aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/bin/scripts/createuser.c167
1 files changed, 119 insertions, 48 deletions
diff --git a/src/bin/scripts/createuser.c b/src/bin/scripts/createuser.c
index db85837952d..eba4d1be522 100644
--- a/src/bin/scripts/createuser.c
+++ b/src/bin/scripts/createuser.c
@@ -5,7 +5,7 @@
* Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/bin/scripts/createuser.c,v 1.17 2005/06/21 04:02:33 tgl Exp $
+ * $PostgreSQL: pgsql/src/bin/scripts/createuser.c,v 1.18 2005/08/14 20:16:03 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -30,9 +30,18 @@ main(int argc, char *argv[])
{"quiet", no_argument, NULL, 'q'},
{"createdb", no_argument, NULL, 'd'},
{"no-createdb", no_argument, NULL, 'D'},
+ {"superuser", no_argument, NULL, 's'},
+ {"no-superuser", no_argument, NULL, 'S'},
+ {"createrole", no_argument, NULL, 'r'},
+ {"no-createrole", no_argument, NULL, 'R'},
+ {"inherit", no_argument, NULL, 'i'},
+ {"no-inherit", no_argument, NULL, 'I'},
+ {"login", no_argument, NULL, 'l'},
+ {"no-login", no_argument, NULL, 'L'},
+ /* adduser is obsolete, undocumented spelling of superuser */
{"adduser", no_argument, NULL, 'a'},
{"no-adduser", no_argument, NULL, 'A'},
- {"sysid", required_argument, NULL, 'i'},
+ {"conn-limit", required_argument, NULL, 'c'},
{"pwprompt", no_argument, NULL, 'P'},
{"encrypted", no_argument, NULL, 'E'},
{"unencrypted", no_argument, NULL, 'N'},
@@ -51,8 +60,11 @@ main(int argc, char *argv[])
bool echo = false;
bool quiet = false;
int createdb = 0;
- int adduser = 0;
- char *sysid = NULL;
+ int superuser = 0;
+ int createrole = 0;
+ int inherit = 0;
+ int login = 0;
+ char *conn_limit = NULL;
bool pwprompt = false;
int encrypted = 0; /* 0 uses server default */
char *newpassword = NULL;
@@ -67,7 +79,8 @@ main(int argc, char *argv[])
handle_help_version_opts(argc, argv, "createuser", help);
- while ((c = getopt_long(argc, argv, "h:p:U:WeqaAdDi:PEN", long_options, &optindex)) != -1)
+ while ((c = getopt_long(argc, argv, "h:p:U:WeqdDsSaArRiIlLc:PEN",
+ long_options, &optindex)) != -1)
{
switch (c)
{
@@ -89,20 +102,40 @@ main(int argc, char *argv[])
case 'q':
quiet = true;
break;
- case 'a':
- adduser = +1;
- break;
- case 'A':
- adduser = -1;
- break;
case 'd':
createdb = +1;
break;
case 'D':
createdb = -1;
break;
+ case 's':
+ case 'a':
+ superuser = +1;
+ break;
+ case 'S':
+ case 'A':
+ superuser = -1;
+ break;
+ case 'r':
+ createrole = +1;
+ break;
+ case 'R':
+ createrole = -1;
+ break;
case 'i':
- sysid = optarg;
+ inherit = +1;
+ break;
+ case 'I':
+ inherit = -1;
+ break;
+ case 'l':
+ login = +1;
+ break;
+ case 'L':
+ login = -1;
+ break;
+ case 'c':
+ conn_limit = optarg;
break;
case 'P':
pwprompt = true;
@@ -133,26 +166,15 @@ main(int argc, char *argv[])
exit(1);
}
- if (sysid)
- {
- char *endptr;
-
- if (strtol(sysid, &endptr, 10) <= 0 || *endptr != '\0')
- {
- fprintf(stderr, _("%s: user ID must be a positive number\n"), progname);
- exit(1);
- }
- }
-
if (newuser == NULL)
- newuser = simple_prompt("Enter name of user to add: ", 128, true);
+ newuser = simple_prompt("Enter name of role to add: ", 128, true);
if (pwprompt)
{
char *pw1,
*pw2;
- pw1 = simple_prompt("Enter password for new user: ", 100, false);
+ pw1 = simple_prompt("Enter password for new role: ", 100, false);
pw2 = simple_prompt("Enter it again: ", 100, false);
if (strcmp(pw1, pw2) != 0)
{
@@ -163,33 +185,61 @@ main(int argc, char *argv[])
free(pw2);
}
+ if (superuser == 0)
+ {
+ char *reply;
+
+ reply = simple_prompt("Shall the new role be a superuser? (y/n) ", 1, true);
+ if (check_yesno_response(reply) == 1)
+ superuser = +1;
+ else
+ superuser = -1;
+ }
+
+ if (superuser == +1)
+ {
+ /* Not much point in trying to restrict a superuser */
+ createdb = +1;
+ createrole = +1;
+ }
+
if (createdb == 0)
{
char *reply;
- reply = simple_prompt("Shall the new user be allowed to create databases? (y/n) ", 1, true);
+ reply = simple_prompt("Shall the new role be allowed to create databases? (y/n) ", 1, true);
if (check_yesno_response(reply) == 1)
createdb = +1;
else
createdb = -1;
}
- if (adduser == 0)
+ if (createrole == 0)
{
char *reply;
- reply = simple_prompt("Shall the new user be allowed to create more new users? (y/n) ", 1, true);
+ reply = simple_prompt("Shall the new role be allowed to create more new roles? (y/n) ", 1, true);
if (check_yesno_response(reply) == 1)
- adduser = +1;
+ createrole = +1;
else
- adduser = -1;
+ createrole = -1;
+ }
+
+ if (inherit == 0)
+ {
+ /* silently default to YES */
+ inherit = +1;
+ }
+
+ if (login == 0)
+ {
+ /* silently default to YES */
+ login = +1;
}
initPQExpBuffer(&sql);
- printfPQExpBuffer(&sql, "CREATE USER %s", fmtId(newuser));
- if (sysid)
- appendPQExpBuffer(&sql, " SYSID %s", sysid);
+ printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));
if (newpassword)
{
if (encrypted == +1)
@@ -199,14 +249,28 @@ main(int argc, char *argv[])
appendPQExpBuffer(&sql, " PASSWORD ");
appendStringLiteral(&sql, newpassword, false);
}
+ if (superuser == +1)
+ appendPQExpBuffer(&sql, " SUPERUSER");
+ if (superuser == -1)
+ appendPQExpBuffer(&sql, " NOSUPERUSER");
if (createdb == +1)
appendPQExpBuffer(&sql, " CREATEDB");
if (createdb == -1)
appendPQExpBuffer(&sql, " NOCREATEDB");
- if (adduser == +1)
- appendPQExpBuffer(&sql, " CREATEUSER");
- if (adduser == -1)
- appendPQExpBuffer(&sql, " NOCREATEUSER");
+ if (createrole == +1)
+ appendPQExpBuffer(&sql, " CREATEROLE");
+ if (createrole == -1)
+ appendPQExpBuffer(&sql, " NOCREATEROLE");
+ if (inherit == +1)
+ appendPQExpBuffer(&sql, " INHERIT");
+ if (inherit == -1)
+ appendPQExpBuffer(&sql, " NOINHERIT");
+ if (login == +1)
+ appendPQExpBuffer(&sql, " LOGIN");
+ if (login == -1)
+ appendPQExpBuffer(&sql, " NOLOGIN");
+ if (conn_limit != NULL)
+ appendPQExpBuffer(&sql, " CONNECTION LIMIT %s", conn_limit);
appendPQExpBuffer(&sql, ";\n");
conn = connectDatabase("postgres", host, port, username, password, progname);
@@ -217,7 +281,7 @@ main(int argc, char *argv[])
if (PQresultStatus(result) != PGRES_COMMAND_OK)
{
- fprintf(stderr, _("%s: creation of new user failed: %s"),
+ fprintf(stderr, _("%s: creation of new role failed: %s"),
progname, PQerrorMessage(conn));
PQfinish(conn);
exit(1);
@@ -226,7 +290,7 @@ main(int argc, char *argv[])
PQfinish(conn);
if (!quiet)
{
- puts("CREATE USER");
+ puts("CREATE ROLE");
fflush(stdout);
}
exit(0);
@@ -236,18 +300,25 @@ main(int argc, char *argv[])
static void
help(const char *progname)
{
- printf(_("%s creates a new PostgreSQL user.\n\n"), progname);
+ printf(_("%s creates a new PostgreSQL role.\n\n"), progname);
printf(_("Usage:\n"));
printf(_(" %s [OPTION]... [USERNAME]\n"), progname);
printf(_("\nOptions:\n"));
- printf(_(" -a, --adduser user can add new users\n"));
- printf(_(" -A, --no-adduser user cannot add new users\n"));
- printf(_(" -d, --createdb user can create new databases\n"));
- printf(_(" -D, --no-createdb user cannot create databases\n"));
- printf(_(" -P, --pwprompt assign a password to new user\n"));
+ printf(_(" -s, --superuser role will be superuser\n"));
+ printf(_(" -S, --no-superuser role will not be superuser\n"));
+ printf(_(" -d, --createdb role can create new databases\n"));
+ printf(_(" -D, --no-createdb role cannot create databases\n"));
+ printf(_(" -r, --createrole role can create new roles\n"));
+ printf(_(" -R, --no-createrole role cannot create roles\n"));
+ printf(_(" -l, --login role can login (default)\n"));
+ printf(_(" -L, --no-login role cannot login\n"));
+ printf(_(" -i, --inherit role inherits permissions of roles\n"));
+ printf(_(" it is a member of (default)\n"));
+ printf(_(" -I, --no-inherit role does not inherit permissions\n"));
+ printf(_(" -c, --conn-limit=N max connections for role (default: no limit)\n"));
+ printf(_(" -P, --pwprompt assign a password to new role\n"));
printf(_(" -E, --encrypted encrypt stored password\n"));
printf(_(" -N, --unencrypted do not encrypt stored password\n"));
- printf(_(" -i, --sysid=SYSID select sysid for new user\n"));
printf(_(" -e, --echo show the commands being sent to the server\n"));
printf(_(" -q, --quiet don't write any messages\n"));
printf(_(" --help show this help, then exit\n"));
@@ -257,7 +328,7 @@ help(const char *progname)
printf(_(" -p, --port=PORT database server port\n"));
printf(_(" -U, --username=USERNAME user name to connect as (not the one to create)\n"));
printf(_(" -W, --password prompt for password to connect\n"));
- printf(_("\nIf one of -a, -A, -d, -D, and USERNAME is not specified, you will\n"
- "be prompted interactively.\n"));
+ printf(_("\nIf one of -s, -S, -d, -D, -r, -R and USERNAME is not specified,\n"
+ "you will be prompted interactively.\n"));
printf(_("\nReport bugs to <pgsql-bugs@postgresql.org>.\n"));
}