roleid, AclMode mode);
 extern AclResult pg_type_aclcheck(Oid type_oid, Oid roleid, AclMode mode);
 
-extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error(AclResult aclerr, ObjectType objtype,
 			   const char *objectname);
 
-extern void aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error_col(AclResult aclerr, ObjectType objtype,
 				   const char *objectname, const char *colname);
 
 extern void aclcheck_error_type(AclResult aclerr, Oid typeOid);
diff --git a/src/pl/tcl/pltcl.c b/src/pl/tcl/pltcl.c
index 8069784151..8f5847c4ff 100644
--- a/src/pl/tcl/pltcl.c
+++ b/src/pl/tcl/pltcl.c
@@ -618,7 +618,7 @@ call_pltcl_start_proc(Oid prolang, bool pltrusted)
 	/* Current user must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, start_proc);
+		aclcheck_error(aclresult, OBJECT_FUNCTION, start_proc);
 
 	/* Get the function's pg_proc entry */
 	procTup = SearchSysCache1(PROCOID, ObjectIdGetDatum(procOid));
diff --git a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
index 77bdc9345d..b2d898a7d1 100644
--- a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
+++ b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
@@ -30,14 +30,14 @@ SECURITY LABEL FOR 'dummy' ON TABLE dummy_seclabel_tbl1 IS 'unclassified';	-- OK
 SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified';	-- fail
 ERROR:  security label provider "unknown_seclabel" is not loaded
 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified';	-- fail (not owner)
-ERROR:  must be owner of relation dummy_seclabel_tbl2
+ERROR:  must be owner of table dummy_seclabel_tbl2
 SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret';		-- fail (not superuser)
 ERROR:  only superuser can set 'secret' label
 SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified';	-- fail (not found)
 ERROR:  relation "dummy_seclabel_tbl3" does not exist
 SET SESSION AUTHORIZATION regress_dummy_seclabel_user2;
 SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified';		-- fail
-ERROR:  must be owner of relation dummy_seclabel_tbl1
+ERROR:  must be owner of table dummy_seclabel_tbl1
 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified';			-- OK
 --
 -- Test for shared database object
diff --git a/src/test/regress/expected/create_procedure.out b/src/test/regress/expected/create_procedure.out
index e627d8ebbc..ccad5c87d5 100644
--- a/src/test/regress/expected/create_procedure.out
+++ b/src/test/regress/expected/create_procedure.out
@@ -82,7 +82,7 @@ GRANT INSERT ON cp_test TO regress_user1;
 REVOKE EXECUTE ON PROCEDURE ptest1(text) FROM PUBLIC;
 SET ROLE regress_user1;
 CALL ptest1('a');  -- error
-ERROR:  permission denied for function ptest1
+ERROR:  permission denied for procedure ptest1
 RESET ROLE;
 GRANT EXECUTE ON PROCEDURE ptest1(text) TO regress_user1;
 SET ROLE regress_user1;
diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out
index e6994f0490..87e9211f6a 100644
--- a/src/test/regress/expected/privileges.out
+++ b/src/test/regress/expected/privileges.out
@@ -694,9 +694,9 @@ SET SESSION AUTHORIZATION regress_user3;
 SELECT testfunc1(5); -- fail
 ERROR:  permission denied for function testfunc1
 SELECT testagg1(x) FROM (VALUES (1), (2), (3)) _(x); -- fail
-ERROR:  permission denied for function testagg1
+ERROR:  permission denied for aggregate testagg1
 CALL testproc1(6); -- fail
-ERROR:  permission denied for function testproc1
+ERROR:  permission denied for procedure testproc1
 SELECT col1 FROM atest2 WHERE col2 = true; -- fail
 ERROR:  permission denied for relation atest2
 SELECT testfunc4(true); -- ok
@@ -722,9 +722,9 @@ CALL testproc1(6); -- ok
 DROP FUNCTION testfunc1(int); -- fail
 ERROR:  must be owner of function testfunc1
 DROP AGGREGATE testagg1(int); -- fail
-ERROR:  must be owner of function testagg1
+ERROR:  must be owner of aggregate testagg1
 DROP PROCEDURE testproc1(int); -- fail
-ERROR:  must be owner of function testproc1
+ERROR:  must be owner of procedure testproc1
 \c -
 DROP FUNCTION testfunc1(int); -- ok
 -- restore to sanity
-- 
2.15.1

From ce5acb9aab3fec940a0bfd50e433163bd487769d Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Tue, 16 Jan 2018 13:32:03 -0500
Subject: [PATCH v4 3/5] Don't use OBJECT_RELATION with aclcheck_error

---
 contrib/dblink/dblink.c                        |   2 +-
 contrib/file_fdw/output/file_fdw.source        |   2 +-
 contrib/pg_prewarm/pg_prewarm.c                |   2 +-
 contrib/pgrowlocks/pgrowlocks.c                |   3 +-
 contrib/test_decoding/expected/permissions.out |   4 +-
 src/backend/catalog/aclchk.c                   |   8 +-
 src/backend/catalog/namespace.c                |   2 +-
 src/backend/catalog/objectaddress.c            |  25 +++++
 src/backend/commands/lockcmds.c                |   4 +-
 src/backend/commands/policy.c                  |   2 +-
 src/backend/commands/publicationcmds.c         |   2 +-
 src/backend/commands/statscmds.c               |   3 +-
 src/backend/commands/tablecmds.c               |  24 ++---
 src/backend/commands/trigger.c                 |   6 +-
 src/backend/executor/execMain.c                |   2 +-
 src/backend/parser/parse_utilcmd.c             |   2 +-
 src/backend/rewrite/rewriteDefine.c            |   6 +-
 src/backend/utils/adt/tid.c                    |   5 +-
 src/include/catalog/objectaddress.h            |   2 +
 src/test/regress/expected/alter_table.out      |   2 +-
 src/test/regress/expected/copy2.out            |   6 +-
 src/test/regress/expected/lock.out             |   2 +-
 src/test/regress/expected/privileges.out       | 144 ++++++++++++-------------
 src/test/regress/expected/publication.out      |   2 +-
 src/test/regress/expected/rowsecurity.out      |  18 ++--
 src/test/regress/expected/select_into.out      |   6 +-
 src/test/regress/expected/sequence.out         |   2 +-
 src/test/regress/expected/updatable_views.out  |  30 +++---
 28 files changed, 172 insertions(+), 146 deletions(-)

diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c
index 6b4d036d9e..742e2a20c3 100644
--- a/contrib/dblink/dblink.c
+++ b/contrib/dblink/dblink.c
@@ -2504,7 +2504,7 @@ get_rel_from_relname(text *relname_text, LOCKMODE lockmode, AclMode aclmode)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  aclmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, OBJECT_RELATION,
+		aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 					   RelationGetRelationName(rel));
 
 	return rel;
diff --git a/contrib/file_fdw/output/file_fdw.source b/contrib/file_fdw/output/file_fdw.source
index 709c43ec80..e2d8b87015 100644
--- a/contrib/file_fdw/output/file_fdw.source
+++ b/contrib/file_fdw/output/file_fdw.source
@@ -393,7 +393,7 @@ SELECT * FROM agg_text ORDER BY a;
 
 SET ROLE regress_no_priv_user;
 SELECT * FROM agg_text ORDER BY a;   -- ERROR
-ERROR:  permission denied for relation agg_text
+ERROR:  permission denied for foreign table agg_text
 SET ROLE regress_file_fdw_user;
 \t on
 EXPLAIN (VERBOSE, COSTS FALSE) SELECT * FROM agg_text WHERE a > 0;
diff --git a/contrib/pg_prewarm/pg_prewarm.c b/contrib/pg_prewarm/pg_prewarm.c
index bab01e6781..7755c1a6cf 100644
--- a/contrib/pg_prewarm/pg_prewarm.c
+++ b/contrib/pg_prewarm/pg_prewarm.c
@@ -107,7 +107,7 @@ pg_prewarm(PG_FUNCTION_ARGS)
 	rel = relation_open(relOid, AccessShareLock);
 	aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, OBJECT_RELATION, get_rel_name(relOid));
+		aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(relOid)), get_rel_name(relOid));
 
 	/* Check that the fork exists. */
 	RelationOpenSmgr(rel);
diff --git a/contrib/pgrowlocks/pgrowlocks.c b/contrib/pgrowlocks/pgrowlocks.c
index 38e10e59a8..576beb4fd4 100644
--- a/contrib/pgrowlocks/pgrowlocks.c
+++ b/contrib/pgrowlocks/pgrowlocks.c
@@ -35,6 +35,7 @@
 #include "storage/procarray.h"
 #include "utils/acl.h"
 #include "utils/builtins.h"
+#include "utils/lsyscache.h"
 #include "utils/rel.h"
 #include "utils/snapmgr.h"
 #include "utils/tqual.h"
@@ -121,7 +122,7 @@ pgrowlocks(PG_FUNCTION_ARGS)
 			aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
 
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, OBJECT_RELATION,
+			aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 						   RelationGetRelationName(rel));
 
 		scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL);
diff --git a/contrib/test_decoding/expected/permissions.out b/contrib/test_decoding/expected/permissions.out
index 7175dcd5f6..ed97f81dda 100644
--- a/contrib/test_decoding/expected/permissions.out
+++ b/contrib/test_decoding/expected/permissions.out
@@ -38,7 +38,7 @@ SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_d
 (1 row)
 
 INSERT INTO lr_test VALUES('lr_superuser_init');
-ERROR:  permission denied for relation lr_test
+ERROR:  permission denied for table lr_test
 SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
  data 
 ------
@@ -56,7 +56,7 @@ SET ROLE regress_lr_normal;
 SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_decoding');
 ERROR:  must be superuser or replication role to use replication slots
 INSERT INTO lr_test VALUES('lr_superuser_init');
-ERROR:  permission denied for relation lr_test
+ERROR:  permission denied for table lr_test
 SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
 ERROR:  must be superuser or replication role to use replication slots
 SELECT pg_drop_replication_slot('regression_slot');
diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index 2e07d75ef4..a9cf354357 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -3428,9 +3428,6 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_PUBLICATION:
 						msg = gettext_noop("permission denied for publication %s");
 						break;
-					case OBJECT_RELATION:
-						msg = gettext_noop("permission denied for relation %s");
-						break;
 					case OBJECT_ROUTINE:
 						msg = gettext_noop("permission denied for routine %s");
 						break;
@@ -3474,6 +3471,7 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_DEFACL:
 					case OBJECT_DOMCONSTRAINT:
 					case OBJECT_PUBLICATION_REL:
+					case OBJECT_RELATION:
 					case OBJECT_ROLE:
 					case OBJECT_RULE:
 					case OBJECT_TABCONSTRAINT:
@@ -3563,9 +3561,6 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_PUBLICATION:
 						msg = gettext_noop("must be owner of publication %s");
 						break;
-					case OBJECT_RELATION:
-						msg = gettext_noop("must be owner of relation %s");
-						break;
 					case OBJECT_ROUTINE:
 						msg = gettext_noop("must be owner of routine %s");
 						break;
@@ -3609,6 +3604,7 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_DEFACL:
 					case OBJECT_DOMCONSTRAINT:
 					case OBJECT_PUBLICATION_REL:
+					case OBJECT_RELATION:
 					case OBJECT_ROLE:
 					case OBJECT_RULE:
 					case OBJECT_TABCONSTRAINT:
diff --git a/src/backend/catalog/namespace.c b/src/backend/catalog/namespace.c
index 75636e6dab..8b9f993815 100644
--- a/src/backend/catalog/namespace.c
+++ b/src/backend/catalog/namespace.c
@@ -585,7 +585,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
 		if (lockmode != NoLock && OidIsValid(relid))
 		{
 			if (!pg_class_ownercheck(relid, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relid)),
 							   relation->relname);
 			if (relid != oldrelid)
 				LockRelationOid(relid, lockmode);
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index 9be365f50d..d691b25aa6 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -5097,3 +5097,28 @@ strlist_to_textarray(List *list)
 
 	return arr;
 }
+
+ObjectType
+relkind_get_objtype(char relkind)
+{
+	switch (relkind)
+	{
+		case RELKIND_RELATION:
+		case RELKIND_PARTITIONED_TABLE:
+			return OBJECT_TABLE;
+		case RELKIND_INDEX:
+			return OBJECT_INDEX;
+		case RELKIND_SEQUENCE:
+			return OBJECT_SEQUENCE;
+		case RELKIND_VIEW:
+			return OBJECT_VIEW;
+		case RELKIND_MATVIEW:
+			return OBJECT_MATVIEW;
+		case RELKIND_FOREIGN_TABLE:
+			return OBJECT_FOREIGN_TABLE;
+		/* other relkinds are not supported here because they don't map to OBJECT_* values */
+		default:
+			elog(ERROR, "unexpected relkind: %d", relkind);
+			return 0;
+	}
+}
diff --git a/src/backend/commands/lockcmds.c b/src/backend/commands/lockcmds.c
index aa54565716..0d7c18d0bd 100644
--- a/src/backend/commands/lockcmds.c
+++ b/src/backend/commands/lockcmds.c
@@ -96,7 +96,7 @@ RangeVarCallbackForLockTable(const RangeVar *rv, Oid relid, Oid oldrelid,
 	/* Check permissions. */
 	aclresult = LockTableAclCheck(relid, lockmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, OBJECT_RELATION, rv->relname);
+		aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(relid)), rv->relname);
 }
 
 /*
@@ -127,7 +127,7 @@ LockTableRecurse(Oid reloid, LOCKMODE lockmode, bool nowait)
 
 			if (!relname)
 				continue;		/* child concurrently dropped, just skip it */
-			aclcheck_error(aclresult, OBJECT_RELATION, relname);
+			aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(childreloid)), relname);
 		}
 
 		/* We have enough rights to lock the relation; do so. */
diff --git a/src/backend/commands/policy.c b/src/backend/commands/policy.c
index 2ec35abf8f..76b5bfd34b 100644
--- a/src/backend/commands/policy.c
+++ b/src/backend/commands/policy.c
@@ -78,7 +78,7 @@ RangeVarCallbackForPolicy(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relid)), rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
diff --git a/src/backend/commands/publicationcmds.c b/src/backend/commands/publicationcmds.c
index 0cc62c77bd..d248e063a8 100644
--- a/src/backend/commands/publicationcmds.c
+++ b/src/backend/commands/publicationcmds.c
@@ -582,7 +582,7 @@ PublicationAddTables(Oid pubid, List *rels, bool if_not_exists,
 
 		/* Must be owner of the table or superuser. */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+			aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 						   RelationGetRelationName(rel));
 
 		obj = publication_add_relation(pubid, rel, if_not_exists);
diff --git a/src/backend/commands/statscmds.c b/src/backend/commands/statscmds.c
index 8a0cc6c2cf..89237c48ce 100644
--- a/src/backend/commands/statscmds.c
+++ b/src/backend/commands/statscmds.c
@@ -25,6 +25,7 @@
 #include "statistics/statistics.h"
 #include "utils/builtins.h"
 #include "utils/inval.h"
+#include "utils/lsyscache.h"
 #include "utils/memutils.h"
 #include "utils/rel.h"
 #include "utils/syscache.h"
@@ -141,7 +142,7 @@ CreateStatistics(CreateStatsStmt *stmt)
 
 		/* You must own the relation to create stats on it */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+			aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 						   RelationGetRelationName(rel));
 	}
 
diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c
index 38bfd29cd9..a5c8d4443d 100644
--- a/src/backend/commands/tablecmds.c
+++ b/src/backend/commands/tablecmds.c
@@ -1192,7 +1192,7 @@ RangeVarCallbackForDropRelation(const RangeVar *rel, Oid relOid, Oid oldRelOid,
 	/* Allow DROP to either table owner or schema owner */
 	if (!pg_class_ownercheck(relOid, GetUserId()) &&
 		!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relOid)),
 					   rel->relname);
 
 	if (!allowSystemTableMods && IsSystemClass(relOid, classform))
@@ -1562,7 +1562,7 @@ truncate_check_rel(Relation rel)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_TRUNCATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, OBJECT_RELATION,
+		aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -1848,7 +1848,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence,
 		 * demand that creator of a child table own the parent.
 		 */
 		if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+			aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(RelationGetRelid(relation))),
 						   RelationGetRelationName(relation));
 
 		/*
@@ -2551,7 +2551,7 @@ renameatt_check(Oid myrelid, Form_pg_class classform, bool recursing)
 	 * permissions checking.  only the owner of a class can change its schema.
 	 */
 	if (!pg_class_ownercheck(myrelid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(myrelid)),
 					   NameStr(classform->relname));
 	if (!allowSystemTableMods && IsSystemClass(myrelid, classform))
 		ereport(ERROR,
@@ -4769,7 +4769,7 @@ ATSimplePermissions(Relation rel, int allowed_targets)
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -6212,7 +6212,7 @@ ATPrepSetStatistics(Relation rel, const char *colName, int16 colNum, Node *newVa
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 					   RelationGetRelationName(rel));
 }
 
@@ -8136,7 +8136,7 @@ checkFkeyPermissions(Relation rel, int16 *attnums, int natts)
 		aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i],
 										  roleid, ACL_REFERENCES);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, OBJECT_RELATION,
+			aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 						   RelationGetRelationName(rel));
 	}
 }
@@ -10046,7 +10046,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
 
 				/* Otherwise, must be owner of the existing object */
 				if (!pg_class_ownercheck(relationOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+					aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relationOid)),
 								   RelationGetRelationName(target_rel));
 
 				/* Must be able to become new owner */
@@ -10856,7 +10856,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
 		 * Caller must be considered an owner on the table to move it.
 		 */
 		if (!pg_class_ownercheck(relOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+			aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relOid)),
 						   NameStr(relForm->relname));
 
 		if (stmt->nowait &&
@@ -13101,7 +13101,7 @@ RangeVarCallbackOwnsTable(const RangeVar *relation,
 
 	/* Check permissions */
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, relation->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relId)), relation->relname);
 }
 
 /*
@@ -13123,7 +13123,7 @@ RangeVarCallbackOwnsRelation(const RangeVar *relation,
 		elog(ERROR, "cache lookup failed for relation %u", relId);
 
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relId)),
 					   relation->relname);
 
 	if (!allowSystemTableMods &&
@@ -13159,7 +13159,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relid)), rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c
index 438653f310..0bda470dd2 100644
--- a/src/backend/commands/trigger.c
+++ b/src/backend/commands/trigger.c
@@ -284,7 +284,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 		aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 									  ACL_TRIGGER);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, OBJECT_RELATION,
+			aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 						   RelationGetRelationName(rel));
 
 		if (OidIsValid(constrrelid))
@@ -292,7 +292,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 			aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
 										  ACL_TRIGGER);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, OBJECT_RELATION,
+				aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(constrrelid)),
 							   get_rel_name(constrrelid));
 		}
 	}
@@ -1422,7 +1422,7 @@ RangeVarCallbackForRenameTrigger(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its triggers */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relid)), rv->relname);
 	if (!allowSystemTableMods && IsSystemClass(relid, form))
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c
index 64a43822bb..97c461b480 100644
--- a/src/backend/executor/execMain.c
+++ b/src/backend/executor/execMain.c
@@ -579,7 +579,7 @@ ExecCheckRTPerms(List *rangeTable, bool ereport_on_violation)
 		{
 			Assert(rte->rtekind == RTE_RELATION);
 			if (ereport_on_violation)
-				aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_RELATION,
+				aclcheck_error(ACLCHECK_NO_PRIV, relkind_get_objtype(get_rel_relkind(rte->relid)),
 							   get_rel_name(rte->relid));
 			return false;
 		}
diff --git a/src/backend/parser/parse_utilcmd.c b/src/backend/parser/parse_utilcmd.c
index e7df455634..a31ce08449 100644
--- a/src/backend/parser/parse_utilcmd.c
+++ b/src/backend/parser/parse_utilcmd.c
@@ -962,7 +962,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
 		aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(),
 									  ACL_SELECT);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, OBJECT_RELATION,
+			aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(relation))),
 						   RelationGetRelationName(relation));
 	}
 
diff --git a/src/backend/rewrite/rewriteDefine.c b/src/backend/rewrite/rewriteDefine.c
index 7eca67a52f..078e549e6d 100644
--- a/src/backend/rewrite/rewriteDefine.c
+++ b/src/backend/rewrite/rewriteDefine.c
@@ -276,7 +276,7 @@ DefineQueryRewrite(const char *rulename,
 	 * Check user has permission to apply rules to this relation.
 	 */
 	if (!pg_class_ownercheck(event_relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(RelationGetRelid(event_relation))),
 					   RelationGetRelationName(event_relation));
 
 	/*
@@ -864,7 +864,7 @@ EnableDisableRule(Relation rel, const char *rulename,
 	eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(ruletup))->ev_class;
 	Assert(eventRelationOid == owningRel);
 	if (!pg_class_ownercheck(eventRelationOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(eventRelationOid)),
 					   get_rel_name(eventRelationOid));
 
 	/*
@@ -927,7 +927,7 @@ RangeVarCallbackForRenameRule(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its rules */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, relkind_get_objtype(get_rel_relkind(relid)), rv->relname);
 
 	ReleaseSysCache(tuple);
 }
diff --git a/src/backend/utils/adt/tid.c b/src/backend/utils/adt/tid.c
index 4aa8122fa2..12efc85d06 100644
--- a/src/backend/utils/adt/tid.c
+++ b/src/backend/utils/adt/tid.c
@@ -29,6 +29,7 @@
 #include "parser/parsetree.h"
 #include "utils/acl.h"
 #include "utils/builtins.h"
+#include "utils/lsyscache.h"
 #include "utils/rel.h"
 #include "utils/snapmgr.h"
 #include "utils/tqual.h"
@@ -343,7 +344,7 @@ currtid_byreloid(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, OBJECT_RELATION,
+		aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
@@ -377,7 +378,7 @@ currtid_byrelname(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, OBJECT_RELATION,
+		aclcheck_error(aclresult, relkind_get_objtype(get_rel_relkind(RelationGetRelid(rel))),
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
diff --git a/src/include/catalog/objectaddress.h b/src/include/catalog/objectaddress.h
index 403e8bb2af..43819304eb 100644
--- a/src/include/catalog/objectaddress.h
+++ b/src/include/catalog/objectaddress.h
@@ -78,4 +78,6 @@ extern char *getObjectIdentityParts(const ObjectAddress *address,
 					   List **objname, List **objargs);
 extern ArrayType *strlist_to_textarray(List *list);
 
+extern ObjectType relkind_get_objtype(char relkind);
+
 #endif							/* OBJECTADDRESS_H */
diff --git a/src/test/regress/expected/alter_table.out b/src/test/regress/expected/alter_table.out
index 11f0baa11b..b998dab6ab 100644
--- a/src/test/regress/expected/alter_table.out
+++ b/src/test/regress/expected/alter_table.out
@@ -3303,7 +3303,7 @@ CREATE TABLE owned_by_me (
 	a int
 ) PARTITION BY LIST (a);
 ALTER TABLE owned_by_me ATTACH PARTITION not_owned_by_me FOR VALUES IN (1);
-ERROR:  must be owner of relation not_owned_by_me
+ERROR:  must be owner of table not_owned_by_me
 RESET SESSION AUTHORIZATION;
 DROP TABLE owned_by_me, not_owned_by_me;
 DROP ROLE regress_test_not_me;
diff --git a/src/test/regress/expected/copy2.out b/src/test/regress/expected/copy2.out
index 65e9c626b3..e606a5fda4 100644
--- a/src/test/regress/expected/copy2.out
+++ b/src/test/regress/expected/copy2.out
@@ -521,12 +521,12 @@ RESET SESSION AUTHORIZATION;
 SET SESSION AUTHORIZATION regress_rls_copy_user_colperms;
 -- attempt all columns (should fail)
 COPY rls_t1 TO stdout;
-ERROR:  permission denied for relation rls_t1
+ERROR:  permission denied for table rls_t1
 COPY rls_t1 (a, b, c) TO stdout;
-ERROR:  permission denied for relation rls_t1
+ERROR:  permission denied for table rls_t1
 -- try to copy column with no privileges (should fail)
 COPY rls_t1 (c) TO stdout;
-ERROR:  permission denied for relation rls_t1
+ERROR:  permission denied for table rls_t1
 -- subset of columns (should succeed)
 COPY rls_t1 (a) TO stdout;
 2
diff --git a/src/test/regress/expected/lock.out b/src/test/regress/expected/lock.out
index fd27344503..74a434d24d 100644
--- a/src/test/regress/expected/lock.out
+++ b/src/test/regress/expected/lock.out
@@ -45,7 +45,7 @@ GRANT UPDATE ON TABLE lock_tbl1 TO regress_rol_lock1;
 SET ROLE regress_rol_lock1;
 BEGIN;
 LOCK TABLE lock_tbl1 * IN ACCESS EXCLUSIVE MODE;
-ERROR:  permission denied for relation lock_tbl2
+ERROR:  permission denied for table lock_tbl2
 ROLLBACK;
 BEGIN;
 LOCK TABLE ONLY lock_tbl1;
diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out
index 87e9211f6a..cf53b37383 100644
--- a/src/test/regress/expected/privileges.out
+++ b/src/test/regress/expected/privileges.out
@@ -92,11 +92,11 @@ SELECT * FROM atest2; -- ok
 
 INSERT INTO atest1 VALUES (2, 'two'); -- ok
 INSERT INTO atest2 VALUES ('foo', true); -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 INSERT INTO atest1 SELECT 1, b FROM atest1; -- ok
 UPDATE atest1 SET a = 1 WHERE a = 2; -- ok
 UPDATE atest2 SET col2 = NOT col2; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 SELECT * FROM atest1 FOR UPDATE; -- ok
  a |  b  
 ---+-----
@@ -105,17 +105,17 @@ SELECT * FROM atest1 FOR UPDATE; -- ok
 (2 rows)
 
 SELECT * FROM atest2 FOR UPDATE; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 DELETE FROM atest2; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 TRUNCATE atest2; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 BEGIN;
 LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 COMMIT;
 COPY atest2 FROM stdin; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 GRANT ALL ON atest1 TO PUBLIC; -- fail
 WARNING:  no privileges were granted for "atest1"
 -- checks in subquery, both ok
@@ -144,37 +144,37 @@ SELECT * FROM atest1; -- ok
 (2 rows)
 
 SELECT * FROM atest2; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 INSERT INTO atest1 VALUES (2, 'two'); -- fail
-ERROR:  permission denied for relation atest1
+ERROR:  permission denied for table atest1
 INSERT INTO atest2 VALUES ('foo', true); -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 INSERT INTO atest1 SELECT 1, b FROM atest1; -- fail
-ERROR:  permission denied for relation atest1
+ERROR:  permission denied for table atest1
 UPDATE atest1 SET a = 1 WHERE a = 2; -- fail
-ERROR:  permission denied for relation atest1
+ERROR:  permission denied for table atest1
 UPDATE atest2 SET col2 = NULL; -- ok
 UPDATE atest2 SET col2 = NOT col2; -- fails; requires SELECT on atest2
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 UPDATE atest2 SET col2 = true FROM atest1 WHERE atest1.a = 5; -- ok
 SELECT * FROM atest1 FOR UPDATE; -- fail
-ERROR:  permission denied for relation atest1
+ERROR:  permission denied for table atest1
 SELECT * FROM atest2 FOR UPDATE; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 DELETE FROM atest2; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 TRUNCATE atest2; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 BEGIN;
 LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- ok
 COMMIT;
 COPY atest2 FROM stdin; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 -- checks in subquery, both fail
 SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) );
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) );
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 SET SESSION AUTHORIZATION regress_user4;
 COPY atest2 FROM stdin; -- ok
 SELECT * FROM atest1; -- ok
@@ -234,7 +234,7 @@ CREATE OPERATOR >>> (procedure = leak2, leftarg = integer, rightarg = integer,
                      restrict = scalargtsel);
 -- This should not show any "leak" notices before failing.
 EXPLAIN (COSTS OFF) SELECT * FROM atest12 WHERE a >>> 0;
-ERROR:  permission denied for relation atest12
+ERROR:  permission denied for table atest12
 -- This plan should use hashjoin, as it will expect many rows to be selected.
 EXPLAIN (COSTS OFF) SELECT * FROM atest12v x, atest12v y WHERE x.a = y.b;
                 QUERY PLAN                 
@@ -287,7 +287,7 @@ CREATE TABLE atest3 (one int, two int, three int);
 GRANT DELETE ON atest3 TO GROUP regress_group2;
 SET SESSION AUTHORIZATION regress_user1;
 SELECT * FROM atest3; -- fail
-ERROR:  permission denied for relation atest3
+ERROR:  permission denied for table atest3
 DELETE FROM atest3; -- ok
 -- views
 SET SESSION AUTHORIZATION regress_user3;
@@ -305,7 +305,7 @@ SELECT * FROM atestv1; -- ok
 (2 rows)
 
 SELECT * FROM atestv2; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 GRANT SELECT ON atestv1, atestv3 TO regress_user4;
 GRANT SELECT ON atestv2 TO regress_user2;
 SET SESSION AUTHORIZATION regress_user4;
@@ -317,28 +317,28 @@ SELECT * FROM atestv1; -- ok
 (2 rows)
 
 SELECT * FROM atestv2; -- fail
-ERROR:  permission denied for relation atestv2
+ERROR:  permission denied for view atestv2
 SELECT * FROM atestv3; -- ok
  one | two | three 
 -----+-----+-------
 (0 rows)
 
 SELECT * FROM atestv0; -- fail
-ERROR:  permission denied for relation atestv0
+ERROR:  permission denied for view atestv0
 -- Appendrels excluded by constraints failed to check permissions in 8.4-9.2.
 select * from
   ((select a.q1 as x from int8_tbl a offset 0)
    union all
    (select b.q2 as x from int8_tbl b offset 0)) ss
 where false;
-ERROR:  permission denied for relation int8_tbl
+ERROR:  permission denied for table int8_tbl
 set constraint_exclusion = on;
 select * from
   ((select a.q1 as x, random() from int8_tbl a where q1 > 0)
    union all
    (select b.q2 as x, random() from int8_tbl b where q2 > 0)) ss
 where x < 0;
-ERROR:  permission denied for relation int8_tbl
+ERROR:  permission denied for table int8_tbl
 reset constraint_exclusion;
 CREATE VIEW atestv4 AS SELECT * FROM atestv3; -- nested view
 SELECT * FROM atestv4; -- ok
@@ -350,7 +350,7 @@ GRANT SELECT ON atestv4 TO regress_user2;
 SET SESSION AUTHORIZATION regress_user2;
 -- Two complex cases:
 SELECT * FROM atestv3; -- fail
-ERROR:  permission denied for relation atestv3
+ERROR:  permission denied for view atestv3
 SELECT * FROM atestv4; -- ok (even though regress_user2 cannot access underlying atestv3)
  one | two | three 
 -----+-----+-------
@@ -363,7 +363,7 @@ SELECT * FROM atest2; -- ok
 (1 row)
 
 SELECT * FROM atestv2; -- fail (even though regress_user2 can access underlying atest2)
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 -- Test column level permissions
 SET SESSION AUTHORIZATION regress_user1;
 CREATE TABLE atest5 (one int, two int unique, three int, four int unique);
@@ -373,7 +373,7 @@ GRANT ALL (one) ON atest5 TO regress_user3;
 INSERT INTO atest5 VALUES (1,2,3);
 SET SESSION AUTHORIZATION regress_user4;
 SELECT * FROM atest5; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT one FROM atest5; -- ok
  one 
 -----
@@ -383,13 +383,13 @@ SELECT one FROM atest5; -- ok
 COPY atest5 (one) TO stdout; -- ok
 1
 SELECT two FROM atest5; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 COPY atest5 (two) TO stdout; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT atest5 FROM atest5; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 COPY atest5 (one,two) TO stdout; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT 1 FROM atest5; -- ok
  ?column? 
 ----------
@@ -403,15 +403,15 @@ SELECT 1 FROM atest5 a JOIN atest5 b USING (one); -- ok
 (1 row)
 
 SELECT 1 FROM atest5 a JOIN atest5 b USING (two); -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT 1 FROM atest5 a NATURAL JOIN atest5 b; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT (j.*) IS NULL FROM (atest5 a JOIN atest5 b USING (one)) j; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT 1 FROM atest5 WHERE two = 2; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT * FROM atest1, atest5; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT atest1.* FROM atest1, atest5; -- ok
  a |  b  
 ---+-----
@@ -427,7 +427,7 @@ SELECT atest1.*,atest5.one FROM atest1, atest5; -- ok
 (2 rows)
 
 SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.two); -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); -- ok
  a |  b  | one 
 ---+-----+-----
@@ -436,12 +436,12 @@ SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); -
 (2 rows)
 
 SELECT one, two FROM atest5; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SET SESSION AUTHORIZATION regress_user1;
 GRANT SELECT (one,two) ON atest6 TO regress_user4;
 SET SESSION AUTHORIZATION regress_user4;
 SELECT one, two FROM atest5 NATURAL JOIN atest6; -- fail still
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SET SESSION AUTHORIZATION regress_user1;
 GRANT SELECT (two) ON atest5 TO regress_user4;
 SET SESSION AUTHORIZATION regress_user4;
@@ -453,23 +453,23 @@ SELECT one, two FROM atest5 NATURAL JOIN atest6; -- ok now
 -- test column-level privileges for INSERT and UPDATE
 INSERT INTO atest5 (two) VALUES (3); -- ok
 COPY atest5 FROM stdin; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 COPY atest5 (two) FROM stdin; -- ok
 INSERT INTO atest5 (three) VALUES (4); -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 INSERT INTO atest5 VALUES (5,5,5); -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 UPDATE atest5 SET three = 10; -- ok
 UPDATE atest5 SET one = 8; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 UPDATE atest5 SET three = 5, one = 2; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 -- Check that column level privs are enforced in RETURNING
 -- Ok.
 INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10;
 -- Error. No SELECT on column three.
 INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.three;
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 -- Ok.  May SELECT on column "one":
 INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.one;
  one 
@@ -482,21 +482,21 @@ INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RE
 INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.one;
 -- Error. No select rights on three
 INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.three;
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set one = 8; -- fails (due to UPDATE)
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 INSERT INTO atest5(three) VALUES (4) ON CONFLICT (two) DO UPDATE set three = 10; -- fails (due to INSERT)
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 -- Check that the columns in the inference require select privileges
 INSERT INTO atest5(four) VALUES (4); -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SET SESSION AUTHORIZATION regress_user1;
 GRANT INSERT (four) ON atest5 TO regress_user4;
 SET SESSION AUTHORIZATION regress_user4;
 INSERT INTO atest5(four) VALUES (4) ON CONFLICT (four) DO UPDATE set three = 3; -- fails (due to SELECT)
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 INSERT INTO atest5(four) VALUES (4) ON CONFLICT ON CONSTRAINT atest5_four_key DO UPDATE set three = 3; -- fails (due to SELECT)
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 INSERT INTO atest5(four) VALUES (4); -- ok
 SET SESSION AUTHORIZATION regress_user1;
 GRANT SELECT (four) ON atest5 TO regress_user4;
@@ -508,9 +508,9 @@ REVOKE ALL (one) ON atest5 FROM regress_user4;
 GRANT SELECT (one,two,blue) ON atest6 TO regress_user4;
 SET SESSION AUTHORIZATION regress_user4;
 SELECT one FROM atest5; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 UPDATE atest5 SET one = 1; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SELECT atest6 FROM atest6; -- ok
  atest6 
 --------
@@ -557,9 +557,9 @@ REVOKE ALL (one) ON atest5 FROM regress_user3;
 GRANT SELECT (one) ON atest5 TO regress_user4;
 SET SESSION AUTHORIZATION regress_user4;
 SELECT atest6 FROM atest6; -- fail
-ERROR:  permission denied for relation atest6
+ERROR:  permission denied for table atest6
 SELECT one FROM atest5 NATURAL JOIN atest6; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 SET SESSION AUTHORIZATION regress_user1;
 ALTER TABLE atest6 DROP COLUMN three;
 SET SESSION AUTHORIZATION regress_user4;
@@ -578,12 +578,12 @@ ALTER TABLE atest6 DROP COLUMN two;
 REVOKE SELECT (one,blue) ON atest6 FROM regress_user4;
 SET SESSION AUTHORIZATION regress_user4;
 SELECT * FROM atest6; -- fail
-ERROR:  permission denied for relation atest6
+ERROR:  permission denied for table atest6
 SELECT 1 FROM atest6; -- fail
-ERROR:  permission denied for relation atest6
+ERROR:  permission denied for table atest6
 SET SESSION AUTHORIZATION regress_user3;
 DELETE FROM atest5 WHERE one = 1; -- fail
-ERROR:  permission denied for relation atest5
+ERROR:  permission denied for table atest5
 DELETE FROM atest5 WHERE two = 2; -- ok
 -- check inheritance cases
 SET SESSION AUTHORIZATION regress_user1;
@@ -614,7 +614,7 @@ SELECT oid FROM atestp2; -- ok
 (0 rows)
 
 SELECT fy FROM atestc; -- fail
-ERROR:  permission denied for relation atestc
+ERROR:  permission denied for table atestc
 SET SESSION AUTHORIZATION regress_user1;
 GRANT SELECT(fy,oid) ON atestc TO regress_user2;
 SET SESSION AUTHORIZATION regress_user2;
@@ -698,7 +698,7 @@ ERROR:  permission denied for aggregate testagg1
 CALL testproc1(6); -- fail
 ERROR:  permission denied for procedure testproc1
 SELECT col1 FROM atest2 WHERE col2 = true; -- fail
-ERROR:  permission denied for relation atest2
+ERROR:  permission denied for table atest2
 SELECT testfunc4(true); -- ok
  testfunc4 
 -----------
@@ -849,7 +849,7 @@ DROP DOMAIN testdomain1; -- ok
 SET SESSION AUTHORIZATION regress_user5;
 TRUNCATE atest2; -- ok
 TRUNCATE atest3; -- fail
-ERROR:  permission denied for relation atest3
+ERROR:  permission denied for table atest3
 -- has_table_privilege function
 -- bad-input checks
 select has_table_privilege(NULL,'pg_authid','select');
@@ -1435,7 +1435,7 @@ SELECT * FROM pg_largeobject LIMIT 0;
 
 SET SESSION AUTHORIZATION regress_user1;
 SELECT * FROM pg_largeobject LIMIT 0;			-- to be denied
-ERROR:  permission denied for relation pg_largeobject
+ERROR:  permission denied for table pg_largeobject
 -- test default ACLs
 \c -
 CREATE SCHEMA testns;
@@ -1899,14 +1899,14 @@ GRANT SELECT ON lock_table TO regress_locktable_user;
 SET SESSION AUTHORIZATION regress_locktable_user;
 BEGIN;
 LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should fail
-ERROR:  permission denied for relation lock_table
+ERROR:  permission denied for table lock_table
 ROLLBACK;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should pass
 COMMIT;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail
-ERROR:  permission denied for relation lock_table
+ERROR:  permission denied for table lock_table
 ROLLBACK;
 \c
 REVOKE SELECT ON lock_table FROM regress_locktable_user;
@@ -1918,11 +1918,11 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
 COMMIT;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR:  permission denied for relation lock_table
+ERROR:  permission denied for table lock_table
 ROLLBACK;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail
-ERROR:  permission denied for relation lock_table
+ERROR:  permission denied for table lock_table
 ROLLBACK;
 \c
 REVOKE INSERT ON lock_table FROM regress_locktable_user;
@@ -1934,7 +1934,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
 COMMIT;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR:  permission denied for relation lock_table
+ERROR:  permission denied for table lock_table
 ROLLBACK;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
@@ -1949,7 +1949,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
 COMMIT;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR:  permission denied for relation lock_table
+ERROR:  permission denied for table lock_table
 ROLLBACK;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
@@ -1964,7 +1964,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
 COMMIT;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR:  permission denied for relation lock_table
+ERROR:  permission denied for table lock_table
 ROLLBACK;
 BEGIN;
 LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
diff --git a/src/test/regress/expected/publication.out b/src/test/regress/expected/publication.out
index b101331d69..0c86c647bc 100644
--- a/src/test/regress/expected/publication.out
+++ b/src/test/regress/expected/publication.out
@@ -198,7 +198,7 @@ GRANT CREATE ON DATABASE regression TO regress_publication_user2;
 SET ROLE regress_publication_user2;
 CREATE PUBLICATION testpub2;  -- ok
 ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1;  -- fail
-ERROR:  must be owner of relation testpub_tbl1
+ERROR:  must be owner of table testpub_tbl1
 SET ROLE regress_publication_user;
 GRANT regress_publication_user TO regress_publication_user2;
 SET ROLE regress_publication_user2;
diff --git a/src/test/regress/expected/rowsecurity.out b/src/test/regress/expected/rowsecurity.out
index b8dcf51a30..f1ae40df61 100644
--- a/src/test/regress/expected/rowsecurity.out
+++ b/src/test/regress/expected/rowsecurity.out
@@ -361,7 +361,7 @@ INSERT INTO document VALUES (100, 55, 1, 'regress_rls_dave', 'testing sorting of
 ERROR:  new row violates row-level security policy "p2r" for table "document"
 -- only owner can change policies
 ALTER POLICY p1 ON document USING (true);    --fail
-ERROR:  must be owner of relation document
+ERROR:  must be owner of table document
 DROP POLICY p1 ON document;                  --fail
 ERROR:  must be owner of relation document
 SET SESSION AUTHORIZATION regress_rls_alice;
@@ -1192,7 +1192,7 @@ EXPLAIN (COSTS OFF) SELECT * FROM part_document WHERE f_leak(dtitle);
 
 -- only owner can change policies
 ALTER POLICY pp1 ON part_document USING (true);    --fail
-ERROR:  must be owner of relation part_document
+ERROR:  must be owner of table part_document
 DROP POLICY pp1 ON part_document;                  --fail
 ERROR:  must be owner of relation part_document
 SET SESSION AUTHORIZATION regress_rls_alice;
@@ -2446,9 +2446,9 @@ EXPLAIN (COSTS OFF) SELECT * FROM rls_view;
 -- Query as role that is not the owner of the table or view without permissions.
 SET SESSION AUTHORIZATION regress_rls_carol;
 SELECT * FROM rls_view; --fail - permission denied.
-ERROR:  permission denied for relation rls_view
+ERROR:  permission denied for view rls_view
 EXPLAIN (COSTS OFF) SELECT * FROM rls_view; --fail - permission denied.
-ERROR:  permission denied for relation rls_view
+ERROR:  permission denied for view rls_view
 -- Query as role that is not the owner of the table or view with permissions.
 SET SESSION AUTHORIZATION regress_rls_bob;
 GRANT SELECT ON rls_view TO regress_rls_carol;
@@ -3235,7 +3235,7 @@ COPY (SELECT * FROM copy_t ORDER BY a ASC) TO STDOUT WITH DELIMITER ','; --fail
 ERROR:  query would be affected by row-level security policy for table "copy_t"
 SET row_security TO ON;
 COPY (SELECT * FROM copy_t ORDER BY a ASC) TO STDOUT WITH DELIMITER ','; --fail - permission denied
-ERROR:  permission denied for relation copy_t
+ERROR:  permission denied for table copy_t
 -- Check COPY relation TO; keep it just one row to avoid reordering issues
 RESET SESSION AUTHORIZATION;
 SET row_security TO ON;
@@ -3271,10 +3271,10 @@ COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --ok
 SET SESSION AUTHORIZATION regress_rls_carol;
 SET row_security TO OFF;
 COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied
-ERROR:  permission denied for relation copy_rel_to
+ERROR:  permission denied for table copy_rel_to
 SET row_security TO ON;
 COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied
-ERROR:  permission denied for relation copy_rel_to
+ERROR:  permission denied for table copy_rel_to
 -- Check COPY FROM as Superuser/owner.
 RESET SESSION AUTHORIZATION;
 SET row_security TO OFF;
@@ -3298,10 +3298,10 @@ COPY copy_t FROM STDIN; --ok
 SET SESSION AUTHORIZATION regress_rls_carol;
 SET row_security TO OFF;
 COPY copy_t FROM STDIN; --fail - permission denied.
-ERROR:  permission denied for relation copy_t
+ERROR:  permission denied for table copy_t
 SET row_security TO ON;
 COPY copy_t FROM STDIN; --fail - permission denied.
-ERROR:  permission denied for relation copy_t
+ERROR:  permission denied for table copy_t
 RESET SESSION AUTHORIZATION;
 DROP TABLE copy_t;
 DROP TABLE copy_rel_to CASCADE;
diff --git a/src/test/regress/expected/select_into.out b/src/test/regress/expected/select_into.out
index 5d54bbf3b0..ef7cfd6f29 100644
--- a/src/test/regress/expected/select_into.out
+++ b/src/test/regress/expected/select_into.out
@@ -22,15 +22,15 @@ GRANT ALL ON SCHEMA selinto_schema TO public;
 SET SESSION AUTHORIZATION regress_selinto_user;
 SELECT * INTO TABLE selinto_schema.tmp1
 	  FROM pg_class WHERE relname like '%a%';	-- Error
-ERROR:  permission denied for relation tmp1
+ERROR:  permission denied for table tmp1
 SELECT oid AS clsoid, relname, relnatts + 10 AS x
 	  INTO selinto_schema.tmp2
 	  FROM pg_class WHERE relname like '%b%';	-- Error
-ERROR:  permission denied for relation tmp2
+ERROR:  permission denied for table tmp2
 CREATE TABLE selinto_schema.tmp3 (a,b,c)
 	   AS SELECT oid,relname,relacl FROM pg_class
 	   WHERE relname like '%c%';	-- Error
-ERROR:  permission denied for relation tmp3
+ERROR:  permission denied for table tmp3
 RESET SESSION AUTHORIZATION;
 ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user
 	  GRANT INSERT ON TABLES TO regress_selinto_user;
diff --git a/src/test/regress/expected/sequence.out b/src/test/regress/expected/sequence.out
index 2384b7dd81..ca5ea063fa 100644
--- a/src/test/regress/expected/sequence.out
+++ b/src/test/regress/expected/sequence.out
@@ -785,7 +785,7 @@ ROLLBACK;
 BEGIN;
 SET LOCAL SESSION AUTHORIZATION regress_seq_user;
 ALTER SEQUENCE sequence_test2 START WITH 1;
-ERROR:  must be owner of relation sequence_test2
+ERROR:  must be owner of sequence sequence_test2
 ROLLBACK;
 -- Sequences should get wiped out as well:
 DROP TABLE serialTest1, serialTest2;
diff --git a/src/test/regress/expected/updatable_views.out b/src/test/regress/expected/updatable_views.out
index 2090a411fe..964c115b14 100644
--- a/src/test/regress/expected/updatable_views.out
+++ b/src/test/regress/expected/updatable_views.out
@@ -990,26 +990,26 @@ SELECT * FROM rw_view2; -- ok
 (2 rows)
 
 INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 INSERT INTO rw_view1 VALUES ('Row 3', 3.0, 3); -- not allowed
-ERROR:  permission denied for relation rw_view1
+ERROR:  permission denied for view rw_view1
 INSERT INTO rw_view2 VALUES ('Row 3', 3.0, 3); -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 UPDATE base_tbl SET a=a, c=c; -- ok
 UPDATE base_tbl SET b=b; -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 UPDATE rw_view1 SET bb=bb, cc=cc; -- ok
 UPDATE rw_view1 SET aa=aa; -- not allowed
-ERROR:  permission denied for relation rw_view1
+ERROR:  permission denied for view rw_view1
 UPDATE rw_view2 SET aa=aa, cc=cc; -- ok
 UPDATE rw_view2 SET bb=bb; -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 DELETE FROM base_tbl; -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 DELETE FROM rw_view1; -- not allowed
-ERROR:  permission denied for relation rw_view1
+ERROR:  permission denied for view rw_view1
 DELETE FROM rw_view2; -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 RESET SESSION AUTHORIZATION;
 SET SESSION AUTHORIZATION regress_view_user1;
 GRANT INSERT, DELETE ON base_tbl TO regress_view_user2;
@@ -1017,11 +1017,11 @@ RESET SESSION AUTHORIZATION;
 SET SESSION AUTHORIZATION regress_view_user2;
 INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- ok
 INSERT INTO rw_view1 VALUES ('Row 4', 4.0, 4); -- not allowed
-ERROR:  permission denied for relation rw_view1
+ERROR:  permission denied for view rw_view1
 INSERT INTO rw_view2 VALUES ('Row 4', 4.0, 4); -- ok
 DELETE FROM base_tbl WHERE a=1; -- ok
 DELETE FROM rw_view1 WHERE aa=2; -- not allowed
-ERROR:  permission denied for relation rw_view1
+ERROR:  permission denied for view rw_view1
 DELETE FROM rw_view2 WHERE aa=2; -- ok
 SELECT * FROM base_tbl;
  a |   b   | c 
@@ -1037,15 +1037,15 @@ GRANT INSERT, DELETE ON rw_view1 TO regress_view_user2;
 RESET SESSION AUTHORIZATION;
 SET SESSION AUTHORIZATION regress_view_user2;
 INSERT INTO base_tbl VALUES (5, 'Row 5', 5.0); -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 INSERT INTO rw_view1 VALUES ('Row 5', 5.0, 5); -- ok
 INSERT INTO rw_view2 VALUES ('Row 6', 6.0, 6); -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 DELETE FROM base_tbl WHERE a=3; -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 DELETE FROM rw_view1 WHERE aa=3; -- ok
 DELETE FROM rw_view2 WHERE aa=4; -- not allowed
-ERROR:  permission denied for relation base_tbl
+ERROR:  permission denied for table base_tbl
 SELECT * FROM base_tbl;
  a |   b   | c 
 ---+-------+---
-- 
2.15.1

From ecb10b6e2bb80691d1f05f7273702ab037284620 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Tue, 16 Jan 2018 13:59:05 -0500
Subject: [PATCH v4 4/5] Use OBJECT_TABLE instead of OBJECT_RELATION for ACL

---
 src/backend/catalog/aclchk.c         | 36 +++++++++++++++++-------------------
 src/backend/catalog/heap.c           |  2 +-
 src/backend/catalog/objectaddress.c  |  1 -
 src/backend/commands/event_trigger.c |  7 ++-----
 src/backend/parser/gram.y            |  8 ++++----
 src/backend/utils/adt/acl.c          |  4 ++--
 src/include/nodes/parsenodes.h       |  1 -
 src/include/utils/aclchk_internal.h  |  2 +-
 8 files changed, 27 insertions(+), 34 deletions(-)

diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index a9cf354357..4eadd1a093 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -247,7 +247,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		case OBJECT_COLUMN:
 			whole_mask = ACL_ALL_RIGHTS_COLUMN;
 			break;
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			whole_mask = ACL_ALL_RIGHTS_RELATION;
 			break;
 		case OBJECT_SEQUENCE:
@@ -445,7 +445,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
 	 */
 	switch (stmt->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			/*
 			 * Because this might be a sequence, we test both relation and
 			 * sequence bits, and later do a more limited test when we know
@@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
 			 */
 			if (privnode->cols)
 			{
-				if (stmt->objtype != OBJECT_RELATION)
+				if (stmt->objtype != OBJECT_TABLE)
 					ereport(ERROR,
 							(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 							 errmsg("column privileges are only valid for relations")));
@@ -574,7 +574,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 {
 	switch (istmt->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 		case OBJECT_SEQUENCE:
 			ExecGrant_Relation(istmt);
 			break;
@@ -643,7 +643,7 @@ objectNamesToOids(ObjectType objtype, List *objnames)
 
 	switch (objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 		case OBJECT_SEQUENCE:
 			foreach(cell, objnames)
 			{
@@ -798,7 +798,7 @@ objectsInSchemaToOids(ObjectType objtype, List *nspnames)
 
 		switch (objtype)
 		{
-			case OBJECT_RELATION:
+			case OBJECT_TABLE:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION);
 				objects = list_concat(objects, objs);
 				objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW);
@@ -993,7 +993,7 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s
 	 */
 	switch (action->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			all_privileges = ACL_ALL_RIGHTS_RELATION;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
@@ -1184,7 +1184,7 @@ SetDefaultACL(InternalDefaultACL *iacls)
 	 */
 	switch (iacls->objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			objtype = DEFACLOBJ_RELATION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_RELATION;
@@ -1430,7 +1430,7 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		switch (pg_default_acl_tuple->defaclobjtype)
 		{
 			case DEFACLOBJ_RELATION:
-				iacls.objtype = OBJECT_RELATION;
+				iacls.objtype = OBJECT_TABLE;
 				break;
 			case DEFACLOBJ_SEQUENCE:
 				iacls.objtype = OBJECT_SEQUENCE;
@@ -1471,8 +1471,8 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		switch (classid)
 		{
 			case RelationRelationId:
-				/* it's OK to use RELATION for a sequence */
-				istmt.objtype = OBJECT_RELATION;
+				/* it's OK to use TABLE for a sequence */
+				istmt.objtype = OBJECT_TABLE;
 				break;
 			case DatabaseRelationId:
 				istmt.objtype = OBJECT_DATABASE;
@@ -1862,7 +1862,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 		 * permissions.  The OR of table and sequence permissions were already
 		 * checked.
 		 */
-		if (istmt->objtype == OBJECT_RELATION)
+		if (istmt->objtype == OBJECT_TABLE)
 		{
 			if (pg_class_tuple->relkind == RELKIND_SEQUENCE)
 			{
@@ -1944,7 +1944,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 					old_acl = acldefault(OBJECT_SEQUENCE, ownerId);
 					break;
 				default:
-					old_acl = acldefault(OBJECT_RELATION, ownerId);
+					old_acl = acldefault(OBJECT_TABLE, ownerId);
 					break;
 			}
 			/* There are no old member roles according to the catalogs */
@@ -1988,7 +1988,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 					objtype = OBJECT_SEQUENCE;
 					break;
 				default:
-					objtype = OBJECT_RELATION;
+					objtype = OBJECT_TABLE;
 					break;
 			}
 
@@ -3471,7 +3471,6 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_DEFACL:
 					case OBJECT_DOMCONSTRAINT:
 					case OBJECT_PUBLICATION_REL:
-					case OBJECT_RELATION:
 					case OBJECT_ROLE:
 					case OBJECT_RULE:
 					case OBJECT_TABCONSTRAINT:
@@ -3604,7 +3603,6 @@ aclcheck_error(AclResult aclerr, ObjectType objtype,
 					case OBJECT_DEFACL:
 					case OBJECT_DOMCONSTRAINT:
 					case OBJECT_PUBLICATION_REL:
-					case OBJECT_RELATION:
 					case OBJECT_ROLE:
 					case OBJECT_RULE:
 					case OBJECT_TABCONSTRAINT:
@@ -3681,7 +3679,7 @@ pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid,
 			return
 				pg_class_aclmask(table_oid, roleid, mask, how) |
 				pg_attribute_aclmask(table_oid, attnum, roleid, mask, how);
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 		case OBJECT_SEQUENCE:
 			return pg_class_aclmask(table_oid, roleid, mask, how);
 		case OBJECT_DATABASE:
@@ -3895,7 +3893,7 @@ pg_class_aclmask(Oid table_oid, Oid roleid,
 				acl = acldefault(OBJECT_SEQUENCE, ownerId);
 				break;
 			default:
-				acl = acldefault(OBJECT_RELATION, ownerId);
+				acl = acldefault(OBJECT_TABLE, ownerId);
 				break;
 		}
 		aclDatum = (Datum) 0;
@@ -5467,7 +5465,7 @@ get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid)
 	/* Check if object type is supported in pg_default_acl */
 	switch (objtype)
 	{
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			defaclobjtype = DEFACLOBJ_RELATION;
 			break;
 
diff --git a/src/backend/catalog/heap.c b/src/backend/catalog/heap.c
index fd511ad62e..96234ff5c6 100644
--- a/src/backend/catalog/heap.c
+++ b/src/backend/catalog/heap.c
@@ -1142,7 +1142,7 @@ heap_create_with_catalog(const char *relname,
 			case RELKIND_MATVIEW:
 			case RELKIND_FOREIGN_TABLE:
 			case RELKIND_PARTITIONED_TABLE:
-				relacl = get_user_default_acl(OBJECT_RELATION, ownerid,
+				relacl = get_user_default_acl(OBJECT_TABLE, ownerid,
 											  relnamespace);
 				break;
 			case RELKIND_SEQUENCE:
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index d691b25aa6..d6043f5b66 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -2112,7 +2112,6 @@ pg_get_object_address(PG_FUNCTION_ARGS)
 		case OBJECT_MATVIEW:
 		case OBJECT_INDEX:
 		case OBJECT_FOREIGN_TABLE:
-		case OBJECT_RELATION:
 		case OBJECT_COLUMN:
 		case OBJECT_ATTRIBUTE:
 		case OBJECT_COLLATION:
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index 1dcdb07c29..b9662538df 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -1108,7 +1108,6 @@ EventTriggerSupportsObjectType(ObjectType obtype)
 		case OBJECT_PROCEDURE:
 		case OBJECT_PUBLICATION:
 		case OBJECT_PUBLICATION_REL:
-		case OBJECT_RELATION:
 		case OBJECT_ROUTINE:
 		case OBJECT_RULE:
 		case OBJECT_SCHEMA:
@@ -2195,7 +2194,7 @@ stringify_grantobjtype(ObjectType objtype)
 	{
 		case OBJECT_COLUMN:
 			return "COLUMN";
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			return "TABLE";
 		case OBJECT_SEQUENCE:
 			return "SEQUENCE";
@@ -2251,7 +2250,6 @@ stringify_grantobjtype(ObjectType objtype)
 		case OBJECT_STATISTIC_EXT:
 		case OBJECT_SUBSCRIPTION:
 		case OBJECT_TABCONSTRAINT:
-		case OBJECT_TABLE:
 		case OBJECT_TRANSFORM:
 		case OBJECT_TRIGGER:
 		case OBJECT_TSCONFIGURATION:
@@ -2278,7 +2276,7 @@ stringify_adefprivs_objtype(ObjectType objtype)
 	{
 		case OBJECT_COLUMN:
 			return "COLUMNS";
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			return "TABLES";
 		case OBJECT_SEQUENCE:
 			return "SEQUENCES";
@@ -2334,7 +2332,6 @@ stringify_adefprivs_objtype(ObjectType objtype)
 		case OBJECT_STATISTIC_EXT:
 		case OBJECT_SUBSCRIPTION:
 		case OBJECT_TABCONSTRAINT:
-		case OBJECT_TABLE:
 		case OBJECT_TRANSFORM:
 		case OBJECT_TRIGGER:
 		case OBJECT_TSCONFIGURATION:
diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y
index e79113de51..348bdc77d1 100644
--- a/src/backend/parser/gram.y
+++ b/src/backend/parser/gram.y
@@ -7002,7 +7002,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = OBJECT_RELATION;
+					n->objtype = OBJECT_TABLE;
 					n->objs = $1;
 					$$ = n;
 				}
@@ -7010,7 +7010,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = OBJECT_RELATION;
+					n->objtype = OBJECT_TABLE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7122,7 +7122,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = OBJECT_RELATION;
+					n->objtype = OBJECT_TABLE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7312,7 +7312,7 @@ DefACLAction:
 		;
 
 defacl_privilege_target:
-			TABLES			{ $$ = OBJECT_RELATION; }
+			TABLES			{ $$ = OBJECT_TABLE; }
 			| FUNCTIONS		{ $$ = OBJECT_FUNCTION; }
 			| ROUTINES		{ $$ = OBJECT_FUNCTION; }
 			| SEQUENCES		{ $$ = OBJECT_SEQUENCE; }
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index 42e3f6cc1a..0cfc297b65 100644
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -760,7 +760,7 @@ acldefault(ObjectType objtype, Oid ownerId)
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_NO_RIGHTS;
 			break;
-		case OBJECT_RELATION:
+		case OBJECT_TABLE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_RELATION;
 			break;
@@ -871,7 +871,7 @@ acldefault_sql(PG_FUNCTION_ARGS)
 			objtype = OBJECT_COLUMN;
 			break;
 		case 'r':
-			objtype = OBJECT_RELATION;
+			objtype = OBJECT_TABLE;
 			break;
 		case 's':
 			objtype = OBJECT_SEQUENCE;
diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h
index c55c427b13..b0ed8e51d9 100644
--- a/src/include/nodes/parsenodes.h
+++ b/src/include/nodes/parsenodes.h
@@ -1645,7 +1645,6 @@ typedef enum ObjectType
 	OBJECT_PROCEDURE,
 	OBJECT_PUBLICATION,
 	OBJECT_PUBLICATION_REL,
-	OBJECT_RELATION,
 	OBJECT_ROLE,
 	OBJECT_ROUTINE,
 	OBJECT_RULE,
diff --git a/src/include/utils/aclchk_internal.h b/src/include/utils/aclchk_internal.h
index 590ae5eee8..f7c44fcd4b 100644
--- a/src/include/utils/aclchk_internal.h
+++ b/src/include/utils/aclchk_internal.h
@@ -26,7 +26,7 @@
  * Note: 'all_privs' and 'privileges' represent object-level privileges only.
  * There might also be column-level privilege specifications, which are
  * represented in col_privs (this is a list of untransformed AccessPriv nodes).
- * Column privileges are only valid for objtype OBJECT_RELATION.
+ * Column privileges are only valid for objtype OBJECT_TABLE.
  */
 typedef struct
 {
-- 
2.15.1

From b59fec684164076ce71e25ab0fd987d7ae07b257 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Tue, 16 Jan 2018 15:20:14 -0500
Subject: [PATCH v4 5/5] Get more precise return values from get_object_type()

Make get_object_type() distinguish different kinds of relations, to
allow callers to give more precise error messages.  Add some tests.
---
 src/backend/catalog/objectaddress.c       | 14 +++++++++++---
 src/backend/commands/alter.c              |  6 +++---
 src/include/catalog/objectaddress.h       |  2 +-
 src/test/regress/expected/alter_table.out | 16 ++++++++++++++++
 src/test/regress/sql/alter_table.sql      | 21 +++++++++++++++++++++
 5 files changed, 52 insertions(+), 7 deletions(-)

diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index d6043f5b66..e5a1fafef1 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -338,7 +338,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_class_relnamespace,
 		Anum_pg_class_relowner,
 		Anum_pg_class_relacl,
-		OBJECT_RELATION,
+		OBJECT_TABLE,
 		true
 	},
 	{
@@ -2540,11 +2540,19 @@ get_object_attnum_acl(Oid class_id)
 }
 
 ObjectType
-get_object_type(Oid class_id)
+get_object_type(Oid class_id, Oid object_id)
 {
 	const ObjectPropertyType *prop = get_object_property_data(class_id);
 
-	return prop->objtype;
+	if (prop->objtype == OBJECT_TABLE)
+		/*
+		 * If the property data says it's a table, dig a little deeper to get
+		 * the real relation kind, so that callers can produce more precise
+		 * error messages.
+		 */
+		return relkind_get_objtype(get_rel_relkind(object_id));
+	else
+		return prop->objtype;
 }
 
 bool
diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c
index 2d88f4c649..0d63866fb0 100644
--- a/src/backend/commands/alter.c
+++ b/src/backend/commands/alter.c
@@ -171,7 +171,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	ObjectType	objtype = get_object_type(classId);
+	ObjectType	objtype = get_object_type(classId, objectId);
 	HeapTuple	oldtup;
 	HeapTuple	newtup;
 	Datum		datum;
@@ -663,7 +663,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	ObjectType	objtype = get_object_type(classId);
+	ObjectType	objtype = get_object_type(classId, objid);
 	Oid			oldNspOid;
 	Datum		name,
 				namespace;
@@ -942,7 +942,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 		/* Superusers can bypass permission checks */
 		if (!superuser())
 		{
-			ObjectType objtype = get_object_type(classId);
+			ObjectType objtype = get_object_type(classId, objectId);
 
 			/* must be owner */
 			if (!has_privs_of_role(GetUserId(), old_ownerId))
diff --git a/src/include/catalog/objectaddress.h b/src/include/catalog/objectaddress.h
index 43819304eb..0de73240f9 100644
--- a/src/include/catalog/objectaddress.h
+++ b/src/include/catalog/objectaddress.h
@@ -62,7 +62,7 @@ extern AttrNumber get_object_attnum_name(Oid class_id);
 extern AttrNumber get_object_attnum_namespace(Oid class_id);
 extern AttrNumber get_object_attnum_owner(Oid class_id);
 extern AttrNumber get_object_attnum_acl(Oid class_id);
-extern ObjectType get_object_type(Oid class_id);
+extern ObjectType get_object_type(Oid class_id, Oid object_id);
 extern bool get_object_namensp_unique(Oid class_id);
 
 extern HeapTuple get_catalog_object_by_oid(Relation catalog,
diff --git a/src/test/regress/expected/alter_table.out b/src/test/regress/expected/alter_table.out
index b998dab6ab..f5b37b8891 100644
--- a/src/test/regress/expected/alter_table.out
+++ b/src/test/regress/expected/alter_table.out
@@ -1,5 +1,12 @@
 --
 -- ALTER_TABLE
+--
+-- Clean up in case a prior regression run failed
+SET client_min_messages TO 'warning';
+DROP ROLE IF EXISTS regress_alter_user1;
+RESET client_min_messages;
+CREATE USER regress_alter_user1;
+--
 -- add attribute
 --
 CREATE TABLE tmp (initial int4);
@@ -209,9 +216,17 @@ ALTER INDEX IF EXISTS __tmp_onek_unique1 RENAME TO onek_unique1;
 NOTICE:  relation "__tmp_onek_unique1" does not exist, skipping
 ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1;
 ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1;
+SET ROLE regress_alter_user1;
+ALTER INDEX onek_unique1 RENAME TO fail;  -- permission denied
+ERROR:  must be owner of index onek_unique1
+RESET ROLE;
 -- renaming views
 CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1;
 ALTER TABLE tmp_view RENAME TO tmp_view_new;
+SET ROLE regress_alter_user1;
+ALTER VIEW tmp_view_new RENAME TO fail;  -- permission denied
+ERROR:  must be owner of view tmp_view_new
+RESET ROLE;
 -- hack to ensure we get an indexscan here
 set enable_seqscan to off;
 set enable_bitmapscan to off;
@@ -3822,3 +3837,4 @@ ALTER TABLE tmp ALTER COLUMN i SET (n_distinct = 1, n_distinct_inherited = 2);
 ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited);
 ANALYZE tmp;
 DROP TABLE tmp;
+DROP USER regress_alter_user1;
diff --git a/src/test/regress/sql/alter_table.sql b/src/test/regress/sql/alter_table.sql
index 02a33ca7c4..3bb74151f2 100644
--- a/src/test/regress/sql/alter_table.sql
+++ b/src/test/regress/sql/alter_table.sql
@@ -1,5 +1,15 @@
 --
 -- ALTER_TABLE
+--
+
+-- Clean up in case a prior regression run failed
+SET client_min_messages TO 'warning';
+DROP ROLE IF EXISTS regress_alter_user1;
+RESET client_min_messages;
+
+CREATE USER regress_alter_user1;
+
+--
 -- add attribute
 --
 
@@ -209,10 +219,19 @@ CREATE TABLE tmp_array (id int);
 
 ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1;
 ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1;
+
+SET ROLE regress_alter_user1;
+ALTER INDEX onek_unique1 RENAME TO fail;  -- permission denied
+RESET ROLE;
+
 -- renaming views
 CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1;
 ALTER TABLE tmp_view RENAME TO tmp_view_new;
 
+SET ROLE regress_alter_user1;
+ALTER VIEW tmp_view_new RENAME TO fail;  -- permission denied
+RESET ROLE;
+
 -- hack to ensure we get an indexscan here
 set enable_seqscan to off;
 set enable_bitmapscan to off;
@@ -2530,3 +2549,5 @@ CREATE TABLE tmp(i integer);
 ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited);
 ANALYZE tmp;
 DROP TABLE tmp;
+
+DROP USER regress_alter_user1;
-- 
2.15.1

From dfc15af664352a42caf0832e5cfc7a90af5cc22e Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Wed, 11 Oct 2017 18:35:19 -0400
Subject: [PATCH v4 1/5] Replace GrantObjectType with ObjectType

There used to be a lot of different *Type and *Kind symbol groups to
address objects within different commands, most of which have been
replaced by ObjectType, starting with
b256f2426433c56b4bea3a8102757749885b81ba.  But this conversion was never
done for the ACL commands until now.

This change ends up being just a plain replacement of the types and
symbols, without any code restructuring needed, except deleting some now
redundant code.
---
 src/backend/catalog/aclchk.c         | 242 +++++++++++++++++------------------
 src/backend/catalog/heap.c           |   4 +-
 src/backend/catalog/objectaddress.c  |   1 +
 src/backend/catalog/pg_namespace.c   |   2 +-
 src/backend/catalog/pg_proc.c        |   2 +-
 src/backend/catalog/pg_type.c        |   2 +-
 src/backend/commands/event_trigger.c | 186 ++++++++++++++++-----------
 src/backend/parser/gram.y            |  54 ++++----
 src/backend/tcop/utility.c           |   2 +-
 src/backend/utils/adt/acl.c          |  58 ++++-----
 src/include/commands/event_trigger.h |   1 -
 src/include/nodes/parsenodes.h       |  22 +---
 src/include/tcop/deparse_utility.h   |   2 +-
 src/include/utils/acl.h              |   6 +-
 src/include/utils/aclchk_internal.h  |   4 +-
 15 files changed, 305 insertions(+), 283 deletions(-)

diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index fac80612b8..ef6bc6a9db 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -86,7 +86,7 @@ typedef struct
 	Oid			nspid;			/* namespace, or InvalidOid if none */
 	/* remaining fields are same as in InternalGrant: */
 	bool		is_grant;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	bool		all_privs;
 	AclMode		privileges;
 	List	   *grantees;
@@ -116,8 +116,8 @@ static void ExecGrant_Type(InternalGrant *grantStmt);
 static void SetDefaultACLsInSchemas(InternalDefaultACL *iacls, List *nspnames);
 static void SetDefaultACL(InternalDefaultACL *iacls);
 
-static List *objectNamesToOids(GrantObjectType objtype, List *objnames);
-static List *objectsInSchemaToOids(GrantObjectType objtype, List *nspnames);
+static List *objectNamesToOids(ObjectType objtype, List *objnames);
+static List *objectsInSchemaToOids(ObjectType objtype, List *nspnames);
 static List *getRelationsInNamespace(Oid namespaceId, char relkind);
 static void expand_col_privileges(List *colnames, Oid table_oid,
 					  AclMode this_privileges,
@@ -266,7 +266,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 			whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
 		case ACL_KIND_NAMESPACE:
-			whole_mask = ACL_ALL_RIGHTS_NAMESPACE;
+			whole_mask = ACL_ALL_RIGHTS_SCHEMA;
 			break;
 		case ACL_KIND_TABLESPACE:
 			whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
@@ -441,68 +441,68 @@ ExecuteGrantStmt(GrantStmt *stmt)
 
 	/*
 	 * Convert stmt->privileges, a list of AccessPriv nodes, into an AclMode
-	 * bitmask.  Note: objtype can't be ACL_OBJECT_COLUMN.
+	 * bitmask.  Note: objtype can't be OBJECT_COLUMN.
 	 */
 	switch (stmt->objtype)
 	{
+		case OBJECT_RELATION:
 			/*
 			 * Because this might be a sequence, we test both relation and
 			 * sequence bits, and later do a more limited test when we know
 			 * the object type.
 			 */
-		case ACL_OBJECT_RELATION:
 			all_privileges = ACL_ALL_RIGHTS_RELATION | ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for sequence");
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			all_privileges = ACL_ALL_RIGHTS_DATABASE;
 			errormsg = gettext_noop("invalid privilege type %s for database");
 			break;
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for domain");
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for function");
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			all_privileges = ACL_ALL_RIGHTS_LANGUAGE;
 			errormsg = gettext_noop("invalid privilege type %s for language");
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			all_privileges = ACL_ALL_RIGHTS_LARGEOBJECT;
 			errormsg = gettext_noop("invalid privilege type %s for large object");
 			break;
-		case ACL_OBJECT_NAMESPACE:
-			all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		case OBJECT_SCHEMA:
+			all_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			errormsg = gettext_noop("invalid privilege type %s for schema");
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for procedure");
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for routine");
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			all_privileges = ACL_ALL_RIGHTS_TABLESPACE;
 			errormsg = gettext_noop("invalid privilege type %s for tablespace");
 			break;
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for type");
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			all_privileges = ACL_ALL_RIGHTS_FDW;
 			errormsg = gettext_noop("invalid privilege type %s for foreign-data wrapper");
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			all_privileges = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			errormsg = gettext_noop("invalid privilege type %s for foreign server");
 			break;
@@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
 			 */
 			if (privnode->cols)
 			{
-				if (stmt->objtype != ACL_OBJECT_RELATION)
+				if (stmt->objtype != OBJECT_RELATION)
 					ereport(ERROR,
 							(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 							 errmsg("column privileges are only valid for relations")));
@@ -574,38 +574,38 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 {
 	switch (istmt->objtype)
 	{
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			ExecGrant_Relation(istmt);
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			ExecGrant_Database(istmt);
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			ExecGrant_Type(istmt);
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			ExecGrant_Fdw(istmt);
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			ExecGrant_ForeignServer(istmt);
 			break;
-		case ACL_OBJECT_FUNCTION:
-		case ACL_OBJECT_PROCEDURE:
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_FUNCTION:
+		case OBJECT_PROCEDURE:
+		case OBJECT_ROUTINE:
 			ExecGrant_Function(istmt);
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			ExecGrant_Language(istmt);
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			ExecGrant_Largeobject(istmt);
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			ExecGrant_Namespace(istmt);
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			ExecGrant_Tablespace(istmt);
 			break;
 		default:
@@ -619,7 +619,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
 	 * the functions a chance to adjust the istmt with privileges actually
 	 * granted.
 	 */
-	if (EventTriggerSupportsGrantObjectType(istmt->objtype))
+	if (EventTriggerSupportsObjectType(istmt->objtype))
 		EventTriggerCollectGrant(istmt);
 }
 
@@ -634,7 +634,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
  * to fail.
  */
 static List *
-objectNamesToOids(GrantObjectType objtype, List *objnames)
+objectNamesToOids(ObjectType objtype, List *objnames)
 {
 	List	   *objects = NIL;
 	ListCell   *cell;
@@ -643,8 +643,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 
 	switch (objtype)
 	{
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			foreach(cell, objnames)
 			{
 				RangeVar   *relvar = (RangeVar *) lfirst(cell);
@@ -654,7 +654,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, relOid);
 			}
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			foreach(cell, objnames)
 			{
 				char	   *dbname = strVal(lfirst(cell));
@@ -664,8 +664,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, dbid);
 			}
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			foreach(cell, objnames)
 			{
 				List	   *typname = (List *) lfirst(cell);
@@ -675,7 +675,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -685,7 +685,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, funcid);
 			}
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			foreach(cell, objnames)
 			{
 				char	   *langname = strVal(lfirst(cell));
@@ -695,7 +695,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			foreach(cell, objnames)
 			{
 				Oid			lobjOid = oidparse(lfirst(cell));
@@ -709,7 +709,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, lobjOid);
 			}
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			foreach(cell, objnames)
 			{
 				char	   *nspname = strVal(lfirst(cell));
@@ -719,7 +719,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, oid);
 			}
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -729,7 +729,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, procid);
 			}
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			foreach(cell, objnames)
 			{
 				ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@@ -739,7 +739,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, routid);
 			}
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			foreach(cell, objnames)
 			{
 				char	   *spcname = strVal(lfirst(cell));
@@ -749,7 +749,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, spcoid);
 			}
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			foreach(cell, objnames)
 			{
 				char	   *fdwname = strVal(lfirst(cell));
@@ -758,7 +758,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
 				objects = lappend_oid(objects, fdwid);
 			}
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			foreach(cell, objnames)
 			{
 				char	   *srvname = strVal(lfirst(cell));
@@ -783,7 +783,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
  * no privilege checking on the individual objects here.
  */
 static List *
-objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
+objectsInSchemaToOids(ObjectType objtype, List *nspnames)
 {
 	List	   *objects = NIL;
 	ListCell   *cell;
@@ -798,7 +798,7 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 
 		switch (objtype)
 		{
-			case ACL_OBJECT_RELATION:
+			case OBJECT_RELATION:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION);
 				objects = list_concat(objects, objs);
 				objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW);
@@ -810,13 +810,13 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 				objs = getRelationsInNamespace(namespaceId, RELKIND_PARTITIONED_TABLE);
 				objects = list_concat(objects, objs);
 				break;
-			case ACL_OBJECT_SEQUENCE:
+			case OBJECT_SEQUENCE:
 				objs = getRelationsInNamespace(namespaceId, RELKIND_SEQUENCE);
 				objects = list_concat(objects, objs);
 				break;
-			case ACL_OBJECT_FUNCTION:
-			case ACL_OBJECT_PROCEDURE:
-			case ACL_OBJECT_ROUTINE:
+			case OBJECT_FUNCTION:
+			case OBJECT_PROCEDURE:
+			case OBJECT_ROUTINE:
 				{
 					ScanKeyData key[2];
 					int			keycount;
@@ -835,12 +835,12 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
 					 * When looking for procedures, check for return type ==0.
 					 * When looking for routines, don't check the return type.
 					 */
-					if (objtype == ACL_OBJECT_FUNCTION)
+					if (objtype == OBJECT_FUNCTION)
 						ScanKeyInit(&key[keycount++],
 									Anum_pg_proc_prorettype,
 									BTEqualStrategyNumber, F_OIDNE,
 									InvalidOid);
-					else if (objtype == ACL_OBJECT_PROCEDURE)
+					else if (objtype == OBJECT_PROCEDURE)
 						ScanKeyInit(&key[keycount++],
 									Anum_pg_proc_prorettype,
 									BTEqualStrategyNumber, F_OIDEQ,
@@ -993,32 +993,32 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s
 	 */
 	switch (action->objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			all_privileges = ACL_ALL_RIGHTS_RELATION;
 			errormsg = gettext_noop("invalid privilege type %s for relation");
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			errormsg = gettext_noop("invalid privilege type %s for sequence");
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for function");
 			break;
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for procedure");
 			break;
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			all_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			errormsg = gettext_noop("invalid privilege type %s for routine");
 			break;
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			all_privileges = ACL_ALL_RIGHTS_TYPE;
 			errormsg = gettext_noop("invalid privilege type %s for type");
 			break;
-		case ACL_OBJECT_NAMESPACE:
-			all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		case OBJECT_SCHEMA:
+			all_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			errormsg = gettext_noop("invalid privilege type %s for schema");
 			break;
 		default:
@@ -1184,38 +1184,38 @@ SetDefaultACL(InternalDefaultACL *iacls)
 	 */
 	switch (iacls->objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			objtype = DEFACLOBJ_RELATION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_RELATION;
 			break;
 
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			objtype = DEFACLOBJ_SEQUENCE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
 
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			objtype = DEFACLOBJ_FUNCTION;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_FUNCTION;
 			break;
 
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			objtype = DEFACLOBJ_TYPE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
 				this_privileges = ACL_ALL_RIGHTS_TYPE;
 			break;
 
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			if (OidIsValid(iacls->nspid))
 				ereport(ERROR,
 						(errcode(ERRCODE_INVALID_GRANT_OPERATION),
 						 errmsg("cannot use IN SCHEMA clause when using GRANT/REVOKE ON SCHEMAS")));
 			objtype = DEFACLOBJ_NAMESPACE;
 			if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
-				this_privileges = ACL_ALL_RIGHTS_NAMESPACE;
+				this_privileges = ACL_ALL_RIGHTS_SCHEMA;
 			break;
 
 		default:
@@ -1430,19 +1430,19 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		switch (pg_default_acl_tuple->defaclobjtype)
 		{
 			case DEFACLOBJ_RELATION:
-				iacls.objtype = ACL_OBJECT_RELATION;
+				iacls.objtype = OBJECT_RELATION;
 				break;
 			case DEFACLOBJ_SEQUENCE:
-				iacls.objtype = ACL_OBJECT_SEQUENCE;
+				iacls.objtype = OBJECT_SEQUENCE;
 				break;
 			case DEFACLOBJ_FUNCTION:
-				iacls.objtype = ACL_OBJECT_FUNCTION;
+				iacls.objtype = OBJECT_FUNCTION;
 				break;
 			case DEFACLOBJ_TYPE:
-				iacls.objtype = ACL_OBJECT_TYPE;
+				iacls.objtype = OBJECT_TYPE;
 				break;
 			case DEFACLOBJ_NAMESPACE:
-				iacls.objtype = ACL_OBJECT_NAMESPACE;
+				iacls.objtype = OBJECT_SCHEMA;
 				break;
 			default:
 				/* Shouldn't get here */
@@ -1472,34 +1472,34 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
 		{
 			case RelationRelationId:
 				/* it's OK to use RELATION for a sequence */
-				istmt.objtype = ACL_OBJECT_RELATION;
+				istmt.objtype = OBJECT_RELATION;
 				break;
 			case DatabaseRelationId:
-				istmt.objtype = ACL_OBJECT_DATABASE;
+				istmt.objtype = OBJECT_DATABASE;
 				break;
 			case TypeRelationId:
-				istmt.objtype = ACL_OBJECT_TYPE;
+				istmt.objtype = OBJECT_TYPE;
 				break;
 			case ProcedureRelationId:
-				istmt.objtype = ACL_OBJECT_ROUTINE;
+				istmt.objtype = OBJECT_ROUTINE;
 				break;
 			case LanguageRelationId:
-				istmt.objtype = ACL_OBJECT_LANGUAGE;
+				istmt.objtype = OBJECT_LANGUAGE;
 				break;
 			case LargeObjectRelationId:
-				istmt.objtype = ACL_OBJECT_LARGEOBJECT;
+				istmt.objtype = OBJECT_LARGEOBJECT;
 				break;
 			case NamespaceRelationId:
-				istmt.objtype = ACL_OBJECT_NAMESPACE;
+				istmt.objtype = OBJECT_SCHEMA;
 				break;
 			case TableSpaceRelationId:
-				istmt.objtype = ACL_OBJECT_TABLESPACE;
+				istmt.objtype = OBJECT_TABLESPACE;
 				break;
 			case ForeignServerRelationId:
-				istmt.objtype = ACL_OBJECT_FOREIGN_SERVER;
+				istmt.objtype = OBJECT_FOREIGN_SERVER;
 				break;
 			case ForeignDataWrapperRelationId:
-				istmt.objtype = ACL_OBJECT_FDW;
+				istmt.objtype = OBJECT_FDW;
 				break;
 			default:
 				elog(ERROR, "unexpected object class %u", classid);
@@ -1682,7 +1682,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
 							   &isNull);
 	if (isNull)
 	{
-		old_acl = acldefault(ACL_OBJECT_COLUMN, ownerId);
+		old_acl = acldefault(OBJECT_COLUMN, ownerId);
 		/* There are no old member roles according to the catalogs */
 		noldmembers = 0;
 		oldmembers = NULL;
@@ -1838,7 +1838,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 							NameStr(pg_class_tuple->relname))));
 
 		/* Used GRANT SEQUENCE on a non-sequence? */
-		if (istmt->objtype == ACL_OBJECT_SEQUENCE &&
+		if (istmt->objtype == OBJECT_SEQUENCE &&
 			pg_class_tuple->relkind != RELKIND_SEQUENCE)
 			ereport(ERROR,
 					(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@@ -1862,7 +1862,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 		 * permissions.  The OR of table and sequence permissions were already
 		 * checked.
 		 */
-		if (istmt->objtype == ACL_OBJECT_RELATION)
+		if (istmt->objtype == OBJECT_RELATION)
 		{
 			if (pg_class_tuple->relkind == RELKIND_SEQUENCE)
 			{
@@ -1941,10 +1941,10 @@ ExecGrant_Relation(InternalGrant *istmt)
 			switch (pg_class_tuple->relkind)
 			{
 				case RELKIND_SEQUENCE:
-					old_acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
+					old_acl = acldefault(OBJECT_SEQUENCE, ownerId);
 					break;
 				default:
-					old_acl = acldefault(ACL_OBJECT_RELATION, ownerId);
+					old_acl = acldefault(OBJECT_RELATION, ownerId);
 					break;
 			}
 			/* There are no old member roles according to the catalogs */
@@ -2169,7 +2169,7 @@ ExecGrant_Database(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
+			old_acl = acldefault(OBJECT_DATABASE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2291,7 +2291,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FDW, ownerId);
+			old_acl = acldefault(OBJECT_FDW, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2417,7 +2417,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
+			old_acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2541,7 +2541,7 @@ ExecGrant_Function(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
+			old_acl = acldefault(OBJECT_FUNCTION, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2672,7 +2672,7 @@ ExecGrant_Language(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
+			old_acl = acldefault(OBJECT_LANGUAGE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2810,7 +2810,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
+			old_acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -2894,7 +2894,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 	ListCell   *cell;
 
 	if (istmt->all_privs && istmt->privileges == ACL_NO_RIGHTS)
-		istmt->privileges = ACL_ALL_RIGHTS_NAMESPACE;
+		istmt->privileges = ACL_ALL_RIGHTS_SCHEMA;
 
 	relation = heap_open(NamespaceRelationId, RowExclusiveLock);
 
@@ -2936,7 +2936,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 								   &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
+			old_acl = acldefault(OBJECT_SCHEMA, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -3060,7 +3060,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
 								RelationGetDescr(relation), &isNull);
 		if (isNull)
 		{
-			old_acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
+			old_acl = acldefault(OBJECT_TABLESPACE, ownerId);
 			/* There are no old member roles according to the catalogs */
 			noldmembers = 0;
 			oldmembers = NULL;
@@ -3178,7 +3178,7 @@ ExecGrant_Type(InternalGrant *istmt)
 					 errhint("Set the privileges of the element type instead.")));
 
 		/* Used GRANT DOMAIN on a non-domain? */
-		if (istmt->objtype == ACL_OBJECT_DOMAIN &&
+		if (istmt->objtype == OBJECT_DOMAIN &&
 			pg_type_tuple->typtype != TYPTYPE_DOMAIN)
 			ereport(ERROR,
 					(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@@ -3744,10 +3744,10 @@ pg_class_aclmask(Oid table_oid, Oid roleid,
 		switch (classForm->relkind)
 		{
 			case RELKIND_SEQUENCE:
-				acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
+				acl = acldefault(OBJECT_SEQUENCE, ownerId);
 				break;
 			default:
-				acl = acldefault(ACL_OBJECT_RELATION, ownerId);
+				acl = acldefault(OBJECT_RELATION, ownerId);
 				break;
 		}
 		aclDatum = (Datum) 0;
@@ -3803,7 +3803,7 @@ pg_database_aclmask(Oid db_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
+		acl = acldefault(OBJECT_DATABASE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3857,7 +3857,7 @@ pg_proc_aclmask(Oid proc_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
+		acl = acldefault(OBJECT_FUNCTION, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3911,7 +3911,7 @@ pg_language_aclmask(Oid lang_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
+		acl = acldefault(OBJECT_LANGUAGE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -3991,7 +3991,7 @@ pg_largeobject_aclmask_snapshot(Oid lobj_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
+		acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4054,7 +4054,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
 	{
 		if (pg_database_aclcheck(MyDatabaseId, roleid,
 								 ACL_CREATE_TEMP) == ACLCHECK_OK)
-			return mask & ACL_ALL_RIGHTS_NAMESPACE;
+			return mask & ACL_ALL_RIGHTS_SCHEMA;
 		else
 			return mask & ACL_USAGE;
 	}
@@ -4075,7 +4075,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
+		acl = acldefault(OBJECT_SCHEMA, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4131,7 +4131,7 @@ pg_tablespace_aclmask(Oid spc_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
+		acl = acldefault(OBJECT_TABLESPACE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4193,7 +4193,7 @@ pg_foreign_data_wrapper_aclmask(Oid fdw_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FDW, ownerId);
+		acl = acldefault(OBJECT_FDW, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4255,7 +4255,7 @@ pg_foreign_server_aclmask(Oid srv_oid, Oid roleid,
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
+		acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -4332,7 +4332,7 @@ pg_type_aclmask(Oid type_oid, Oid roleid, AclMode mask, AclMaskHow how)
 	if (isNull)
 	{
 		/* No ACL, so build default ACL */
-		acl = acldefault(ACL_OBJECT_TYPE, ownerId);
+		acl = acldefault(OBJECT_TYPE, ownerId);
 		aclDatum = (Datum) 0;
 	}
 	else
@@ -5301,7 +5301,7 @@ get_default_acl_internal(Oid roleId, Oid nsp_oid, char objtype)
  * Returns NULL if built-in system defaults should be used
  */
 Acl *
-get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
+get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid)
 {
 	Acl		   *result;
 	Acl		   *glob_acl;
@@ -5319,23 +5319,23 @@ get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
 	/* Check if object type is supported in pg_default_acl */
 	switch (objtype)
 	{
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			defaclobjtype = DEFACLOBJ_RELATION;
 			break;
 
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			defaclobjtype = DEFACLOBJ_SEQUENCE;
 			break;
 
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			defaclobjtype = DEFACLOBJ_FUNCTION;
 			break;
 
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			defaclobjtype = DEFACLOBJ_TYPE;
 			break;
 
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			defaclobjtype = DEFACLOBJ_NAMESPACE;
 			break;
 
diff --git a/src/backend/catalog/heap.c b/src/backend/catalog/heap.c
index 089b7965f2..fd511ad62e 100644
--- a/src/backend/catalog/heap.c
+++ b/src/backend/catalog/heap.c
@@ -1142,11 +1142,11 @@ heap_create_with_catalog(const char *relname,
 			case RELKIND_MATVIEW:
 			case RELKIND_FOREIGN_TABLE:
 			case RELKIND_PARTITIONED_TABLE:
-				relacl = get_user_default_acl(ACL_OBJECT_RELATION, ownerid,
+				relacl = get_user_default_acl(OBJECT_RELATION, ownerid,
 											  relnamespace);
 				break;
 			case RELKIND_SEQUENCE:
-				relacl = get_user_default_acl(ACL_OBJECT_SEQUENCE, ownerid,
+				relacl = get_user_default_acl(OBJECT_SEQUENCE, ownerid,
 											  relnamespace);
 				break;
 			default:
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index bc999ca3c4..370be1c420 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -2112,6 +2112,7 @@ pg_get_object_address(PG_FUNCTION_ARGS)
 		case OBJECT_MATVIEW:
 		case OBJECT_INDEX:
 		case OBJECT_FOREIGN_TABLE:
+		case OBJECT_RELATION:
 		case OBJECT_COLUMN:
 		case OBJECT_ATTRIBUTE:
 		case OBJECT_COLLATION:
diff --git a/src/backend/catalog/pg_namespace.c b/src/backend/catalog/pg_namespace.c
index a82d785034..2cf52be025 100644
--- a/src/backend/catalog/pg_namespace.c
+++ b/src/backend/catalog/pg_namespace.c
@@ -63,7 +63,7 @@ NamespaceCreate(const char *nspName, Oid ownerId, bool isTemp)
 				 errmsg("schema \"%s\" already exists", nspName)));
 
 	if (!isTemp)
-		nspacl = get_user_default_acl(ACL_OBJECT_NAMESPACE, ownerId,
+		nspacl = get_user_default_acl(OBJECT_SCHEMA, ownerId,
 									  InvalidOid);
 	else
 		nspacl = NULL;
diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c
index 39d5172e97..dd674113ba 100644
--- a/src/backend/catalog/pg_proc.c
+++ b/src/backend/catalog/pg_proc.c
@@ -582,7 +582,7 @@ ProcedureCreate(const char *procedureName,
 		/* Creating a new procedure */
 
 		/* First, get default permissions and set up proacl */
-		proacl = get_user_default_acl(ACL_OBJECT_FUNCTION, proowner,
+		proacl = get_user_default_acl(OBJECT_FUNCTION, proowner,
 									  procNamespace);
 		if (proacl != NULL)
 			values[Anum_pg_proc_proacl - 1] = PointerGetDatum(proacl);
diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c
index 963ccb7ff2..fd63ea8cd1 100644
--- a/src/backend/catalog/pg_type.c
+++ b/src/backend/catalog/pg_type.c
@@ -380,7 +380,7 @@ TypeCreate(Oid newTypeOid,
 	else
 		nulls[Anum_pg_type_typdefault - 1] = true;
 
-	typacl = get_user_default_acl(ACL_OBJECT_TYPE, ownerId,
+	typacl = get_user_default_acl(OBJECT_TYPE, ownerId,
 								  typeNamespace);
 	if (typacl != NULL)
 		values[Anum_pg_type_typacl - 1] = PointerGetDatum(typacl);
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index 8455138ed3..5c1620b802 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -159,8 +159,8 @@ static Oid insert_event_trigger_tuple(const char *trigname, const char *eventnam
 static void validate_ddl_tags(const char *filtervar, List *taglist);
 static void validate_table_rewrite_tags(const char *filtervar, List *taglist);
 static void EventTriggerInvoke(List *fn_oid_list, EventTriggerData *trigdata);
-static const char *stringify_grantobjtype(GrantObjectType objtype);
-static const char *stringify_adefprivs_objtype(GrantObjectType objtype);
+static const char *stringify_grantobjtype(ObjectType objtype);
+static const char *stringify_adefprivs_objtype(ObjectType objtype);
 
 /*
  * Create an event trigger.
@@ -1108,6 +1108,7 @@ EventTriggerSupportsObjectType(ObjectType obtype)
 		case OBJECT_PROCEDURE:
 		case OBJECT_PUBLICATION:
 		case OBJECT_PUBLICATION_REL:
+		case OBJECT_RELATION:
 		case OBJECT_ROUTINE:
 		case OBJECT_RULE:
 		case OBJECT_SCHEMA:
@@ -1199,41 +1200,6 @@ EventTriggerSupportsObjectClass(ObjectClass objclass)
 	return false;
 }
 
-bool
-EventTriggerSupportsGrantObjectType(GrantObjectType objtype)
-{
-	switch (objtype)
-	{
-		case ACL_OBJECT_DATABASE:
-		case ACL_OBJECT_TABLESPACE:
-			/* no support for global objects */
-			return false;
-
-		case ACL_OBJECT_COLUMN:
-		case ACL_OBJECT_RELATION:
-		case ACL_OBJECT_SEQUENCE:
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_FDW:
-		case ACL_OBJECT_FOREIGN_SERVER:
-		case ACL_OBJECT_FUNCTION:
-		case ACL_OBJECT_LANGUAGE:
-		case ACL_OBJECT_LARGEOBJECT:
-		case ACL_OBJECT_NAMESPACE:
-		case ACL_OBJECT_PROCEDURE:
-		case ACL_OBJECT_ROUTINE:
-		case ACL_OBJECT_TYPE:
-			return true;
-
-			/*
-			 * There's intentionally no default: case here; we want the
-			 * compiler to warn if a new ACL class hasn't been handled above.
-			 */
-	}
-
-	/* Shouldn't get here, but if we do, say "no support" */
-	return false;
-}
-
 /*
  * Prepare event trigger state for a new complete query to run, if necessary;
  * returns whether this was done.  If it was, EventTriggerEndCompleteQuery must
@@ -2219,92 +2185,166 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS)
 }
 
 /*
- * Return the GrantObjectType as a string, as it would appear in GRANT and
+ * Return the ObjectType as a string, as it would appear in GRANT and
  * REVOKE commands.
  */
 static const char *
-stringify_grantobjtype(GrantObjectType objtype)
+stringify_grantobjtype(ObjectType objtype)
 {
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			return "COLUMN";
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			return "TABLE";
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			return "SEQUENCE";
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			return "DATABASE";
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			return "DOMAIN";
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			return "FOREIGN DATA WRAPPER";
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return "FOREIGN SERVER";
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			return "FUNCTION";
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return "LANGUAGE";
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return "LARGE OBJECT";
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return "SCHEMA";
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			return "PROCEDURE";
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			return "ROUTINE";
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return "TABLESPACE";
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			return "TYPE";
+		/* these currently aren't used */
+		case OBJECT_ACCESS_METHOD:
+		case OBJECT_AGGREGATE:
+		case OBJECT_AMOP:
+		case OBJECT_AMPROC:
+		case OBJECT_ATTRIBUTE:
+		case OBJECT_CAST:
+		case OBJECT_COLLATION:
+		case OBJECT_CONVERSION:
+		case OBJECT_DEFAULT:
+		case OBJECT_DEFACL:
+		case OBJECT_DOMCONSTRAINT:
+		case OBJECT_EVENT_TRIGGER:
+		case OBJECT_EXTENSION:
+		case OBJECT_FOREIGN_TABLE:
+		case OBJECT_INDEX:
+		case OBJECT_MATVIEW:
+		case OBJECT_OPCLASS:
+		case OBJECT_OPERATOR:
+		case OBJECT_OPFAMILY:
+		case OBJECT_POLICY:
+		case OBJECT_PUBLICATION:
+		case OBJECT_PUBLICATION_REL:
+		case OBJECT_ROLE:
+		case OBJECT_RULE:
+		case OBJECT_STATISTIC_EXT:
+		case OBJECT_SUBSCRIPTION:
+		case OBJECT_TABCONSTRAINT:
+		case OBJECT_TABLE:
+		case OBJECT_TRANSFORM:
+		case OBJECT_TRIGGER:
+		case OBJECT_TSCONFIGURATION:
+		case OBJECT_TSDICTIONARY:
+		case OBJECT_TSPARSER:
+		case OBJECT_TSTEMPLATE:
+		case OBJECT_USER_MAPPING:
+		case OBJECT_VIEW:
+			elog(ERROR, "unsupported object type: %d", (int) objtype);
 	}
 
-	elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
 	return "???";				/* keep compiler quiet */
 }
 
 /*
- * Return the GrantObjectType as a string; as above, but use the spelling
+ * Return the ObjectType as a string; as above, but use the spelling
  * in ALTER DEFAULT PRIVILEGES commands instead.  Generally this is just
  * the plural.
  */
 static const char *
-stringify_adefprivs_objtype(GrantObjectType objtype)
+stringify_adefprivs_objtype(ObjectType objtype)
 {
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			return "COLUMNS";
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			return "TABLES";
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			return "SEQUENCES";
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			return "DATABASES";
-		case ACL_OBJECT_DOMAIN:
+		case OBJECT_DOMAIN:
 			return "DOMAINS";
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			return "FOREIGN DATA WRAPPERS";
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return "FOREIGN SERVERS";
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			return "FUNCTIONS";
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return "LANGUAGES";
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return "LARGE OBJECTS";
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return "SCHEMAS";
-		case ACL_OBJECT_PROCEDURE:
+		case OBJECT_PROCEDURE:
 			return "PROCEDURES";
-		case ACL_OBJECT_ROUTINE:
+		case OBJECT_ROUTINE:
 			return "ROUTINES";
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return "TABLESPACES";
-		case ACL_OBJECT_TYPE:
+		case OBJECT_TYPE:
 			return "TYPES";
+		/* these currently aren't used */
+		case OBJECT_ACCESS_METHOD:
+		case OBJECT_AGGREGATE:
+		case OBJECT_AMOP:
+		case OBJECT_AMPROC:
+		case OBJECT_ATTRIBUTE:
+		case OBJECT_CAST:
+		case OBJECT_COLLATION:
+		case OBJECT_CONVERSION:
+		case OBJECT_DEFAULT:
+		case OBJECT_DEFACL:
+		case OBJECT_DOMCONSTRAINT:
+		case OBJECT_EVENT_TRIGGER:
+		case OBJECT_EXTENSION:
+		case OBJECT_FOREIGN_TABLE:
+		case OBJECT_INDEX:
+		case OBJECT_MATVIEW:
+		case OBJECT_OPCLASS:
+		case OBJECT_OPERATOR:
+		case OBJECT_OPFAMILY:
+		case OBJECT_POLICY:
+		case OBJECT_PUBLICATION:
+		case OBJECT_PUBLICATION_REL:
+		case OBJECT_ROLE:
+		case OBJECT_RULE:
+		case OBJECT_STATISTIC_EXT:
+		case OBJECT_SUBSCRIPTION:
+		case OBJECT_TABCONSTRAINT:
+		case OBJECT_TABLE:
+		case OBJECT_TRANSFORM:
+		case OBJECT_TRIGGER:
+		case OBJECT_TSCONFIGURATION:
+		case OBJECT_TSDICTIONARY:
+		case OBJECT_TSPARSER:
+		case OBJECT_TSTEMPLATE:
+		case OBJECT_USER_MAPPING:
+		case OBJECT_VIEW:
+			elog(ERROR, "unsupported object type: %d", (int) objtype);
 	}
 
-	elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
 	return "???";				/* keep compiler quiet */
 }
diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y
index e42b7caff6..e79113de51 100644
--- a/src/backend/parser/gram.y
+++ b/src/backend/parser/gram.y
@@ -115,7 +115,7 @@
 typedef struct PrivTarget
 {
 	GrantTargetType targtype;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	List	   *objs;
 } PrivTarget;
 
@@ -7002,7 +7002,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $1;
 					$$ = n;
 				}
@@ -7010,7 +7010,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7018,7 +7018,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_SEQUENCE;
+					n->objtype = OBJECT_SEQUENCE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7026,7 +7026,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FDW;
+					n->objtype = OBJECT_FDW;
 					n->objs = $4;
 					$$ = n;
 				}
@@ -7034,7 +7034,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FOREIGN_SERVER;
+					n->objtype = OBJECT_FOREIGN_SERVER;
 					n->objs = $3;
 					$$ = n;
 				}
@@ -7042,7 +7042,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_FUNCTION;
+					n->objtype = OBJECT_FUNCTION;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7050,7 +7050,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_PROCEDURE;
+					n->objtype = OBJECT_PROCEDURE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7058,7 +7058,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_ROUTINE;
+					n->objtype = OBJECT_ROUTINE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7066,7 +7066,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_DATABASE;
+					n->objtype = OBJECT_DATABASE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7074,7 +7074,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_DOMAIN;
+					n->objtype = OBJECT_DOMAIN;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7082,7 +7082,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_LANGUAGE;
+					n->objtype = OBJECT_LANGUAGE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7090,7 +7090,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_LARGEOBJECT;
+					n->objtype = OBJECT_LARGEOBJECT;
 					n->objs = $3;
 					$$ = n;
 				}
@@ -7098,7 +7098,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_NAMESPACE;
+					n->objtype = OBJECT_SCHEMA;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7106,7 +7106,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_TABLESPACE;
+					n->objtype = OBJECT_TABLESPACE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7114,7 +7114,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_OBJECT;
-					n->objtype = ACL_OBJECT_TYPE;
+					n->objtype = OBJECT_TYPE;
 					n->objs = $2;
 					$$ = n;
 				}
@@ -7122,7 +7122,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_RELATION;
+					n->objtype = OBJECT_RELATION;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7130,7 +7130,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_SEQUENCE;
+					n->objtype = OBJECT_SEQUENCE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7138,7 +7138,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_FUNCTION;
+					n->objtype = OBJECT_FUNCTION;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7146,7 +7146,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_PROCEDURE;
+					n->objtype = OBJECT_PROCEDURE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7154,7 +7154,7 @@ privilege_target:
 				{
 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
-					n->objtype = ACL_OBJECT_ROUTINE;
+					n->objtype = OBJECT_ROUTINE;
 					n->objs = $5;
 					$$ = n;
 				}
@@ -7312,12 +7312,12 @@ DefACLAction:
 		;
 
 defacl_privilege_target:
-			TABLES			{ $$ = ACL_OBJECT_RELATION; }
-			| FUNCTIONS		{ $$ = ACL_OBJECT_FUNCTION; }
-			| ROUTINES		{ $$ = ACL_OBJECT_FUNCTION; }
-			| SEQUENCES		{ $$ = ACL_OBJECT_SEQUENCE; }
-			| TYPES_P		{ $$ = ACL_OBJECT_TYPE; }
-			| SCHEMAS		{ $$ = ACL_OBJECT_NAMESPACE; }
+			TABLES			{ $$ = OBJECT_RELATION; }
+			| FUNCTIONS		{ $$ = OBJECT_FUNCTION; }
+			| ROUTINES		{ $$ = OBJECT_FUNCTION; }
+			| SEQUENCES		{ $$ = OBJECT_SEQUENCE; }
+			| TYPES_P		{ $$ = OBJECT_TYPE; }
+			| SCHEMAS		{ $$ = OBJECT_SCHEMA; }
 		;
 
 
diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c
index ec98a612ec..dddb3cf1e7 100644
--- a/src/backend/tcop/utility.c
+++ b/src/backend/tcop/utility.c
@@ -827,7 +827,7 @@ standard_ProcessUtility(PlannedStmt *pstmt,
 			{
 				GrantStmt  *stmt = (GrantStmt *) parsetree;
 
-				if (EventTriggerSupportsGrantObjectType(stmt->objtype))
+				if (EventTriggerSupportsObjectType(stmt->objtype))
 					ProcessUtilitySlow(pstate, pstmt, queryString,
 									   context, params, queryEnv,
 									   dest, completionTag);
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index c11f3dd1cb..42e3f6cc1a 100644
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -745,7 +745,7 @@ hash_aclitem_extended(PG_FUNCTION_ARGS)
  * absence of any pg_default_acl entry.
  */
 Acl *
-acldefault(GrantObjectType objtype, Oid ownerId)
+acldefault(ObjectType objtype, Oid ownerId)
 {
 	AclMode		world_default;
 	AclMode		owner_default;
@@ -755,56 +755,56 @@ acldefault(GrantObjectType objtype, Oid ownerId)
 
 	switch (objtype)
 	{
-		case ACL_OBJECT_COLUMN:
+		case OBJECT_COLUMN:
 			/* by default, columns have no extra privileges */
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_NO_RIGHTS;
 			break;
-		case ACL_OBJECT_RELATION:
+		case OBJECT_RELATION:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_RELATION;
 			break;
-		case ACL_OBJECT_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
-		case ACL_OBJECT_DATABASE:
+		case OBJECT_DATABASE:
 			/* for backwards compatibility, grant some rights by default */
 			world_default = ACL_CREATE_TEMP | ACL_CONNECT;
 			owner_default = ACL_ALL_RIGHTS_DATABASE;
 			break;
-		case ACL_OBJECT_FUNCTION:
+		case OBJECT_FUNCTION:
 			/* Grant EXECUTE by default, for now */
 			world_default = ACL_EXECUTE;
 			owner_default = ACL_ALL_RIGHTS_FUNCTION;
 			break;
-		case ACL_OBJECT_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			/* Grant USAGE by default, for now */
 			world_default = ACL_USAGE;
 			owner_default = ACL_ALL_RIGHTS_LANGUAGE;
 			break;
-		case ACL_OBJECT_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
-		case ACL_OBJECT_NAMESPACE:
+		case OBJECT_SCHEMA:
 			world_default = ACL_NO_RIGHTS;
-			owner_default = ACL_ALL_RIGHTS_NAMESPACE;
+			owner_default = ACL_ALL_RIGHTS_SCHEMA;
 			break;
-		case ACL_OBJECT_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_TABLESPACE;
 			break;
-		case ACL_OBJECT_FDW:
+		case OBJECT_FDW:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_FDW;
 			break;
-		case ACL_OBJECT_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			world_default = ACL_NO_RIGHTS;
 			owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			break;
-		case ACL_OBJECT_DOMAIN:
-		case ACL_OBJECT_TYPE:
+		case OBJECT_DOMAIN:
+		case OBJECT_TYPE:
 			world_default = ACL_USAGE;
 			owner_default = ACL_ALL_RIGHTS_TYPE;
 			break;
@@ -855,7 +855,7 @@ acldefault(GrantObjectType objtype, Oid ownerId)
 
 /*
  * SQL-accessible version of acldefault().  Hackish mapping from "char" type to
- * ACL_OBJECT_* values, but it's only used in the information schema, not
+ * OBJECT_* values, but it's only used in the information schema, not
  * documented for general use.
  */
 Datum
@@ -863,45 +863,45 @@ acldefault_sql(PG_FUNCTION_ARGS)
 {
 	char		objtypec = PG_GETARG_CHAR(0);
 	Oid			owner = PG_GETARG_OID(1);
-	GrantObjectType objtype = 0;
+	ObjectType	objtype = 0;
 
 	switch (objtypec)
 	{
 		case 'c':
-			objtype = ACL_OBJECT_COLUMN;
+			objtype = OBJECT_COLUMN;
 			break;
 		case 'r':
-			objtype = ACL_OBJECT_RELATION;
+			objtype = OBJECT_RELATION;
 			break;
 		case 's':
-			objtype = ACL_OBJECT_SEQUENCE;
+			objtype = OBJECT_SEQUENCE;
 			break;
 		case 'd':
-			objtype = ACL_OBJECT_DATABASE;
+			objtype = OBJECT_DATABASE;
 			break;
 		case 'f':
-			objtype = ACL_OBJECT_FUNCTION;
+			objtype = OBJECT_FUNCTION;
 			break;
 		case 'l':
-			objtype = ACL_OBJECT_LANGUAGE;
+			objtype = OBJECT_LANGUAGE;
 			break;
 		case 'L':
-			objtype = ACL_OBJECT_LARGEOBJECT;
+			objtype = OBJECT_LARGEOBJECT;
 			break;
 		case 'n':
-			objtype = ACL_OBJECT_NAMESPACE;
+			objtype = OBJECT_SCHEMA;
 			break;
 		case 't':
-			objtype = ACL_OBJECT_TABLESPACE;
+			objtype = OBJECT_TABLESPACE;
 			break;
 		case 'F':
-			objtype = ACL_OBJECT_FDW;
+			objtype = OBJECT_FDW;
 			break;
 		case 'S':
-			objtype = ACL_OBJECT_FOREIGN_SERVER;
+			objtype = OBJECT_FOREIGN_SERVER;
 			break;
 		case 'T':
-			objtype = ACL_OBJECT_TYPE;
+			objtype = OBJECT_TYPE;
 			break;
 		default:
 			elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
diff --git a/src/include/commands/event_trigger.h b/src/include/commands/event_trigger.h
index 8e4142391d..0e1959462e 100644
--- a/src/include/commands/event_trigger.h
+++ b/src/include/commands/event_trigger.h
@@ -50,7 +50,6 @@ extern void AlterEventTriggerOwner_oid(Oid, Oid newOwnerId);
 
 extern bool EventTriggerSupportsObjectType(ObjectType obtype);
 extern bool EventTriggerSupportsObjectClass(ObjectClass objclass);
-extern bool EventTriggerSupportsGrantObjectType(GrantObjectType objtype);
 extern void EventTriggerDDLCommandStart(Node *parsetree);
 extern void EventTriggerDDLCommandEnd(Node *parsetree);
 extern void EventTriggerSQLDrop(Node *parsetree);
diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h
index b72178efd1..c55c427b13 100644
--- a/src/include/nodes/parsenodes.h
+++ b/src/include/nodes/parsenodes.h
@@ -1645,6 +1645,7 @@ typedef enum ObjectType
 	OBJECT_PROCEDURE,
 	OBJECT_PUBLICATION,
 	OBJECT_PUBLICATION_REL,
+	OBJECT_RELATION,
 	OBJECT_ROLE,
 	OBJECT_ROUTINE,
 	OBJECT_RULE,
@@ -1845,31 +1846,12 @@ typedef enum GrantTargetType
 	ACL_TARGET_DEFAULTS			/* ALTER DEFAULT PRIVILEGES */
 } GrantTargetType;
 
-typedef enum GrantObjectType
-{
-	ACL_OBJECT_COLUMN,			/* column */
-	ACL_OBJECT_RELATION,		/* table, view */
-	ACL_OBJECT_SEQUENCE,		/* sequence */
-	ACL_OBJECT_DATABASE,		/* database */
-	ACL_OBJECT_DOMAIN,			/* domain */
-	ACL_OBJECT_FDW,				/* foreign-data wrapper */
-	ACL_OBJECT_FOREIGN_SERVER,	/* foreign server */
-	ACL_OBJECT_FUNCTION,		/* function */
-	ACL_OBJECT_LANGUAGE,		/* procedural language */
-	ACL_OBJECT_LARGEOBJECT,		/* largeobject */
-	ACL_OBJECT_NAMESPACE,		/* namespace */
-	ACL_OBJECT_PROCEDURE,		/* procedure */
-	ACL_OBJECT_ROUTINE,			/* routine */
-	ACL_OBJECT_TABLESPACE,		/* tablespace */
-	ACL_OBJECT_TYPE				/* type */
-} GrantObjectType;
-
 typedef struct GrantStmt
 {
 	NodeTag		type;
 	bool		is_grant;		/* true = GRANT, false = REVOKE */
 	GrantTargetType targtype;	/* type of the grant target */
-	GrantObjectType objtype;	/* kind of object being operated on */
+	ObjectType	objtype;		/* kind of object being operated on */
 	List	   *objects;		/* list of RangeVar nodes, ObjectWithArgs
 								 * nodes, or plain names (as Value strings) */
 	List	   *privileges;		/* list of AccessPriv nodes */
diff --git a/src/include/tcop/deparse_utility.h b/src/include/tcop/deparse_utility.h
index 9b78748bfd..8459463391 100644
--- a/src/include/tcop/deparse_utility.h
+++ b/src/include/tcop/deparse_utility.h
@@ -97,7 +97,7 @@ typedef struct CollectedCommand
 		/* ALTER DEFAULT PRIVILEGES */
 		struct
 		{
-			GrantObjectType objtype;
+			ObjectType	objtype;
 		}			defprivs;
 	}			d;
 } CollectedCommand;
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
index 67c7b2d4ac..7db1606b8f 100644
--- a/src/include/utils/acl.h
+++ b/src/include/utils/acl.h
@@ -163,7 +163,7 @@ typedef ArrayType Acl;
 #define ACL_ALL_RIGHTS_FUNCTION		(ACL_EXECUTE)
 #define ACL_ALL_RIGHTS_LANGUAGE		(ACL_USAGE)
 #define ACL_ALL_RIGHTS_LARGEOBJECT	(ACL_SELECT|ACL_UPDATE)
-#define ACL_ALL_RIGHTS_NAMESPACE	(ACL_USAGE|ACL_CREATE)
+#define ACL_ALL_RIGHTS_SCHEMA		(ACL_USAGE|ACL_CREATE)
 #define ACL_ALL_RIGHTS_TABLESPACE	(ACL_CREATE)
 #define ACL_ALL_RIGHTS_TYPE			(ACL_USAGE)
 
@@ -217,8 +217,8 @@ typedef enum AclObjectKind
 /*
  * routines used internally
  */
-extern Acl *acldefault(GrantObjectType objtype, Oid ownerId);
-extern Acl *get_user_default_acl(GrantObjectType objtype, Oid ownerId,
+extern Acl *acldefault(ObjectType objtype, Oid ownerId);
+extern Acl *get_user_default_acl(ObjectType objtype, Oid ownerId,
 					 Oid nsp_oid);
 
 extern Acl *aclupdate(const Acl *old_acl, const AclItem *mod_aip,
diff --git a/src/include/utils/aclchk_internal.h b/src/include/utils/aclchk_internal.h
index 1843f50b5a..590ae5eee8 100644
--- a/src/include/utils/aclchk_internal.h
+++ b/src/include/utils/aclchk_internal.h
@@ -26,12 +26,12 @@
  * Note: 'all_privs' and 'privileges' represent object-level privileges only.
  * There might also be column-level privilege specifications, which are
  * represented in col_privs (this is a list of untransformed AccessPriv nodes).
- * Column privileges are only valid for objtype ACL_OBJECT_RELATION.
+ * Column privileges are only valid for objtype OBJECT_RELATION.
  */
 typedef struct
 {
 	bool		is_grant;
-	GrantObjectType objtype;
+	ObjectType	objtype;
 	List	   *objects;
 	bool		all_privs;
 	AclMode		privileges;

base-commit: 649aeb123f73e69cf78c52b534c15c51a229d63d
-- 
2.15.1

From 1175026bda2a8696a96f572688d7a95836930f58 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Sat, 2 Dec 2017 09:26:34 -0500
Subject: [PATCH v4 2/5] Replace AclObjectKind with ObjectType

AclObjectKind was basically just another enumeration for object types,
and we already have a preferred one for that.  It's only used in
aclcheck_error.  By using ObjectType instead, we can also give some more
precise error messages, for example "index" instead of "relation".
---
 contrib/dblink/dblink.c                            |   4 +-
 contrib/pg_prewarm/pg_prewarm.c                    |   2 +-
 contrib/pgrowlocks/pgrowlocks.c                    |   2 +-
 src/backend/access/brin/brin.c                     |   4 +-
 src/backend/access/gin/ginfast.c                   |   2 +-
 src/backend/catalog/aclchk.c                       | 508 +++++++++++++--------
 src/backend/catalog/namespace.c                    |   8 +-
 src/backend/catalog/objectaddress.c                |  90 ++--
 src/backend/catalog/pg_aggregate.c                 |   2 +-
 src/backend/catalog/pg_operator.c                  |   8 +-
 src/backend/catalog/pg_proc.c                      |   2 +-
 src/backend/catalog/pg_type.c                      |   2 +-
 src/backend/commands/aggregatecmds.c               |   2 +-
 src/backend/commands/alter.c                       |  18 +-
 src/backend/commands/collationcmds.c               |   4 +-
 src/backend/commands/conversioncmds.c              |   4 +-
 src/backend/commands/dbcommands.c                  |  16 +-
 src/backend/commands/event_trigger.c               |   4 +-
 src/backend/commands/extension.c                   |   8 +-
 src/backend/commands/foreigncmds.c                 |  16 +-
 src/backend/commands/functioncmds.c                |  26 +-
 src/backend/commands/indexcmds.c                   |  10 +-
 src/backend/commands/lockcmds.c                    |   4 +-
 src/backend/commands/opclasscmds.c                 |  16 +-
 src/backend/commands/operatorcmds.c                |  10 +-
 src/backend/commands/policy.c                      |   2 +-
 src/backend/commands/proclang.c                    |   4 +-
 src/backend/commands/publicationcmds.c             |  10 +-
 src/backend/commands/schemacmds.c                  |  10 +-
 src/backend/commands/statscmds.c                   |   2 +-
 src/backend/commands/subscriptioncmds.c            |   6 +-
 src/backend/commands/tablecmds.c                   |  36 +-
 src/backend/commands/tablespace.c                  |  10 +-
 src/backend/commands/trigger.c                     |   8 +-
 src/backend/commands/tsearchcmds.c                 |   8 +-
 src/backend/commands/typecmds.c                    |  28 +-
 src/backend/commands/user.c                        |   2 +-
 src/backend/executor/execExpr.c                    |   4 +-
 src/backend/executor/execMain.c                    |   2 +-
 src/backend/executor/execSRF.c                     |   2 +-
 src/backend/executor/nodeAgg.c                     |  10 +-
 src/backend/executor/nodeWindowAgg.c               |   8 +-
 src/backend/parser/parse_utilcmd.c                 |   4 +-
 src/backend/rewrite/rewriteDefine.c                |   6 +-
 src/backend/tcop/fastpath.c                        |   4 +-
 src/backend/utils/adt/dbsize.c                     |   4 +-
 src/backend/utils/adt/tid.c                        |   4 +-
 src/backend/utils/fmgr/fmgr.c                      |   4 +-
 src/include/catalog/objectaddress.h                |   2 +-
 src/include/utils/acl.h                            |  35 +-
 src/pl/tcl/pltcl.c                                 |   2 +-
 .../dummy_seclabel/expected/dummy_seclabel.out     |   4 +-
 src/test/regress/expected/create_procedure.out     |   2 +-
 src/test/regress/expected/privileges.out           |   8 +-
 54 files changed, 562 insertions(+), 441 deletions(-)

diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c
index a6c897c319..6b4d036d9e 100644
--- a/contrib/dblink/dblink.c
+++ b/contrib/dblink/dblink.c
@@ -2504,7 +2504,7 @@ get_rel_from_relname(text *relname_text, LOCKMODE lockmode, AclMode aclmode)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  aclmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	return rel;
@@ -2789,7 +2789,7 @@ get_connect_string(const char *servername)
 		/* Check permissions, user must have usage on the server. */
 		aclresult = pg_foreign_server_aclcheck(serverid, userid, ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, foreign_server->servername);
+			aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, foreign_server->servername);
 
 		foreach(cell, fdw->options)
 		{
diff --git a/contrib/pg_prewarm/pg_prewarm.c b/contrib/pg_prewarm/pg_prewarm.c
index 4117bf6d2e..bab01e6781 100644
--- a/contrib/pg_prewarm/pg_prewarm.c
+++ b/contrib/pg_prewarm/pg_prewarm.c
@@ -107,7 +107,7 @@ pg_prewarm(PG_FUNCTION_ARGS)
 	rel = relation_open(relOid, AccessShareLock);
 	aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS, get_rel_name(relOid));
+		aclcheck_error(aclresult, OBJECT_RELATION, get_rel_name(relOid));
 
 	/* Check that the fork exists. */
 	RelationOpenSmgr(rel);
diff --git a/contrib/pgrowlocks/pgrowlocks.c b/contrib/pgrowlocks/pgrowlocks.c
index eabca65bd2..38e10e59a8 100644
--- a/contrib/pgrowlocks/pgrowlocks.c
+++ b/contrib/pgrowlocks/pgrowlocks.c
@@ -121,7 +121,7 @@ pgrowlocks(PG_FUNCTION_ARGS)
 			aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
 
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL);
diff --git a/src/backend/access/brin/brin.c b/src/backend/access/brin/brin.c
index f54968bfb5..5027872267 100644
--- a/src/backend/access/brin/brin.c
+++ b/src/backend/access/brin/brin.c
@@ -894,7 +894,7 @@ brin_summarize_range(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	/*
@@ -965,7 +965,7 @@ brin_desummarize_range(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	/*
diff --git a/src/backend/access/gin/ginfast.c b/src/backend/access/gin/ginfast.c
index 222a80bc4b..615730b8e5 100644
--- a/src/backend/access/gin/ginfast.c
+++ b/src/backend/access/gin/ginfast.c
@@ -1035,7 +1035,7 @@ gin_clean_pending_list(PG_FUNCTION_ARGS)
 
 	/* User must own the index (comparable to privileges needed for VACUUM) */
 	if (!pg_class_ownercheck(indexoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
 					   RelationGetRelationName(indexRel));
 
 	memset(&stats, 0, sizeof(stats));
diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index ef6bc6a9db..2e07d75ef4 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -132,9 +132,9 @@ static const char *privilege_to_string(AclMode privilege);
 static AclMode restrict_and_check_grant(bool is_grant, AclMode avail_goptions,
 						 bool all_privs, AclMode privileges,
 						 Oid objectId, Oid grantorId,
-						 AclObjectKind objkind, const char *objname,
+						 ObjectType objtype, const char *objname,
 						 AttrNumber att_number, const char *colname);
-static AclMode pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum,
+static AclMode pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum,
 		   Oid roleid, AclMode mask, AclMaskHow how);
 static void recordExtensionInitPriv(Oid objoid, Oid classoid, int objsubid,
 						Acl *new_acl);
@@ -236,56 +236,56 @@ merge_acl_with_grant(Acl *old_acl, bool is_grant,
 static AclMode
 restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 						 AclMode privileges, Oid objectId, Oid grantorId,
-						 AclObjectKind objkind, const char *objname,
+						 ObjectType objtype, const char *objname,
 						 AttrNumber att_number, const char *colname)
 {
 	AclMode		this_privileges;
 	AclMode		whole_mask;
 
-	switch (objkind)
+	switch (objtype)
 	{
-		case ACL_KIND_COLUMN:
+		case OBJECT_COLUMN:
 			whole_mask = ACL_ALL_RIGHTS_COLUMN;
 			break;
-		case ACL_KIND_CLASS:
+		case OBJECT_RELATION:
 			whole_mask = ACL_ALL_RIGHTS_RELATION;
 			break;
-		case ACL_KIND_SEQUENCE:
+		case OBJECT_SEQUENCE:
 			whole_mask = ACL_ALL_RIGHTS_SEQUENCE;
 			break;
-		case ACL_KIND_DATABASE:
+		case OBJECT_DATABASE:
 			whole_mask = ACL_ALL_RIGHTS_DATABASE;
 			break;
-		case ACL_KIND_PROC:
+		case OBJECT_FUNCTION:
 			whole_mask = ACL_ALL_RIGHTS_FUNCTION;
 			break;
-		case ACL_KIND_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			whole_mask = ACL_ALL_RIGHTS_LANGUAGE;
 			break;
-		case ACL_KIND_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
 			break;
-		case ACL_KIND_NAMESPACE:
+		case OBJECT_SCHEMA:
 			whole_mask = ACL_ALL_RIGHTS_SCHEMA;
 			break;
-		case ACL_KIND_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
 			break;
-		case ACL_KIND_FDW:
+		case OBJECT_FDW:
 			whole_mask = ACL_ALL_RIGHTS_FDW;
 			break;
-		case ACL_KIND_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			whole_mask = ACL_ALL_RIGHTS_FOREIGN_SERVER;
 			break;
-		case ACL_KIND_EVENT_TRIGGER:
+		case OBJECT_EVENT_TRIGGER:
 			elog(ERROR, "grantable rights not supported for event triggers");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TYPE:
+		case OBJECT_TYPE:
 			whole_mask = ACL_ALL_RIGHTS_TYPE;
 			break;
 		default:
-			elog(ERROR, "unrecognized object kind: %d", objkind);
+			elog(ERROR, "unrecognized object type: %d", objtype);
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
 	}
@@ -297,14 +297,14 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	 */
 	if (avail_goptions == ACL_NO_RIGHTS)
 	{
-		if (pg_aclmask(objkind, objectId, att_number, grantorId,
+		if (pg_aclmask(objtype, objectId, att_number, grantorId,
 					   whole_mask | ACL_GRANT_OPTION_FOR(whole_mask),
 					   ACLMASK_ANY) == ACL_NO_RIGHTS)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
-				aclcheck_error_col(ACLCHECK_NO_PRIV, objkind, objname, colname);
+			if (objtype == OBJECT_COLUMN && colname)
+				aclcheck_error_col(ACLCHECK_NO_PRIV, objtype, objname, colname);
 			else
-				aclcheck_error(ACLCHECK_NO_PRIV, objkind, objname);
+				aclcheck_error(ACLCHECK_NO_PRIV, objtype, objname);
 		}
 	}
 
@@ -320,7 +320,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	{
 		if (this_privileges == 0)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
 						 errmsg("no privileges were granted for column \"%s\" of relation \"%s\"",
@@ -333,7 +333,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		}
 		else if (!all_privs && this_privileges != privileges)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
 						 errmsg("not all privileges were granted for column \"%s\" of relation \"%s\"",
@@ -349,7 +349,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 	{
 		if (this_privileges == 0)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
 						 errmsg("no privileges could be revoked for column \"%s\" of relation \"%s\"",
@@ -362,7 +362,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
 		}
 		else if (!all_privs && this_privileges != privileges)
 		{
-			if (objkind == ACL_KIND_COLUMN && colname)
+			if (objtype == OBJECT_COLUMN && colname)
 				ereport(WARNING,
 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
 						 errmsg("not all privileges could be revoked for column \"%s\" of relation \"%s\"",
@@ -1721,7 +1721,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
 		restrict_and_check_grant(istmt->is_grant, avail_goptions,
 								 (col_privileges == ACL_ALL_RIGHTS_COLUMN),
 								 col_privileges,
-								 relOid, grantorId, ACL_KIND_COLUMN,
+								 relOid, grantorId, OBJECT_COLUMN,
 								 relname, attnum,
 								 NameStr(pg_attribute_tuple->attname));
 
@@ -1975,7 +1975,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 			bool		replaces[Natts_pg_class];
 			int			nnewmembers;
 			Oid		   *newmembers;
-			AclObjectKind aclkind;
+			ObjectType	objtype;
 
 			/* Determine ID to do the grant as, and available grant options */
 			select_best_grantor(GetUserId(), this_privileges,
@@ -1985,10 +1985,10 @@ ExecGrant_Relation(InternalGrant *istmt)
 			switch (pg_class_tuple->relkind)
 			{
 				case RELKIND_SEQUENCE:
-					aclkind = ACL_KIND_SEQUENCE;
+					objtype = OBJECT_SEQUENCE;
 					break;
 				default:
-					aclkind = ACL_KIND_CLASS;
+					objtype = OBJECT_RELATION;
 					break;
 			}
 
@@ -1999,7 +1999,7 @@ ExecGrant_Relation(InternalGrant *istmt)
 			this_privileges =
 				restrict_and_check_grant(istmt->is_grant, avail_goptions,
 										 istmt->all_privs, this_privileges,
-										 relOid, grantorId, aclkind,
+										 relOid, grantorId, objtype,
 										 NameStr(pg_class_tuple->relname),
 										 0, NULL);
 
@@ -2193,7 +2193,7 @@ ExecGrant_Database(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 datId, grantorId, ACL_KIND_DATABASE,
+									 datId, grantorId, OBJECT_DATABASE,
 									 NameStr(pg_database_tuple->datname),
 									 0, NULL);
 
@@ -2315,7 +2315,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 fdwid, grantorId, ACL_KIND_FDW,
+									 fdwid, grantorId, OBJECT_FDW,
 									 NameStr(pg_fdw_tuple->fdwname),
 									 0, NULL);
 
@@ -2441,7 +2441,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 srvid, grantorId, ACL_KIND_FOREIGN_SERVER,
+									 srvid, grantorId, OBJECT_FOREIGN_SERVER,
 									 NameStr(pg_server_tuple->srvname),
 									 0, NULL);
 
@@ -2565,7 +2565,7 @@ ExecGrant_Function(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 funcId, grantorId, ACL_KIND_PROC,
+									 funcId, grantorId, OBJECT_FUNCTION,
 									 NameStr(pg_proc_tuple->proname),
 									 0, NULL);
 
@@ -2696,7 +2696,7 @@ ExecGrant_Language(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 langId, grantorId, ACL_KIND_LANGUAGE,
+									 langId, grantorId, OBJECT_LANGUAGE,
 									 NameStr(pg_language_tuple->lanname),
 									 0, NULL);
 
@@ -2835,7 +2835,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 loid, grantorId, ACL_KIND_LARGEOBJECT,
+									 loid, grantorId, OBJECT_LARGEOBJECT,
 									 loname, 0, NULL);
 
 		/*
@@ -2960,7 +2960,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 nspid, grantorId, ACL_KIND_NAMESPACE,
+									 nspid, grantorId, OBJECT_SCHEMA,
 									 NameStr(pg_namespace_tuple->nspname),
 									 0, NULL);
 
@@ -3084,7 +3084,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 tblId, grantorId, ACL_KIND_TABLESPACE,
+									 tblId, grantorId, OBJECT_TABLESPACE,
 									 NameStr(pg_tablespace_tuple->spcname),
 									 0, NULL);
 
@@ -3218,7 +3218,7 @@ ExecGrant_Type(InternalGrant *istmt)
 		this_privileges =
 			restrict_and_check_grant(istmt->is_grant, avail_goptions,
 									 istmt->all_privs, istmt->privileges,
-									 typId, grantorId, ACL_KIND_TYPE,
+									 typId, grantorId, OBJECT_TYPE,
 									 NameStr(pg_type_tuple->typname),
 									 0, NULL);
 
@@ -3347,114 +3347,8 @@ privilege_to_string(AclMode privilege)
  * Note: we do not double-quote the %s's below, because many callers
  * supply strings that might be already quoted.
  */
-
-static const char *const no_priv_msg[MAX_ACL_KIND] =
-{
-	/* ACL_KIND_COLUMN */
-	gettext_noop("permission denied for column %s"),
-	/* ACL_KIND_CLASS */
-	gettext_noop("permission denied for relation %s"),
-	/* ACL_KIND_SEQUENCE */
-	gettext_noop("permission denied for sequence %s"),
-	/* ACL_KIND_DATABASE */
-	gettext_noop("permission denied for database %s"),
-	/* ACL_KIND_PROC */
-	gettext_noop("permission denied for function %s"),
-	/* ACL_KIND_OPER */
-	gettext_noop("permission denied for operator %s"),
-	/* ACL_KIND_TYPE */
-	gettext_noop("permission denied for type %s"),
-	/* ACL_KIND_LANGUAGE */
-	gettext_noop("permission denied for language %s"),
-	/* ACL_KIND_LARGEOBJECT */
-	gettext_noop("permission denied for large object %s"),
-	/* ACL_KIND_NAMESPACE */
-	gettext_noop("permission denied for schema %s"),
-	/* ACL_KIND_OPCLASS */
-	gettext_noop("permission denied for operator class %s"),
-	/* ACL_KIND_OPFAMILY */
-	gettext_noop("permission denied for operator family %s"),
-	/* ACL_KIND_COLLATION */
-	gettext_noop("permission denied for collation %s"),
-	/* ACL_KIND_CONVERSION */
-	gettext_noop("permission denied for conversion %s"),
-	/* ACL_KIND_STATISTICS */
-	gettext_noop("permission denied for statistics object %s"),
-	/* ACL_KIND_TABLESPACE */
-	gettext_noop("permission denied for tablespace %s"),
-	/* ACL_KIND_TSDICTIONARY */
-	gettext_noop("permission denied for text search dictionary %s"),
-	/* ACL_KIND_TSCONFIGURATION */
-	gettext_noop("permission denied for text search configuration %s"),
-	/* ACL_KIND_FDW */
-	gettext_noop("permission denied for foreign-data wrapper %s"),
-	/* ACL_KIND_FOREIGN_SERVER */
-	gettext_noop("permission denied for foreign server %s"),
-	/* ACL_KIND_EVENT_TRIGGER */
-	gettext_noop("permission denied for event trigger %s"),
-	/* ACL_KIND_EXTENSION */
-	gettext_noop("permission denied for extension %s"),
-	/* ACL_KIND_PUBLICATION */
-	gettext_noop("permission denied for publication %s"),
-	/* ACL_KIND_SUBSCRIPTION */
-	gettext_noop("permission denied for subscription %s"),
-};
-
-static const char *const not_owner_msg[MAX_ACL_KIND] =
-{
-	/* ACL_KIND_COLUMN */
-	gettext_noop("must be owner of relation %s"),
-	/* ACL_KIND_CLASS */
-	gettext_noop("must be owner of relation %s"),
-	/* ACL_KIND_SEQUENCE */
-	gettext_noop("must be owner of sequence %s"),
-	/* ACL_KIND_DATABASE */
-	gettext_noop("must be owner of database %s"),
-	/* ACL_KIND_PROC */
-	gettext_noop("must be owner of function %s"),
-	/* ACL_KIND_OPER */
-	gettext_noop("must be owner of operator %s"),
-	/* ACL_KIND_TYPE */
-	gettext_noop("must be owner of type %s"),
-	/* ACL_KIND_LANGUAGE */
-	gettext_noop("must be owner of language %s"),
-	/* ACL_KIND_LARGEOBJECT */
-	gettext_noop("must be owner of large object %s"),
-	/* ACL_KIND_NAMESPACE */
-	gettext_noop("must be owner of schema %s"),
-	/* ACL_KIND_OPCLASS */
-	gettext_noop("must be owner of operator class %s"),
-	/* ACL_KIND_OPFAMILY */
-	gettext_noop("must be owner of operator family %s"),
-	/* ACL_KIND_COLLATION */
-	gettext_noop("must be owner of collation %s"),
-	/* ACL_KIND_CONVERSION */
-	gettext_noop("must be owner of conversion %s"),
-	/* ACL_KIND_STATISTICS */
-	gettext_noop("must be owner of statistics object %s"),
-	/* ACL_KIND_TABLESPACE */
-	gettext_noop("must be owner of tablespace %s"),
-	/* ACL_KIND_TSDICTIONARY */
-	gettext_noop("must be owner of text search dictionary %s"),
-	/* ACL_KIND_TSCONFIGURATION */
-	gettext_noop("must be owner of text search configuration %s"),
-	/* ACL_KIND_FDW */
-	gettext_noop("must be owner of foreign-data wrapper %s"),
-	/* ACL_KIND_FOREIGN_SERVER */
-	gettext_noop("must be owner of foreign server %s"),
-	/* ACL_KIND_EVENT_TRIGGER */
-	gettext_noop("must be owner of event trigger %s"),
-	/* ACL_KIND_EXTENSION */
-	gettext_noop("must be owner of extension %s"),
-	/* ACL_KIND_PUBLICATION */
-	gettext_noop("must be owner of publication %s"),
-	/* ACL_KIND_SUBSCRIPTION */
-	gettext_noop("must be owner of subscription %s"),
-};
-
-
 void
-aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error(AclResult aclerr, ObjectType objtype,
 			   const char *objectname)
 {
 	switch (aclerr)
@@ -3463,15 +3357,275 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
 			/* no error, so return to caller */
 			break;
 		case ACLCHECK_NO_PRIV:
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(no_priv_msg[objectkind], objectname)));
-			break;
+			{
+				const char *msg;
+
+				switch (objtype)
+				{
+					case OBJECT_AGGREGATE:
+						msg = gettext_noop("permission denied for aggregate %s");
+						break;
+					case OBJECT_COLLATION:
+						msg = gettext_noop("permission denied for collation %s");
+						break;
+					case OBJECT_COLUMN:
+						msg = gettext_noop("permission denied for column %s");
+						break;
+					case OBJECT_CONVERSION:
+						msg = gettext_noop("permission denied for conversion %s");
+						break;
+					case OBJECT_DATABASE:
+						msg = gettext_noop("permission denied for database %s");
+						break;
+					case OBJECT_DOMAIN:
+						msg = gettext_noop("permission denied for domain %s");
+						break;
+					case OBJECT_EVENT_TRIGGER:
+						msg = gettext_noop("permission denied for event trigger %s");
+						break;
+					case OBJECT_EXTENSION:
+						msg = gettext_noop("permission denied for extension %s");
+						break;
+					case OBJECT_FDW:
+						msg = gettext_noop("permission denied for foreign-data wrapper %s");
+						break;
+					case OBJECT_FOREIGN_SERVER:
+						msg = gettext_noop("permission denied for foreign server %s");
+						break;
+					case OBJECT_FOREIGN_TABLE:
+						msg = gettext_noop("permission denied for foreign table %s");
+						break;
+					case OBJECT_FUNCTION:
+						msg = gettext_noop("permission denied for function %s");
+						break;
+					case OBJECT_INDEX:
+						msg = gettext_noop("permission denied for index %s");
+						break;
+					case OBJECT_LANGUAGE:
+						msg = gettext_noop("permission denied for language %s");
+						break;
+					case OBJECT_LARGEOBJECT:
+						msg = gettext_noop("permission denied for large object %s");
+						break;
+					case OBJECT_MATVIEW:
+						msg = gettext_noop("permission denied for materialized view %s");
+						break;
+					case OBJECT_OPCLASS:
+						msg = gettext_noop("permission denied for operator class %s");
+						break;
+					case OBJECT_OPERATOR:
+						msg = gettext_noop("permission denied for operator %s");
+						break;
+					case OBJECT_OPFAMILY:
+						msg = gettext_noop("permission denied for operator family %s");
+						break;
+					case OBJECT_POLICY:
+						msg = gettext_noop("permission denied for policy %s");
+						break;
+					case OBJECT_PROCEDURE:
+						msg = gettext_noop("permission denied for procedure %s");
+						break;
+					case OBJECT_PUBLICATION:
+						msg = gettext_noop("permission denied for publication %s");
+						break;
+					case OBJECT_RELATION:
+						msg = gettext_noop("permission denied for relation %s");
+						break;
+					case OBJECT_ROUTINE:
+						msg = gettext_noop("permission denied for routine %s");
+						break;
+					case OBJECT_SCHEMA:
+						msg = gettext_noop("permission denied for schema %s");
+						break;
+					case OBJECT_SEQUENCE:
+						msg = gettext_noop("permission denied for sequence %s");
+						break;
+					case OBJECT_STATISTIC_EXT:
+						msg = gettext_noop("permission denied for statistics object %s");
+						break;
+					case OBJECT_SUBSCRIPTION:
+						msg = gettext_noop("permission denied for subscription %s");
+						break;
+					case OBJECT_TABLE:
+						msg = gettext_noop("permission denied for table %s");
+						break;
+					case OBJECT_TABLESPACE:
+						msg = gettext_noop("permission denied for tablespace %s");
+						break;
+					case OBJECT_TSCONFIGURATION:
+						msg = gettext_noop("permission denied for text search configuration %s");
+						break;
+					case OBJECT_TSDICTIONARY:
+						msg = gettext_noop("permission denied for text search dictionary %s");
+						break;
+					case OBJECT_TYPE:
+						msg = gettext_noop("permission denied for type %s");
+						break;
+					case OBJECT_VIEW:
+						msg = gettext_noop("permission denied for view %s");
+						break;
+					/* these currently aren't used */
+					case OBJECT_ACCESS_METHOD:
+					case OBJECT_AMOP:
+					case OBJECT_AMPROC:
+					case OBJECT_ATTRIBUTE:
+					case OBJECT_CAST:
+					case OBJECT_DEFAULT:
+					case OBJECT_DEFACL:
+					case OBJECT_DOMCONSTRAINT:
+					case OBJECT_PUBLICATION_REL:
+					case OBJECT_ROLE:
+					case OBJECT_RULE:
+					case OBJECT_TABCONSTRAINT:
+					case OBJECT_TRANSFORM:
+					case OBJECT_TRIGGER:
+					case OBJECT_TSPARSER:
+					case OBJECT_TSTEMPLATE:
+					case OBJECT_USER_MAPPING:
+						elog(ERROR, "unsupported object type %d", objtype);
+						msg = "???";
+				}
+
+				ereport(ERROR,
+						(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+						 errmsg(msg, objectname)));
+				break;
+			}
 		case ACLCHECK_NOT_OWNER:
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(not_owner_msg[objectkind], objectname)));
-			break;
+			{
+				const char *msg;
+
+				switch (objtype)
+				{
+					case OBJECT_AGGREGATE:
+						msg = gettext_noop("must be owner of aggregate %s");
+						break;
+					case OBJECT_COLLATION:
+						msg = gettext_noop("must be owner of collation %s");
+						break;
+					case OBJECT_COLUMN:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_CONVERSION:
+						msg = gettext_noop("must be owner of conversion %s");
+						break;
+					case OBJECT_DATABASE:
+						msg = gettext_noop("must be owner of database %s");
+						break;
+					case OBJECT_DOMAIN:
+						msg = gettext_noop("must be owner of domain %s");
+						break;
+					case OBJECT_EVENT_TRIGGER:
+						msg = gettext_noop("must be owner of event trigger %s");
+						break;
+					case OBJECT_EXTENSION:
+						msg = gettext_noop("must be owner of extension %s");
+						break;
+					case OBJECT_FDW:
+						msg = gettext_noop("must be owner of foreign-data wrapper %s");
+						break;
+					case OBJECT_FOREIGN_SERVER:
+						msg = gettext_noop("must be owner of foreign server %s");
+						break;
+					case OBJECT_FOREIGN_TABLE:
+						msg = gettext_noop("must be owner of foreign table %s");
+						break;
+					case OBJECT_FUNCTION:
+						msg = gettext_noop("must be owner of function %s");
+						break;
+					case OBJECT_INDEX:
+						msg = gettext_noop("must be owner of index %s");
+						break;
+					case OBJECT_LANGUAGE:
+						msg = gettext_noop("must be owner of language %s");
+						break;
+					case OBJECT_LARGEOBJECT:
+						msg = gettext_noop("must be owner of large object %s");
+						break;
+					case OBJECT_MATVIEW:
+						msg = gettext_noop("must be owner of materialized view %s");
+						break;
+					case OBJECT_OPCLASS:
+						msg = gettext_noop("must be owner of operator class %s");
+						break;
+					case OBJECT_OPERATOR:
+						msg = gettext_noop("must be owner of operator %s");
+						break;
+					case OBJECT_OPFAMILY:
+						msg = gettext_noop("must be owner of operator family %s");
+						break;
+					case OBJECT_POLICY:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_PROCEDURE:
+						msg = gettext_noop("must be owner of procedure %s");
+						break;
+					case OBJECT_PUBLICATION:
+						msg = gettext_noop("must be owner of publication %s");
+						break;
+					case OBJECT_RELATION:
+						msg = gettext_noop("must be owner of relation %s");
+						break;
+					case OBJECT_ROUTINE:
+						msg = gettext_noop("must be owner of routine %s");
+						break;
+					case OBJECT_SEQUENCE:
+						msg = gettext_noop("must be owner of sequence %s");
+						break;
+					case OBJECT_SUBSCRIPTION:
+						msg = gettext_noop("must be owner of subscription %s");
+						break;
+					case OBJECT_TABLE:
+						msg = gettext_noop("must be owner of table %s");
+						break;
+					case OBJECT_TYPE:
+						msg = gettext_noop("must be owner of type %s");
+						break;
+					case OBJECT_VIEW:
+						msg = gettext_noop("must be owner of view %s");
+						break;
+					case OBJECT_SCHEMA:
+						msg = gettext_noop("must be owner of schema %s");
+						break;
+					case OBJECT_STATISTIC_EXT:
+						msg = gettext_noop("must be owner of statistics object %s");
+						break;
+					case OBJECT_TABLESPACE:
+						msg = gettext_noop("must be owner of tablespace %s");
+						break;
+					case OBJECT_TSCONFIGURATION:
+						msg = gettext_noop("must be owner of text search configuration %s");
+						break;
+					case OBJECT_TSDICTIONARY:
+						msg = gettext_noop("must be owner of text search dictionary %s");
+						break;
+					/* these currently aren't used */
+					case OBJECT_ACCESS_METHOD:
+					case OBJECT_AMOP:
+					case OBJECT_AMPROC:
+					case OBJECT_ATTRIBUTE:
+					case OBJECT_CAST:
+					case OBJECT_DEFAULT:
+					case OBJECT_DEFACL:
+					case OBJECT_DOMCONSTRAINT:
+					case OBJECT_PUBLICATION_REL:
+					case OBJECT_ROLE:
+					case OBJECT_RULE:
+					case OBJECT_TABCONSTRAINT:
+					case OBJECT_TRANSFORM:
+					case OBJECT_TRIGGER:
+					case OBJECT_TSPARSER:
+					case OBJECT_TSTEMPLATE:
+					case OBJECT_USER_MAPPING:
+						elog(ERROR, "unsupported object type %d", objtype);
+						msg = "???";
+				}
+
+				ereport(ERROR,
+						(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+						 errmsg(msg, objectname)));
+				break;
+			}
 		default:
 			elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
 			break;
@@ -3480,7 +3634,7 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
 
 
 void
-aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error_col(AclResult aclerr, ObjectType objtype,
 				   const char *objectname, const char *colname)
 {
 	switch (aclerr)
@@ -3496,9 +3650,7 @@ aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
 			break;
 		case ACLCHECK_NOT_OWNER:
 			/* relation msg is OK since columns don't have separate owners */
-			ereport(ERROR,
-					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-					 errmsg(not_owner_msg[objectkind], objectname)));
+			aclcheck_error(aclerr, objtype, objectname);
 			break;
 		default:
 			elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
@@ -3516,7 +3668,7 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
 {
 	Oid			element_type = get_element_type(typeOid);
 
-	aclcheck_error(aclerr, ACL_KIND_TYPE, format_type_be(element_type ? element_type : typeOid));
+	aclcheck_error(aclerr, OBJECT_TYPE, format_type_be(element_type ? element_type : typeOid));
 }
 
 
@@ -3524,48 +3676,48 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
  * Relay for the various pg_*_mask routines depending on object kind
  */
 static AclMode
-pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum, Oid roleid,
+pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid,
 		   AclMode mask, AclMaskHow how)
 {
-	switch (objkind)
+	switch (objtype)
 	{
-		case ACL_KIND_COLUMN:
+		case OBJECT_COLUMN:
 			return
 				pg_class_aclmask(table_oid, roleid, mask, how) |
 				pg_attribute_aclmask(table_oid, attnum, roleid, mask, how);
-		case ACL_KIND_CLASS:
-		case ACL_KIND_SEQUENCE:
+		case OBJECT_RELATION:
+		case OBJECT_SEQUENCE:
 			return pg_class_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_DATABASE:
+		case OBJECT_DATABASE:
 			return pg_database_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_PROC:
+		case OBJECT_FUNCTION:
 			return pg_proc_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_LANGUAGE:
+		case OBJECT_LANGUAGE:
 			return pg_language_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_LARGEOBJECT:
+		case OBJECT_LARGEOBJECT:
 			return pg_largeobject_aclmask_snapshot(table_oid, roleid,
 												   mask, how, NULL);
-		case ACL_KIND_NAMESPACE:
+		case OBJECT_SCHEMA:
 			return pg_namespace_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_STATISTICS:
+		case OBJECT_STATISTIC_EXT:
 			elog(ERROR, "grantable rights not supported for statistics objects");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TABLESPACE:
+		case OBJECT_TABLESPACE:
 			return pg_tablespace_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_FDW:
+		case OBJECT_FDW:
 			return pg_foreign_data_wrapper_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_FOREIGN_SERVER:
+		case OBJECT_FOREIGN_SERVER:
 			return pg_foreign_server_aclmask(table_oid, roleid, mask, how);
-		case ACL_KIND_EVENT_TRIGGER:
+		case OBJECT_EVENT_TRIGGER:
 			elog(ERROR, "grantable rights not supported for event triggers");
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
-		case ACL_KIND_TYPE:
+		case OBJECT_TYPE:
 			return pg_type_aclmask(table_oid, roleid, mask, how);
 		default:
-			elog(ERROR, "unrecognized objkind: %d",
-				 (int) objkind);
+			elog(ERROR, "unrecognized objtype: %d",
+				 (int) objtype);
 			/* not reached, but keep compiler quiet */
 			return ACL_NO_RIGHTS;
 	}
diff --git a/src/backend/catalog/namespace.c b/src/backend/catalog/namespace.c
index 93c4bbfcb0..75636e6dab 100644
--- a/src/backend/catalog/namespace.c
+++ b/src/backend/catalog/namespace.c
@@ -560,7 +560,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
 		/* Check namespace permissions. */
 		aclresult = pg_namespace_aclcheck(nspid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(nspid));
 
 		if (retry)
@@ -585,7 +585,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
 		if (lockmode != NoLock && OidIsValid(relid))
 		{
 			if (!pg_class_ownercheck(relid, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 							   relation->relname);
 			if (relid != oldrelid)
 				LockRelationOid(relid, lockmode);
@@ -2874,7 +2874,7 @@ LookupExplicitNamespace(const char *nspname, bool missing_ok)
 
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   nspname);
 	/* Schema search hook for this lookup */
 	InvokeNamespaceSearchHook(namespaceId, true);
@@ -2911,7 +2911,7 @@ LookupCreationNamespace(const char *nspname)
 
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   nspname);
 
 	return namespaceId;
diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index 370be1c420..9be365f50d 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -104,7 +104,7 @@ typedef struct
 	AttrNumber	attnum_namespace;	/* attnum of namespace field */
 	AttrNumber	attnum_owner;	/* attnum of owner field */
 	AttrNumber	attnum_acl;		/* attnum of acl field */
-	AclObjectKind acl_kind;		/* ACL_KIND_* of this object type */
+	ObjectType	objtype;		/* OBJECT_* of this object type */
 	bool		is_nsp_name_unique; /* can the nsp/name combination (or name
 									 * alone, if there's no namespace) be
 									 * considered a unique identifier for an
@@ -146,7 +146,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_collation_collnamespace,
 		Anum_pg_collation_collowner,
 		InvalidAttrNumber,
-		ACL_KIND_COLLATION,
+		OBJECT_COLLATION,
 		true
 	},
 	{
@@ -170,7 +170,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_conversion_connamespace,
 		Anum_pg_conversion_conowner,
 		InvalidAttrNumber,
-		ACL_KIND_CONVERSION,
+		OBJECT_CONVERSION,
 		true
 	},
 	{
@@ -182,7 +182,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_database_datdba,
 		Anum_pg_database_datacl,
-		ACL_KIND_DATABASE,
+		OBJECT_DATABASE,
 		true
 	},
 	{
@@ -194,7 +194,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,		/* extension doesn't belong to extnamespace */
 		Anum_pg_extension_extowner,
 		InvalidAttrNumber,
-		ACL_KIND_EXTENSION,
+		OBJECT_EXTENSION,
 		true
 	},
 	{
@@ -206,7 +206,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_foreign_data_wrapper_fdwowner,
 		Anum_pg_foreign_data_wrapper_fdwacl,
-		ACL_KIND_FDW,
+		OBJECT_FDW,
 		true
 	},
 	{
@@ -218,7 +218,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_foreign_server_srvowner,
 		Anum_pg_foreign_server_srvacl,
-		ACL_KIND_FOREIGN_SERVER,
+		OBJECT_FOREIGN_SERVER,
 		true
 	},
 	{
@@ -230,7 +230,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_proc_pronamespace,
 		Anum_pg_proc_proowner,
 		Anum_pg_proc_proacl,
-		ACL_KIND_PROC,
+		OBJECT_FUNCTION,
 		false
 	},
 	{
@@ -242,7 +242,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_language_lanowner,
 		Anum_pg_language_lanacl,
-		ACL_KIND_LANGUAGE,
+		OBJECT_LANGUAGE,
 		true
 	},
 	{
@@ -254,7 +254,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_largeobject_metadata_lomowner,
 		Anum_pg_largeobject_metadata_lomacl,
-		ACL_KIND_LARGEOBJECT,
+		OBJECT_LARGEOBJECT,
 		false
 	},
 	{
@@ -266,7 +266,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_opclass_opcnamespace,
 		Anum_pg_opclass_opcowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPCLASS,
+		OBJECT_OPCLASS,
 		true
 	},
 	{
@@ -278,7 +278,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_operator_oprnamespace,
 		Anum_pg_operator_oprowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPER,
+		OBJECT_OPERATOR,
 		false
 	},
 	{
@@ -290,7 +290,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_opfamily_opfnamespace,
 		Anum_pg_opfamily_opfowner,
 		InvalidAttrNumber,
-		ACL_KIND_OPFAMILY,
+		OBJECT_OPFAMILY,
 		true
 	},
 	{
@@ -326,7 +326,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_namespace_nspowner,
 		Anum_pg_namespace_nspacl,
-		ACL_KIND_NAMESPACE,
+		OBJECT_SCHEMA,
 		true
 	},
 	{
@@ -338,7 +338,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_class_relnamespace,
 		Anum_pg_class_relowner,
 		Anum_pg_class_relacl,
-		ACL_KIND_CLASS,
+		OBJECT_RELATION,
 		true
 	},
 	{
@@ -350,7 +350,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_tablespace_spcowner,
 		Anum_pg_tablespace_spcacl,
-		ACL_KIND_TABLESPACE,
+		OBJECT_TABLESPACE,
 		true
 	},
 	{
@@ -392,7 +392,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_event_trigger_evtowner,
 		InvalidAttrNumber,
-		ACL_KIND_EVENT_TRIGGER,
+		OBJECT_EVENT_TRIGGER,
 		true
 	},
 	{
@@ -404,7 +404,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_ts_config_cfgnamespace,
 		Anum_pg_ts_config_cfgowner,
 		InvalidAttrNumber,
-		ACL_KIND_TSCONFIGURATION,
+		OBJECT_TSCONFIGURATION,
 		true
 	},
 	{
@@ -416,7 +416,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_ts_dict_dictnamespace,
 		Anum_pg_ts_dict_dictowner,
 		InvalidAttrNumber,
-		ACL_KIND_TSDICTIONARY,
+		OBJECT_TSDICTIONARY,
 		true
 	},
 	{
@@ -452,7 +452,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_type_typnamespace,
 		Anum_pg_type_typowner,
 		Anum_pg_type_typacl,
-		ACL_KIND_TYPE,
+		OBJECT_TYPE,
 		true
 	},
 	{
@@ -464,7 +464,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_publication_pubowner,
 		InvalidAttrNumber,
-		ACL_KIND_PUBLICATION,
+		OBJECT_PUBLICATION,
 		true
 	},
 	{
@@ -476,7 +476,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		InvalidAttrNumber,
 		Anum_pg_subscription_subowner,
 		InvalidAttrNumber,
-		ACL_KIND_SUBSCRIPTION,
+		OBJECT_SUBSCRIPTION,
 		true
 	},
 	{
@@ -488,7 +488,7 @@ static const ObjectPropertyType ObjectProperty[] =
 		Anum_pg_statistic_ext_stxnamespace,
 		Anum_pg_statistic_ext_stxowner,
 		InvalidAttrNumber,		/* no ACL (same as relation) */
-		ACL_KIND_STATISTICS,
+		OBJECT_STATISTIC_EXT,
 		true
 	}
 };
@@ -2242,12 +2242,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 		case OBJECT_POLICY:
 		case OBJECT_TABCONSTRAINT:
 			if (!pg_class_ownercheck(RelationGetRelid(relation), roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   RelationGetRelationName(relation));
 			break;
 		case OBJECT_DATABASE:
 			if (!pg_database_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TYPE:
@@ -2262,62 +2262,62 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 		case OBJECT_PROCEDURE:
 		case OBJECT_ROUTINE:
 			if (!pg_proc_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString((castNode(ObjectWithArgs, object))->objname));
 			break;
 		case OBJECT_OPERATOR:
 			if (!pg_oper_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString((castNode(ObjectWithArgs, object))->objname));
 			break;
 		case OBJECT_SCHEMA:
 			if (!pg_namespace_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_COLLATION:
 			if (!pg_collation_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_CONVERSION:
 			if (!pg_conversion_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_EXTENSION:
 			if (!pg_extension_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_FDW:
 			if (!pg_foreign_data_wrapper_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FDW,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_FOREIGN_SERVER:
 			if (!pg_foreign_server_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_EVENT_TRIGGER:
 			if (!pg_event_trigger_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_LANGUAGE:
 			if (!pg_language_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_OPCLASS:
 			if (!pg_opclass_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_OPFAMILY:
 			if (!pg_opfamily_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPFAMILY,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_LARGEOBJECT:
@@ -2347,12 +2347,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 			break;
 		case OBJECT_PUBLICATION:
 			if (!pg_publication_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_SUBSCRIPTION:
 			if (!pg_subscription_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TRANSFORM:
@@ -2366,17 +2366,17 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 			break;
 		case OBJECT_TABLESPACE:
 			if (!pg_tablespace_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   strVal((Value *) object));
 			break;
 		case OBJECT_TSDICTIONARY:
 			if (!pg_ts_dict_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_TSCONFIGURATION:
 			if (!pg_ts_config_ownercheck(address.objectId, roleid))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 							   NameListToString(castNode(List, object)));
 			break;
 		case OBJECT_ROLE:
@@ -2540,12 +2540,12 @@ get_object_attnum_acl(Oid class_id)
 	return prop->attnum_acl;
 }
 
-AclObjectKind
-get_object_aclkind(Oid class_id)
+ObjectType
+get_object_type(Oid class_id)
 {
 	const ObjectPropertyType *prop = get_object_property_data(class_id);
 
-	return prop->acl_kind;
+	return prop->objtype;
 }
 
 bool
diff --git a/src/backend/catalog/pg_aggregate.c b/src/backend/catalog/pg_aggregate.c
index e801c1ed5c..f14ea26fcb 100644
--- a/src/backend/catalog/pg_aggregate.c
+++ b/src/backend/catalog/pg_aggregate.c
@@ -865,7 +865,7 @@ lookup_agg_function(List *fnName,
 	/* Check aggregate creator has permission to call the function */
 	aclresult = pg_proc_aclcheck(fnOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fnOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(fnOid));
 
 	return fnOid;
 }
diff --git a/src/backend/catalog/pg_operator.c b/src/backend/catalog/pg_operator.c
index c96f336b7a..051602d820 100644
--- a/src/backend/catalog/pg_operator.c
+++ b/src/backend/catalog/pg_operator.c
@@ -425,7 +425,7 @@ OperatorCreate(const char *operatorName,
 	 */
 	if (OidIsValid(operatorObjectId) &&
 		!pg_oper_ownercheck(operatorObjectId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 					   operatorName);
 
 	/*
@@ -445,7 +445,7 @@ OperatorCreate(const char *operatorName,
 		/* Permission check: must own other operator */
 		if (OidIsValid(commutatorId) &&
 			!pg_oper_ownercheck(commutatorId, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 						   NameListToString(commutatorName));
 
 		/*
@@ -470,7 +470,7 @@ OperatorCreate(const char *operatorName,
 		/* Permission check: must own other operator */
 		if (OidIsValid(negatorId) &&
 			!pg_oper_ownercheck(negatorId, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 						   NameListToString(negatorName));
 	}
 	else
@@ -618,7 +618,7 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
 	aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(),
 									  ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(otherNamespace));
 
 	other_oid = OperatorShellMake(otherName,
diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c
index dd674113ba..b59fadbf76 100644
--- a/src/backend/catalog/pg_proc.c
+++ b/src/backend/catalog/pg_proc.c
@@ -400,7 +400,7 @@ ProcedureCreate(const char *procedureName,
 					 errmsg("function \"%s\" already exists with same argument types",
 							procedureName)));
 		if (!pg_proc_ownercheck(HeapTupleGetOid(oldtup), proowner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 						   procedureName);
 
 		/*
diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c
index fd63ea8cd1..660ac5b7c9 100644
--- a/src/backend/catalog/pg_type.c
+++ b/src/backend/catalog/pg_type.c
@@ -413,7 +413,7 @@ TypeCreate(Oid newTypeOid,
 		 * shell type must have been created by same owner
 		 */
 		if (((Form_pg_type) GETSTRUCT(tup))->typowner != ownerId)
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, typeName);
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TYPE, typeName);
 
 		/* trouble if caller wanted to force the OID */
 		if (OidIsValid(newTypeOid))
diff --git a/src/backend/commands/aggregatecmds.c b/src/backend/commands/aggregatecmds.c
index 15378a9d4d..1779ba7bcb 100644
--- a/src/backend/commands/aggregatecmds.c
+++ b/src/backend/commands/aggregatecmds.c
@@ -103,7 +103,7 @@ DefineAggregate(ParseState *pstate, List *name, List *args, bool oldstyle, List
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(aggNamespace));
 
 	/* Deconstruct the output of the aggr_args grammar production */
diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c
index 3995c5ef3d..2d88f4c649 100644
--- a/src/backend/commands/alter.c
+++ b/src/backend/commands/alter.c
@@ -171,7 +171,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	AclObjectKind acl_kind = get_object_aclkind(classId);
+	ObjectType	objtype = get_object_type(classId);
 	HeapTuple	oldtup;
 	HeapTuple	newtup;
 	Datum		datum;
@@ -223,7 +223,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 		ownerId = DatumGetObjectId(datum);
 
 		if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId)))
-			aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, old_name);
+			aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name);
 
 		/* User must have CREATE privilege on the namespace */
 		if (OidIsValid(namespaceId))
@@ -231,7 +231,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
 			aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 											  ACL_CREATE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+				aclcheck_error(aclresult, OBJECT_SCHEMA,
 							   get_namespace_name(namespaceId));
 		}
 	}
@@ -663,7 +663,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
 	AttrNumber	Anum_name = get_object_attnum_name(classId);
 	AttrNumber	Anum_namespace = get_object_attnum_namespace(classId);
 	AttrNumber	Anum_owner = get_object_attnum_owner(classId);
-	AclObjectKind acl_kind = get_object_aclkind(classId);
+	ObjectType	objtype = get_object_type(classId);
 	Oid			oldNspOid;
 	Datum		name,
 				namespace;
@@ -719,13 +719,13 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
 		ownerId = DatumGetObjectId(owner);
 
 		if (!has_privs_of_role(GetUserId(), ownerId))
-			aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind,
+			aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
 						   NameStr(*(DatumGetName(name))));
 
 		/* User must have CREATE privilege on new namespace */
 		aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(nspOid));
 	}
 
@@ -942,7 +942,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 		/* Superusers can bypass permission checks */
 		if (!superuser())
 		{
-			AclObjectKind aclkind = get_object_aclkind(classId);
+			ObjectType objtype = get_object_type(classId);
 
 			/* must be owner */
 			if (!has_privs_of_role(GetUserId(), old_ownerId))
@@ -963,7 +963,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 							 HeapTupleGetOid(oldtup));
 					objname = namebuf;
 				}
-				aclcheck_error(ACLCHECK_NOT_OWNER, aclkind, objname);
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname);
 			}
 			/* Must be able to become new owner */
 			check_is_member_of_role(GetUserId(), new_ownerId);
@@ -976,7 +976,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
 				aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId,
 												  ACL_CREATE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					aclcheck_error(aclresult, OBJECT_SCHEMA,
 								   get_namespace_name(namespaceId));
 			}
 		}
diff --git a/src/backend/commands/collationcmds.c b/src/backend/commands/collationcmds.c
index 6c6877395f..fdfb3dcd2c 100644
--- a/src/backend/commands/collationcmds.c
+++ b/src/backend/commands/collationcmds.c
@@ -74,7 +74,7 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e
 
 	aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(collNamespace));
 
 	foreach(pl, parameters)
@@ -278,7 +278,7 @@ AlterCollation(AlterCollationStmt *stmt)
 	collOid = get_collation_oid(stmt->collname, false);
 
 	if (!pg_collation_ownercheck(collOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_COLLATION,
 					   NameListToString(stmt->collname));
 
 	tup = SearchSysCacheCopy1(COLLOID, ObjectIdGetDatum(collOid));
diff --git a/src/backend/commands/conversioncmds.c b/src/backend/commands/conversioncmds.c
index 294143c522..01a02484a2 100644
--- a/src/backend/commands/conversioncmds.c
+++ b/src/backend/commands/conversioncmds.c
@@ -55,7 +55,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceId));
 
 	/* Check the encoding names */
@@ -90,7 +90,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
 	/* Check we have EXECUTE rights for the function */
 	aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(func_name));
 
 	/*
diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c
index 0b111fc5cf..d2020d07cf 100644
--- a/src/backend/commands/dbcommands.c
+++ b/src/backend/commands/dbcommands.c
@@ -422,7 +422,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
 		aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   tablespacename);
 
 		/* pg_global must never be the default tablespace */
@@ -822,7 +822,7 @@ dropdb(const char *dbname, bool missing_ok)
 	 * Permission checks
 	 */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   dbname);
 
 	/* DROP hook for the database being removed */
@@ -997,7 +997,7 @@ RenameDatabase(const char *oldname, const char *newname)
 
 	/* must be owner */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   oldname);
 
 	/* must have createdb rights */
@@ -1112,7 +1112,7 @@ movedb(const char *dbname, const char *tblspcname)
 	 * Permission checks
 	 */
 	if (!pg_database_ownercheck(db_id, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   dbname);
 
 	/*
@@ -1134,7 +1134,7 @@ movedb(const char *dbname, const char *tblspcname)
 	aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(),
 									   ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+		aclcheck_error(aclresult, OBJECT_TABLESPACE,
 					   tblspcname);
 
 	/*
@@ -1515,7 +1515,7 @@ AlterDatabase(ParseState *pstate, AlterDatabaseStmt *stmt, bool isTopLevel)
 	dboid = HeapTupleGetOid(tuple);
 
 	if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   stmt->dbname);
 
 	/*
@@ -1583,7 +1583,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
 	shdepLockAndCheckObject(DatabaseRelationId, datid);
 
 	if (!pg_database_ownercheck(datid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 					   stmt->dbname);
 
 	AlterSetting(datid, InvalidOid, stmt->setstmt);
@@ -1646,7 +1646,7 @@ AlterDatabaseOwner(const char *dbname, Oid newOwnerId)
 
 		/* Otherwise, must be owner of the existing object */
 		if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 						   dbname);
 
 		/* Must be able to become new owner */
diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c
index 5c1620b802..1dcdb07c29 100644
--- a/src/backend/commands/event_trigger.c
+++ b/src/backend/commands/event_trigger.c
@@ -519,7 +519,7 @@ AlterEventTrigger(AlterEventTrigStmt *stmt)
 	trigoid = HeapTupleGetOid(tup);
 
 	if (!pg_event_trigger_ownercheck(trigoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
 					   stmt->trigname);
 
 	/* tuple is a copy, so we can modify it below */
@@ -610,7 +610,7 @@ AlterEventTriggerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		return;
 
 	if (!pg_event_trigger_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
 					   NameStr(form->evtname));
 
 	/* New owner must be a superuser */
diff --git a/src/backend/commands/extension.c b/src/backend/commands/extension.c
index c0c933583f..2e4538146d 100644
--- a/src/backend/commands/extension.c
+++ b/src/backend/commands/extension.c
@@ -2704,13 +2704,13 @@ AlterExtensionNamespace(const char *extensionName, const char *newschema, Oid *o
 	 * check ownership of the individual member objects ...
 	 */
 	if (!pg_extension_ownercheck(extensionOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   extensionName);
 
 	/* Permission check: must have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE, newschema);
+		aclcheck_error(aclresult, OBJECT_SCHEMA, newschema);
 
 	/*
 	 * If the schema is currently a member of the extension, disallow moving
@@ -2924,7 +2924,7 @@ ExecAlterExtensionStmt(ParseState *pstate, AlterExtensionStmt *stmt)
 
 	/* Permission check: must own extension */
 	if (!pg_extension_ownercheck(extensionOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   stmt->extname);
 
 	/*
@@ -3182,7 +3182,7 @@ ExecAlterExtensionContentsStmt(AlterExtensionContentsStmt *stmt,
 
 	/* Permission check: must own extension */
 	if (!pg_extension_ownercheck(extension.objectId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
 					   stmt->extname);
 
 	/*
diff --git a/src/backend/commands/foreigncmds.c b/src/backend/commands/foreigncmds.c
index 44f3da9b51..5c53aeeaeb 100644
--- a/src/backend/commands/foreigncmds.c
+++ b/src/backend/commands/foreigncmds.c
@@ -358,7 +358,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 
 			/* Must be owner */
 			if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 							   NameStr(form->srvname));
 
 			/* Must be able to become new owner */
@@ -370,7 +370,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 			{
 				ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw);
 
-				aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+				aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
 			}
 		}
 
@@ -907,7 +907,7 @@ CreateForeignServer(CreateForeignServerStmt *stmt)
 
 	aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+		aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
 
 	/*
 	 * Insert tuple into pg_foreign_server.
@@ -1010,7 +1010,7 @@ AlterForeignServer(AlterForeignServerStmt *stmt)
 	 * Only owner or a superuser can ALTER a SERVER.
 	 */
 	if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 					   stmt->servername);
 
 	memset(repl_val, 0, sizeof(repl_val));
@@ -1119,10 +1119,10 @@ user_mapping_ddl_aclcheck(Oid umuserid, Oid serverid, const char *servername)
 
 			aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, servername);
+				aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername);
 		}
 		else
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
 						   servername);
 	}
 }
@@ -1477,7 +1477,7 @@ CreateForeignTable(CreateForeignTableStmt *stmt, Oid relid)
 	server = GetForeignServerByName(stmt->servername, false);
 	aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+		aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
 
 	fdw = GetForeignDataWrapper(server->fdwid);
 
@@ -1536,7 +1536,7 @@ ImportForeignSchema(ImportForeignSchemaStmt *stmt)
 	server = GetForeignServerByName(stmt->server_name, false);
 	aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+		aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
 
 	/* Check that the schema exists and we have CREATE permissions on it */
 	(void) LookupCreationNamespace(stmt->local_schema);
diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c
index 12ab33f418..ea08c3237c 100644
--- a/src/backend/commands/functioncmds.c
+++ b/src/backend/commands/functioncmds.c
@@ -146,7 +146,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
 		aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 										  ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(namespaceId));
 		address = TypeShellMake(typname, namespaceId, GetUserId());
 		rettype = address.objectId;
@@ -953,7 +953,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceId));
 
 	/* default attributes */
@@ -995,14 +995,14 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
 
 		aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+			aclcheck_error(aclresult, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 	else
 	{
 		/* if untrusted language, must be superuser */
 		if (!superuser())
-			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 
@@ -1254,7 +1254,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt)
 
 	/* Permission check: must own function */
 	if (!pg_proc_ownercheck(funcOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype,
 					   NameListToString(stmt->func->objname));
 
 	if (procForm->proisagg)
@@ -1911,7 +1911,7 @@ CreateTransform(CreateTransformStmt *stmt)
 
 	aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_LANGUAGE, stmt->lang);
+		aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang);
 
 	/*
 	 * Get the functions
@@ -1921,11 +1921,11 @@ CreateTransform(CreateTransformStmt *stmt)
 		fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false);
 
 		if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
 
 		aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+			aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
 
 		tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(fromsqlfuncid));
 		if (!HeapTupleIsValid(tuple))
@@ -1947,11 +1947,11 @@ CreateTransform(CreateTransformStmt *stmt)
 		tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false);
 
 		if (!pg_proc_ownercheck(tosqlfuncid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
 
 		aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+			aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
 
 		tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(tosqlfuncid));
 		if (!HeapTupleIsValid(tuple))
@@ -2209,14 +2209,14 @@ ExecuteDoStmt(DoStmt *stmt)
 		aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(),
 										 ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+			aclcheck_error(aclresult, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 	else
 	{
 		/* if untrusted language, must be superuser */
 		if (!superuser())
-			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
 						   NameStr(languageStruct->lanname));
 	}
 
@@ -2270,7 +2270,7 @@ ExecuteCallStmt(ParseState *pstate, CallStmt *stmt)
 
 	aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fexpr->funcid));
+		aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid));
 	InvokeFunctionExecuteHook(fexpr->funcid);
 
 	nargs = list_length(fexpr->args);
diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c
index 9e6ba92008..7d190cdc1b 100644
--- a/src/backend/commands/indexcmds.c
+++ b/src/backend/commands/indexcmds.c
@@ -431,7 +431,7 @@ DefineIndex(Oid relationId,
 		aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
 										  ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(namespaceId));
 	}
 
@@ -458,7 +458,7 @@ DefineIndex(Oid relationId,
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tablespaceId));
 	}
 
@@ -1839,7 +1839,7 @@ RangeVarCallbackForReindexIndex(const RangeVar *relation,
 
 	/* Check permissions */
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, relation->relname);
 
 	/* Lock heap before index to avoid deadlock. */
 	if (relId != oldRelId)
@@ -1918,7 +1918,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
 		objectOid = get_namespace_oid(objectName, false);
 
 		if (!pg_namespace_ownercheck(objectOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 						   objectName);
 	}
 	else
@@ -1930,7 +1930,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
 					(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
 					 errmsg("can only reindex the currently open database")));
 		if (!pg_database_ownercheck(objectOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 						   objectName);
 	}
 
diff --git a/src/backend/commands/lockcmds.c b/src/backend/commands/lockcmds.c
index c587edc209..aa54565716 100644
--- a/src/backend/commands/lockcmds.c
+++ b/src/backend/commands/lockcmds.c
@@ -96,7 +96,7 @@ RangeVarCallbackForLockTable(const RangeVar *rv, Oid relid, Oid oldrelid,
 	/* Check permissions. */
 	aclresult = LockTableAclCheck(relid, lockmode);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(aclresult, OBJECT_RELATION, rv->relname);
 }
 
 /*
@@ -127,7 +127,7 @@ LockTableRecurse(Oid reloid, LOCKMODE lockmode, bool nowait)
 
 			if (!relname)
 				continue;		/* child concurrently dropped, just skip it */
-			aclcheck_error(aclresult, ACL_KIND_CLASS, relname);
+			aclcheck_error(aclresult, OBJECT_RELATION, relname);
 		}
 
 		/* We have enough rights to lock the relation; do so. */
diff --git a/src/backend/commands/opclasscmds.c b/src/backend/commands/opclasscmds.c
index 7fb7b3976c..1768140a83 100644
--- a/src/backend/commands/opclasscmds.c
+++ b/src/backend/commands/opclasscmds.c
@@ -353,7 +353,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/* Get necessary info about access method */
@@ -497,11 +497,11 @@ DefineOpClass(CreateOpClassStmt *stmt)
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own operator and its underlying function */
 				if (!pg_oper_ownercheck(operOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 								   get_opname(operOid));
 				funcOid = get_opcode(operOid);
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -525,7 +525,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own function */
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -730,7 +730,7 @@ DefineOpFamily(CreateOpFamilyStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/* Get access method OID, throwing an error if it doesn't exist. */
@@ -871,11 +871,11 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own operator and its underlying function */
 				if (!pg_oper_ownercheck(operOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 								   get_opname(operOid));
 				funcOid = get_opcode(operOid);
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
@@ -899,7 +899,7 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
 				/* XXX this is unnecessary given the superuser check above */
 				/* Caller must own function */
 				if (!pg_proc_ownercheck(funcOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 								   get_func_name(funcOid));
 #endif
 
diff --git a/src/backend/commands/operatorcmds.c b/src/backend/commands/operatorcmds.c
index 81ef532184..35404ac39a 100644
--- a/src/backend/commands/operatorcmds.c
+++ b/src/backend/commands/operatorcmds.c
@@ -95,7 +95,7 @@ DefineOperator(List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(oprNamespace));
 
 	/*
@@ -215,7 +215,7 @@ DefineOperator(List *names, List *parameters)
 	 */
 	aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(functionName));
 
 	rettype = get_func_rettype(functionOid);
@@ -281,7 +281,7 @@ ValidateRestrictionEstimator(List *restrictionName)
 	/* Require EXECUTE rights for the estimator */
 	aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(restrictionName));
 
 	return restrictionOid;
@@ -327,7 +327,7 @@ ValidateJoinEstimator(List *joinName)
 	/* Require EXECUTE rights for the estimator */
 	aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   NameListToString(joinName));
 
 	return joinOid;
@@ -457,7 +457,7 @@ AlterOperator(AlterOperatorStmt *stmt)
 
 	/* Check permissions. Must be owner. */
 	if (!pg_oper_ownercheck(oprId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
 					   NameStr(oprForm->oprname));
 
 	/*
diff --git a/src/backend/commands/policy.c b/src/backend/commands/policy.c
index 396d4c3449..2ec35abf8f 100644
--- a/src/backend/commands/policy.c
+++ b/src/backend/commands/policy.c
@@ -78,7 +78,7 @@ RangeVarCallbackForPolicy(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
diff --git a/src/backend/commands/proclang.c b/src/backend/commands/proclang.c
index 9783a162d7..2ec96242ae 100644
--- a/src/backend/commands/proclang.c
+++ b/src/backend/commands/proclang.c
@@ -97,7 +97,7 @@ CreateProceduralLanguage(CreatePLangStmt *stmt)
 						 errmsg("must be superuser to create procedural language \"%s\"",
 								stmt->plname)));
 			if (!pg_database_ownercheck(MyDatabaseId, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 							   get_database_name(MyDatabaseId));
 		}
 
@@ -366,7 +366,7 @@ create_proc_lang(const char *languageName, bool replace,
 					(errcode(ERRCODE_DUPLICATE_OBJECT),
 					 errmsg("language \"%s\" already exists", languageName)));
 		if (!pg_language_ownercheck(HeapTupleGetOid(oldtup), languageOwner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_LANGUAGE,
 						   languageName);
 
 		/*
diff --git a/src/backend/commands/publicationcmds.c b/src/backend/commands/publicationcmds.c
index 91338e8d49..0cc62c77bd 100644
--- a/src/backend/commands/publicationcmds.c
+++ b/src/backend/commands/publicationcmds.c
@@ -150,7 +150,7 @@ CreatePublication(CreatePublicationStmt *stmt)
 	/* must have CREATE privilege on database */
 	aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	/* FOR ALL TABLES requires superuser */
@@ -403,7 +403,7 @@ AlterPublication(AlterPublicationStmt *stmt)
 
 	/* must be owner */
 	if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
 					   stmt->pubname);
 
 	if (stmt->options)
@@ -582,7 +582,7 @@ PublicationAddTables(Oid pubid, List *rels, bool if_not_exists,
 
 		/* Must be owner of the table or superuser. */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		obj = publication_add_relation(pubid, rel, if_not_exists);
@@ -649,7 +649,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 
 		/* Must be owner */
 		if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
 						   NameStr(form->pubname));
 
 		/* Must be able to become new owner */
@@ -658,7 +658,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		/* New owner must have CREATE privilege on database */
 		aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_DATABASE,
+			aclcheck_error(aclresult, OBJECT_DATABASE,
 						   get_database_name(MyDatabaseId));
 
 		if (form->puballtables && !superuser_arg(newOwnerId))
diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c
index 16b6e8f111..dc6cb46e4e 100644
--- a/src/backend/commands/schemacmds.c
+++ b/src/backend/commands/schemacmds.c
@@ -94,7 +94,7 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
 	 */
 	aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	check_is_member_of_role(saved_uid, owner_uid);
@@ -265,13 +265,13 @@ RenameSchema(const char *oldname, const char *newname)
 
 	/* must be owner */
 	if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 					   oldname);
 
 	/* must have CREATE privilege on database */
 	aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(MyDatabaseId));
 
 	if (!allowSystemTableMods && IsReservedName(newname))
@@ -373,7 +373,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
 
 		/* Otherwise, must be owner of the existing object */
 		if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
 						   NameStr(nspForm->nspname));
 
 		/* Must be able to become new owner */
@@ -391,7 +391,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
 		aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(),
 										 ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_DATABASE,
+			aclcheck_error(aclresult, OBJECT_DATABASE,
 						   get_database_name(MyDatabaseId));
 
 		memset(repl_null, false, sizeof(repl_null));
diff --git a/src/backend/commands/statscmds.c b/src/backend/commands/statscmds.c
index 5773a8fd03..8a0cc6c2cf 100644
--- a/src/backend/commands/statscmds.c
+++ b/src/backend/commands/statscmds.c
@@ -141,7 +141,7 @@ CreateStatistics(CreateStatsStmt *stmt)
 
 		/* You must own the relation to create stats on it */
 		if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 	}
 
diff --git a/src/backend/commands/subscriptioncmds.c b/src/backend/commands/subscriptioncmds.c
index bd25ec2401..9de5969302 100644
--- a/src/backend/commands/subscriptioncmds.c
+++ b/src/backend/commands/subscriptioncmds.c
@@ -635,7 +635,7 @@ AlterSubscription(AlterSubscriptionStmt *stmt)
 
 	/* must be owner */
 	if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   stmt->subname);
 
 	subid = HeapTupleGetOid(tup);
@@ -854,7 +854,7 @@ DropSubscription(DropSubscriptionStmt *stmt, bool isTopLevel)
 
 	/* must be owner */
 	if (!pg_subscription_ownercheck(subid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   stmt->subname);
 
 	/* DROP hook for the subscription being removed */
@@ -1022,7 +1022,7 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
 		return;
 
 	if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
 					   NameStr(form->subname));
 
 	/* New owner must be a superuser */
diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c
index f2a928b823..38bfd29cd9 100644
--- a/src/backend/commands/tablecmds.c
+++ b/src/backend/commands/tablecmds.c
@@ -588,7 +588,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tablespaceId));
 	}
 
@@ -1192,7 +1192,7 @@ RangeVarCallbackForDropRelation(const RangeVar *rel, Oid relOid, Oid oldRelOid,
 	/* Allow DROP to either table owner or schema owner */
 	if (!pg_class_ownercheck(relOid, GetUserId()) &&
 		!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   rel->relname);
 
 	if (!allowSystemTableMods && IsSystemClass(relOid, classform))
@@ -1374,7 +1374,7 @@ ExecuteTruncate(TruncateStmt *stmt)
 
 				/* This check must match AlterSequence! */
 				if (!pg_class_ownercheck(seq_relid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SEQUENCE,
 								   RelationGetRelationName(seq_rel));
 
 				seq_relids = lappend_oid(seq_relids, seq_relid);
@@ -1562,7 +1562,7 @@ truncate_check_rel(Relation rel)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_TRUNCATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -1848,7 +1848,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence,
 		 * demand that creator of a child table own the parent.
 		 */
 		if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   RelationGetRelationName(relation));
 
 		/*
@@ -2551,7 +2551,7 @@ renameatt_check(Oid myrelid, Form_pg_class classform, bool recursing)
 	 * permissions checking.  only the owner of a class can change its schema.
 	 */
 	if (!pg_class_ownercheck(myrelid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   NameStr(classform->relname));
 	if (!allowSystemTableMods && IsSystemClass(myrelid, classform))
 		ereport(ERROR,
@@ -4769,7 +4769,7 @@ ATSimplePermissions(Relation rel, int allowed_targets)
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (!allowSystemTableMods && IsSystemRelation(rel))
@@ -6212,7 +6212,7 @@ ATPrepSetStatistics(Relation rel, const char *colName, int16 colNum, Node *newVa
 
 	/* Permissions checks */
 	if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 }
 
@@ -8136,7 +8136,7 @@ checkFkeyPermissions(Relation rel, int16 *attnums, int natts)
 		aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i],
 										  roleid, ACL_REFERENCES);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 	}
 }
@@ -10046,7 +10046,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
 
 				/* Otherwise, must be owner of the existing object */
 				if (!pg_class_ownercheck(relationOid, GetUserId()))
-					aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+					aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 								   RelationGetRelationName(target_rel));
 
 				/* Must be able to become new owner */
@@ -10056,7 +10056,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
 				aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId,
 												  ACL_CREATE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+					aclcheck_error(aclresult, OBJECT_SCHEMA,
 								   get_namespace_name(namespaceOid));
 			}
 		}
@@ -10351,7 +10351,7 @@ ATPrepSetTableSpace(AlteredTableInfo *tab, Relation rel, const char *tablespacen
 
 		aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE, tablespacename);
+			aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename);
 	}
 
 	/* Save info for Phase 3 to do the real work */
@@ -10785,7 +10785,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
 		aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(),
 										   ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(new_tablespaceoid));
 	}
 
@@ -10856,7 +10856,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
 		 * Caller must be considered an owner on the table to move it.
 		 */
 		if (!pg_class_ownercheck(relOid, GetUserId()))
-			aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+			aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 						   NameStr(relForm->relname));
 
 		if (stmt->nowait &&
@@ -13101,7 +13101,7 @@ RangeVarCallbackOwnsTable(const RangeVar *relation,
 
 	/* Check permissions */
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, relation->relname);
 }
 
 /*
@@ -13123,7 +13123,7 @@ RangeVarCallbackOwnsRelation(const RangeVar *relation,
 		elog(ERROR, "cache lookup failed for relation %u", relId);
 
 	if (!pg_class_ownercheck(relId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   relation->relname);
 
 	if (!allowSystemTableMods &&
@@ -13159,7 +13159,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* Must own relation. */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	/* No system table modifications unless explicitly allowed. */
 	if (!allowSystemTableMods && IsSystemClass(relid, classform))
@@ -13179,7 +13179,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
 		aclresult = pg_namespace_aclcheck(classform->relnamespace,
 										  GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+			aclcheck_error(aclresult, OBJECT_SCHEMA,
 						   get_namespace_name(classform->relnamespace));
 		reltype = ((RenameStmt *) stmt)->renameType;
 	}
diff --git a/src/backend/commands/tablespace.c b/src/backend/commands/tablespace.c
index 8cb834c271..5c450caa4e 100644
--- a/src/backend/commands/tablespace.c
+++ b/src/backend/commands/tablespace.c
@@ -444,13 +444,13 @@ DropTableSpace(DropTableSpaceStmt *stmt)
 
 	/* Must be tablespace owner */
 	if (!pg_tablespace_ownercheck(tablespaceoid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
 					   tablespacename);
 
 	/* Disallow drop of the standard tablespaces, even by superuser */
 	if (tablespaceoid == GLOBALTABLESPACE_OID ||
 		tablespaceoid == DEFAULTTABLESPACE_OID)
-		aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE,
 					   tablespacename);
 
 	/* DROP hook for the tablespace being removed */
@@ -941,7 +941,7 @@ RenameTableSpace(const char *oldname, const char *newname)
 
 	/* Must be owner */
 	if (!pg_tablespace_ownercheck(HeapTupleGetOid(newtuple), GetUserId()))
-		aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, oldname);
+		aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, oldname);
 
 	/* Validate new name */
 	if (!allowSystemTableMods && IsReservedName(newname))
@@ -1017,7 +1017,7 @@ AlterTableSpaceOptions(AlterTableSpaceOptionsStmt *stmt)
 
 	/* Must be owner of the existing object */
 	if (!pg_tablespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
 					   stmt->tablespacename);
 
 	/* Generate new proposed spcoptions (text array) */
@@ -1232,7 +1232,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source)
 			if (aclresult != ACLCHECK_OK)
 			{
 				if (source >= PGC_S_INTERACTIVE)
-					aclcheck_error(aclresult, ACL_KIND_TABLESPACE, curname);
+					aclcheck_error(aclresult, OBJECT_TABLESPACE, curname);
 				continue;
 			}
 
diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c
index 1c488c338a..438653f310 100644
--- a/src/backend/commands/trigger.c
+++ b/src/backend/commands/trigger.c
@@ -284,7 +284,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 		aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 									  ACL_TRIGGER);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(rel));
 
 		if (OidIsValid(constrrelid))
@@ -292,7 +292,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 			aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
 										  ACL_TRIGGER);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_CLASS,
+				aclcheck_error(aclresult, OBJECT_RELATION,
 							   get_rel_name(constrrelid));
 		}
 	}
@@ -592,7 +592,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
 	{
 		aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   NameListToString(stmt->funcname));
 	}
 	funcrettype = get_func_rettype(funcoid);
@@ -1422,7 +1422,7 @@ RangeVarCallbackForRenameTrigger(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its triggers */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 	if (!allowSystemTableMods && IsSystemClass(relid, form))
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
diff --git a/src/backend/commands/tsearchcmds.c b/src/backend/commands/tsearchcmds.c
index bf06ed9318..bdf3857ce4 100644
--- a/src/backend/commands/tsearchcmds.c
+++ b/src/backend/commands/tsearchcmds.c
@@ -428,7 +428,7 @@ DefineTSDictionary(List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/*
@@ -549,7 +549,7 @@ AlterTSDictionary(AlterTSDictionaryStmt *stmt)
 
 	/* must be owner */
 	if (!pg_ts_dict_ownercheck(dictId, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSDICTIONARY,
 					   NameListToString(stmt->dictname));
 
 	/* deserialize the existing set of options */
@@ -980,7 +980,7 @@ DefineTSConfiguration(List *names, List *parameters, ObjectAddress *copied)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(namespaceoid));
 
 	/*
@@ -1189,7 +1189,7 @@ AlterTSConfiguration(AlterTSConfigurationStmt *stmt)
 
 	/* must be owner */
 	if (!pg_ts_config_ownercheck(HeapTupleGetOid(tup), GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSCONFIGURATION,
 					   NameListToString(stmt->cfgname));
 
 	relMap = heap_open(TSConfigMapRelationId, RowExclusiveLock);
diff --git a/src/backend/commands/typecmds.c b/src/backend/commands/typecmds.c
index a40b3cf752..74eb430f96 100644
--- a/src/backend/commands/typecmds.c
+++ b/src/backend/commands/typecmds.c
@@ -190,7 +190,7 @@ DefineType(ParseState *pstate, List *names, List *parameters)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(typeNamespace));
 #endif
 
@@ -526,25 +526,25 @@ DefineType(ParseState *pstate, List *names, List *parameters)
 #ifdef NOT_USED
 	/* XXX this is unnecessary given the superuser check above */
 	if (inputOid && !pg_proc_ownercheck(inputOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(inputName));
 	if (outputOid && !pg_proc_ownercheck(outputOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(outputName));
 	if (receiveOid && !pg_proc_ownercheck(receiveOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(receiveName));
 	if (sendOid && !pg_proc_ownercheck(sendOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(sendName));
 	if (typmodinOid && !pg_proc_ownercheck(typmodinOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(typmodinName));
 	if (typmodoutOid && !pg_proc_ownercheck(typmodoutOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(typmodoutName));
 	if (analyzeOid && !pg_proc_ownercheck(analyzeOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
 					   NameListToString(analyzeName));
 #endif
 
@@ -772,7 +772,7 @@ DefineDomain(CreateDomainStmt *stmt)
 	aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
 									  ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(domainNamespace));
 
 	/*
@@ -1171,7 +1171,7 @@ DefineEnum(CreateEnumStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(enumNamespace));
 
 	/*
@@ -1398,7 +1398,7 @@ DefineRange(CreateRangeStmt *stmt)
 	/* Check we have creation rights in target namespace */
 	aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(typeNamespace));
 
 	/*
@@ -2042,7 +2042,7 @@ findRangeCanonicalFunction(List *procname, Oid typeOid)
 	/* Also, range type's creator must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
 
 	return procOid;
 }
@@ -2085,7 +2085,7 @@ findRangeSubtypeDiffFunction(List *procname, Oid subtype)
 	/* Also, range type's creator must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
 
 	return procOid;
 }
@@ -3380,7 +3380,7 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype)
 											  newOwnerId,
 											  ACL_CREATE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+				aclcheck_error(aclresult, OBJECT_SCHEMA,
 							   get_namespace_name(typTup->typnamespace));
 		}
 
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c
index d559c29d24..71c5caa41b 100644
--- a/src/backend/commands/user.c
+++ b/src/backend/commands/user.c
@@ -939,7 +939,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
 			 * ALTER DATABASE ... SET, so use the same permission check.
 			 */
 			if (!pg_database_ownercheck(databaseid, GetUserId()))
-				aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+				aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
 							   stmt->database);
 		}
 	}
diff --git a/src/backend/executor/execExpr.c b/src/backend/executor/execExpr.c
index 794573803d..883a29f0a7 100644
--- a/src/backend/executor/execExpr.c
+++ b/src/backend/executor/execExpr.c
@@ -955,7 +955,7 @@ ExecInitExprRec(Expr *node, ExprState *state,
 											 GetUserId(),
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(opexpr->opfuncid));
 				InvokeFunctionExecuteHook(opexpr->opfuncid);
 
@@ -2162,7 +2162,7 @@ ExecInitFunc(ExprEvalStep *scratch, Expr *node, List *args, Oid funcid,
 	/* Check permission to call function */
 	aclresult = pg_proc_aclcheck(funcid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(funcid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(funcid));
 	InvokeFunctionExecuteHook(funcid);
 
 	/*
diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c
index 16822e962a..64a43822bb 100644
--- a/src/backend/executor/execMain.c
+++ b/src/backend/executor/execMain.c
@@ -579,7 +579,7 @@ ExecCheckRTPerms(List *rangeTable, bool ereport_on_violation)
 		{
 			Assert(rte->rtekind == RTE_RELATION);
 			if (ereport_on_violation)
-				aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS,
+				aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_RELATION,
 							   get_rel_name(rte->relid));
 			return false;
 		}
diff --git a/src/backend/executor/execSRF.c b/src/backend/executor/execSRF.c
index 8e521288a9..b97b8d797e 100644
--- a/src/backend/executor/execSRF.c
+++ b/src/backend/executor/execSRF.c
@@ -682,7 +682,7 @@ init_sexpr(Oid foid, Oid input_collation, Expr *node,
 	/* Check permission to call function */
 	aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(foid));
 	InvokeFunctionExecuteHook(foid);
 
 	/*
diff --git a/src/backend/executor/nodeAgg.c b/src/backend/executor/nodeAgg.c
index 061acad80f..ec62e7fb38 100644
--- a/src/backend/executor/nodeAgg.c
+++ b/src/backend/executor/nodeAgg.c
@@ -2548,7 +2548,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 		aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(),
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_AGGREGATE,
 						   get_func_name(aggref->aggfnoid));
 		InvokeFunctionExecuteHook(aggref->aggfnoid);
 
@@ -2638,7 +2638,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 			aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(transfn_oid));
 			InvokeFunctionExecuteHook(transfn_oid);
 			if (OidIsValid(finalfn_oid))
@@ -2646,7 +2646,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(finalfn_oid));
 				InvokeFunctionExecuteHook(finalfn_oid);
 			}
@@ -2655,7 +2655,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(serialfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(serialfn_oid));
 				InvokeFunctionExecuteHook(serialfn_oid);
 			}
@@ -2664,7 +2664,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
 				aclresult = pg_proc_aclcheck(deserialfn_oid, aggOwner,
 											 ACL_EXECUTE);
 				if (aclresult != ACLCHECK_OK)
-					aclcheck_error(aclresult, ACL_KIND_PROC,
+					aclcheck_error(aclresult, OBJECT_FUNCTION,
 								   get_func_name(deserialfn_oid));
 				InvokeFunctionExecuteHook(deserialfn_oid);
 			}
diff --git a/src/backend/executor/nodeWindowAgg.c b/src/backend/executor/nodeWindowAgg.c
index 5492fb3369..0afb1c83d3 100644
--- a/src/backend/executor/nodeWindowAgg.c
+++ b/src/backend/executor/nodeWindowAgg.c
@@ -1928,7 +1928,7 @@ ExecInitWindowAgg(WindowAgg *node, EState *estate, int eflags)
 		aclresult = pg_proc_aclcheck(wfunc->winfnoid, GetUserId(),
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   get_func_name(wfunc->winfnoid));
 		InvokeFunctionExecuteHook(wfunc->winfnoid);
 
@@ -2189,7 +2189,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 		aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
 									 ACL_EXECUTE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_PROC,
+			aclcheck_error(aclresult, OBJECT_FUNCTION,
 						   get_func_name(transfn_oid));
 		InvokeFunctionExecuteHook(transfn_oid);
 
@@ -2198,7 +2198,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 			aclresult = pg_proc_aclcheck(invtransfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(invtransfn_oid));
 			InvokeFunctionExecuteHook(invtransfn_oid);
 		}
@@ -2208,7 +2208,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
 			aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
 										 ACL_EXECUTE);
 			if (aclresult != ACLCHECK_OK)
-				aclcheck_error(aclresult, ACL_KIND_PROC,
+				aclcheck_error(aclresult, OBJECT_FUNCTION,
 							   get_func_name(finalfn_oid));
 			InvokeFunctionExecuteHook(finalfn_oid);
 		}
diff --git a/src/backend/parser/parse_utilcmd.c b/src/backend/parser/parse_utilcmd.c
index 128f1679c6..e7df455634 100644
--- a/src/backend/parser/parse_utilcmd.c
+++ b/src/backend/parser/parse_utilcmd.c
@@ -954,7 +954,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
 		aclresult = pg_type_aclcheck(relation->rd_rel->reltype, GetUserId(),
 									 ACL_USAGE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TYPE,
+			aclcheck_error(aclresult, OBJECT_TYPE,
 						   RelationGetRelationName(relation));
 	}
 	else
@@ -962,7 +962,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
 		aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(),
 									  ACL_SELECT);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_CLASS,
+			aclcheck_error(aclresult, OBJECT_RELATION,
 						   RelationGetRelationName(relation));
 	}
 
diff --git a/src/backend/rewrite/rewriteDefine.c b/src/backend/rewrite/rewriteDefine.c
index abf45fa82b..7eca67a52f 100644
--- a/src/backend/rewrite/rewriteDefine.c
+++ b/src/backend/rewrite/rewriteDefine.c
@@ -276,7 +276,7 @@ DefineQueryRewrite(const char *rulename,
 	 * Check user has permission to apply rules to this relation.
 	 */
 	if (!pg_class_ownercheck(event_relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   RelationGetRelationName(event_relation));
 
 	/*
@@ -864,7 +864,7 @@ EnableDisableRule(Relation rel, const char *rulename,
 	eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(ruletup))->ev_class;
 	Assert(eventRelationOid == owningRel);
 	if (!pg_class_ownercheck(eventRelationOid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION,
 					   get_rel_name(eventRelationOid));
 
 	/*
@@ -927,7 +927,7 @@ RangeVarCallbackForRenameRule(const RangeVar *rv, Oid relid, Oid oldrelid,
 
 	/* you must own the table to rename one of its rules */
 	if (!pg_class_ownercheck(relid, GetUserId()))
-		aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+		aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_RELATION, rv->relname);
 
 	ReleaseSysCache(tuple);
 }
diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c
index 3e531977db..d16ba5ec92 100644
--- a/src/backend/tcop/fastpath.c
+++ b/src/backend/tcop/fastpath.c
@@ -315,13 +315,13 @@ HandleFunctionRequest(StringInfo msgBuf)
 	 */
 	aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+		aclcheck_error(aclresult, OBJECT_SCHEMA,
 					   get_namespace_name(fip->namespace));
 	InvokeNamespaceSearchHook(fip->namespace, true);
 
 	aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC,
+		aclcheck_error(aclresult, OBJECT_FUNCTION,
 					   get_func_name(fid));
 	InvokeFunctionExecuteHook(fid);
 
diff --git a/src/backend/utils/adt/dbsize.c b/src/backend/utils/adt/dbsize.c
index 60f417f1b2..834a10485f 100644
--- a/src/backend/utils/adt/dbsize.c
+++ b/src/backend/utils/adt/dbsize.c
@@ -97,7 +97,7 @@ calculate_database_size(Oid dbOid)
 	if (aclresult != ACLCHECK_OK &&
 		!is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
 	{
-		aclcheck_error(aclresult, ACL_KIND_DATABASE,
+		aclcheck_error(aclresult, OBJECT_DATABASE,
 					   get_database_name(dbOid));
 	}
 
@@ -183,7 +183,7 @@ calculate_tablespace_size(Oid tblspcOid)
 	{
 		aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE);
 		if (aclresult != ACLCHECK_OK)
-			aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+			aclcheck_error(aclresult, OBJECT_TABLESPACE,
 						   get_tablespace_name(tblspcOid));
 	}
 
diff --git a/src/backend/utils/adt/tid.c b/src/backend/utils/adt/tid.c
index 5ed5fdaffe..4aa8122fa2 100644
--- a/src/backend/utils/adt/tid.c
+++ b/src/backend/utils/adt/tid.c
@@ -343,7 +343,7 @@ currtid_byreloid(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
@@ -377,7 +377,7 @@ currtid_byrelname(PG_FUNCTION_ARGS)
 	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
 								  ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_CLASS,
+		aclcheck_error(aclresult, OBJECT_RELATION,
 					   RelationGetRelationName(rel));
 
 	if (rel->rd_rel->relkind == RELKIND_VIEW)
diff --git a/src/backend/utils/fmgr/fmgr.c b/src/backend/utils/fmgr/fmgr.c
index 8968a9fde8..25f4c34901 100644
--- a/src/backend/utils/fmgr/fmgr.c
+++ b/src/backend/utils/fmgr/fmgr.c
@@ -2124,7 +2124,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
 	aclresult = pg_language_aclcheck(procStruct->prolang, GetUserId(),
 									 ACL_USAGE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+		aclcheck_error(aclresult, OBJECT_LANGUAGE,
 					   NameStr(langStruct->lanname));
 
 	/*
@@ -2134,7 +2134,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
 	 */
 	aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, NameStr(procStruct->proname));
+		aclcheck_error(aclresult, OBJECT_FUNCTION, NameStr(procStruct->proname));
 
 	ReleaseSysCache(procTup);
 	ReleaseSysCache(langTup);
diff --git a/src/include/catalog/objectaddress.h b/src/include/catalog/objectaddress.h
index 834554ec17..403e8bb2af 100644
--- a/src/include/catalog/objectaddress.h
+++ b/src/include/catalog/objectaddress.h
@@ -62,7 +62,7 @@ extern AttrNumber get_object_attnum_name(Oid class_id);
 extern AttrNumber get_object_attnum_namespace(Oid class_id);
 extern AttrNumber get_object_attnum_owner(Oid class_id);
 extern AttrNumber get_object_attnum_acl(Oid class_id);
-extern AclObjectKind get_object_aclkind(Oid class_id);
+extern ObjectType get_object_type(Oid class_id);
 extern bool get_object_namensp_unique(Oid class_id);
 
 extern HeapTuple get_catalog_object_by_oid(Relation catalog,
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
index 7db1606b8f..f4d4be8d0d 100644
--- a/src/include/utils/acl.h
+++ b/src/include/utils/acl.h
@@ -182,37 +182,6 @@ typedef enum
 	ACLCHECK_NOT_OWNER
 } AclResult;
 
-/* this enum covers all object types that can have privilege errors */
-/* currently it's only used to tell aclcheck_error what to say */
-typedef enum AclObjectKind
-{
-	ACL_KIND_COLUMN,			/* pg_attribute */
-	ACL_KIND_CLASS,				/* pg_class */
-	ACL_KIND_SEQUENCE,			/* pg_sequence */
-	ACL_KIND_DATABASE,			/* pg_database */
-	ACL_KIND_PROC,				/* pg_proc */
-	ACL_KIND_OPER,				/* pg_operator */
-	ACL_KIND_TYPE,				/* pg_type */
-	ACL_KIND_LANGUAGE,			/* pg_language */
-	ACL_KIND_LARGEOBJECT,		/* pg_largeobject */
-	ACL_KIND_NAMESPACE,			/* pg_namespace */
-	ACL_KIND_OPCLASS,			/* pg_opclass */
-	ACL_KIND_OPFAMILY,			/* pg_opfamily */
-	ACL_KIND_COLLATION,			/* pg_collation */
-	ACL_KIND_CONVERSION,		/* pg_conversion */
-	ACL_KIND_STATISTICS,		/* pg_statistic_ext */
-	ACL_KIND_TABLESPACE,		/* pg_tablespace */
-	ACL_KIND_TSDICTIONARY,		/* pg_ts_dict */
-	ACL_KIND_TSCONFIGURATION,	/* pg_ts_config */
-	ACL_KIND_FDW,				/* pg_foreign_data_wrapper */
-	ACL_KIND_FOREIGN_SERVER,	/* pg_foreign_server */
-	ACL_KIND_EVENT_TRIGGER,		/* pg_event_trigger */
-	ACL_KIND_EXTENSION,			/* pg_extension */
-	ACL_KIND_PUBLICATION,		/* pg_publication */
-	ACL_KIND_SUBSCRIPTION,		/* pg_subscription */
-	MAX_ACL_KIND				/* MUST BE LAST */
-} AclObjectKind;
-
 
 /*
  * routines used internally
@@ -301,10 +270,10 @@ extern AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMo
 extern AclResult pg_foreign_server_aclcheck(Oid srv_oid, Oid roleid, AclMode mode);
 extern AclResult pg_type_aclcheck(Oid type_oid, Oid roleid, AclMode mode);
 
-extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error(AclResult aclerr, ObjectType objtype,
 			   const char *objectname);
 
-extern void aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error_col(AclResult aclerr, ObjectType objtype,
 				   const char *objectname, const char *colname);
 
 extern void aclcheck_error_type(AclResult aclerr, Oid typeOid);
diff --git a/src/pl/tcl/pltcl.c b/src/pl/tcl/pltcl.c
index 8069784151..8f5847c4ff 100644
--- a/src/pl/tcl/pltcl.c
+++ b/src/pl/tcl/pltcl.c
@@ -618,7 +618,7 @@ call_pltcl_start_proc(Oid prolang, bool pltrusted)
 	/* Current user must have permission to call function */
 	aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
 	if (aclresult != ACLCHECK_OK)
-		aclcheck_error(aclresult, ACL_KIND_PROC, start_proc);
+		aclcheck_error(aclresult, OBJECT_FUNCTION, start_proc);
 
 	/* Get the function's pg_proc entry */
 	procTup = SearchSysCache1(PROCOID, ObjectIdGetDatum(procOid));
diff --git a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
index 77bdc9345d..b2d898a7d1 100644
--- a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
+++ b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
@@ -30,14 +30,14 @@ SECURITY LABEL FOR 'dummy' ON TABLE dummy_seclabel_tbl1 IS 'unclassified';	-- OK
 SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified';	-- fail
 ERROR:  security label provider "unknown_seclabel" is not loaded
 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified';	-- fail (not owner)
-ERROR:  must be owner of relation dummy_seclabel_tbl2
+ERROR:  must be owner of table dummy_seclabel_tbl2
 SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret';		-- fail (not superuser)
 ERROR:  only superuser can set 'secret' label
 SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified';	-- fail (not found)
 ERROR:  relation "dummy_seclabel_tbl3" does not exist
 SET SESSION AUTHORIZATION regress_dummy_seclabel_user2;
 SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified';		-- fail
-ERROR:  must be owner of relation dummy_seclabel_tbl1
+ERROR:  must be owner of table dummy_seclabel_tbl1
 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified';			-- OK
 --
 -- Test for shared database object
diff --git a/src/test/regress/expected/create_procedure.out b/src/test/regress/expected/create_procedure.out
index e627d8ebbc..ccad5c87d5 100644
--- a/src/test/regress/expected/create_procedure.out
+++ b/src/test/regress/expected/create_procedure.out
@@ -82,7 +82,7 @@ GRANT INSERT ON cp_test TO regress_user1;
 REVOKE EXECUTE ON PROCEDURE ptest1(text) FROM PUBLIC;
 SET ROLE regress_user1;
 CALL ptest1('a');  -- error
-ERROR:  permission denied for function ptest1
+ERROR:  permission denied for procedure ptest1
 RESET ROLE;
 GRANT EXECUTE ON PROCEDURE ptest1(text) TO regress_user1;
 SET ROLE regress_user1;
diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out
index e6994f0490..87e9211f6a 100644
--- a/src/test/regress/expected/privileges.out
+++ b/src/test/regress/expected/privileges.out
@@ -694,9 +694,9 @@ SET SESSION AUTHORIZATION regress_user3;
 SELECT testfunc1(5); -- fail
 ERROR:  permission denied for function testfunc1
 SELECT testagg1(x) FROM (VALUES (1), (2), (3)) _(x); -- fail
-ERROR:  permission denied for function testagg1
+ERROR:  permission denied for aggregate testagg1
 CALL testproc1(6); -- fail
-ERROR:  permission denied for function testproc1
+ERROR:  permission denied for procedure testproc1
 SELECT col1 FROM atest2 WHERE col2 = true; -- fail
 ERROR:  permission denied for relation atest2
 SELECT testfunc4(true); -- ok
@@ -722,9 +722,9 @@ CALL testproc1(6); -- ok
 DROP FUNCTION testfunc1(int); -- fail
 ERROR:  must be owner of function testfunc1
 DROP AGGREGATE testagg1(int); -- fail
-ERROR:  must be owner of function testagg1
+ERROR:  must be owner of aggregate testagg1
 DROP PROCEDURE testproc1(int); -- fail
-ERROR:  must be owner of function testproc1
+ERROR:  must be owner of procedure testproc1
 \c -
 DROP FUNCTION testfunc1(int); -- ok
 -- restore to sanity
-- 
2.15.1