PostgreSQL Source Code  git master
dumputils.c File Reference
#include "postgres_fe.h"
#include <ctype.h>
#include "dumputils.h"
#include "fe_utils/string_utils.h"
Include dependency graph for dumputils.c:

Go to the source code of this file.

Macros

#define CONVERT_PRIV(code, keywd)
 

Functions

static bool parseAclItem (const char *item, const char *type, const char *name, const char *subname, int remoteVersion, PQExpBuffer grantee, PQExpBuffer grantor, PQExpBuffer privs, PQExpBuffer privswgo)
 
static char * copyAclUserName (PQExpBuffer output, char *input)
 
static void AddAcl (PQExpBuffer aclbuf, const char *keyword, const char *subname)
 
bool buildACLCommands (const char *name, const char *subname, const char *nspname, const char *type, const char *acls, const char *racls, const char *owner, const char *prefix, int remoteVersion, PQExpBuffer sql)
 
bool buildDefaultACLCommands (const char *type, const char *nspname, const char *acls, const char *racls, const char *initacls, const char *initracls, const char *owner, int remoteVersion, PQExpBuffer sql)
 
void buildShSecLabelQuery (PGconn *conn, const char *catalog_name, Oid objectId, PQExpBuffer sql)
 
void emitShSecLabels (PGconn *conn, PGresult *res, PQExpBuffer buffer, const char *objtype, const char *objname)
 
void buildACLQueries (PQExpBuffer acl_subquery, PQExpBuffer racl_subquery, PQExpBuffer init_acl_subquery, PQExpBuffer init_racl_subquery, const char *acl_column, const char *acl_owner, const char *obj_kind, bool binary_upgrade)
 
bool variable_is_guc_list_quote (const char *name)
 
bool SplitGUCList (char *rawstring, char separator, char ***namelist)
 
void makeAlterConfigCommand (PGconn *conn, const char *configitem, const char *type, const char *name, const char *type2, const char *name2, PQExpBuffer buf)
 

Macro Definition Documentation

◆ CONVERT_PRIV

#define CONVERT_PRIV (   code,
  keywd 
)
Value:
do { \
if ((pos = strchr(eqpos + 1, code))) \
{ \
if (*(pos + 1) == '*') \
{ \
AddAcl(privswgo, keywd, subname); \
all_without_go = false; \
} \
else \
{ \
AddAcl(privs, keywd, subname); \
all_with_go = false; \
} \
} \
else \
all_with_go = all_without_go = false; \
} while (0)
NameData subname

Referenced by parseAclItem().

Function Documentation

◆ AddAcl()

static void AddAcl ( PQExpBuffer  aclbuf,
const char *  keyword,
const char *  subname 
)
static

Definition at line 668 of file dumputils.c.

References appendPQExpBuffer(), appendPQExpBufferChar(), appendPQExpBufferStr(), and PQExpBufferData::len.

669 {
670  if (aclbuf->len > 0)
671  appendPQExpBufferChar(aclbuf, ',');
672  appendPQExpBufferStr(aclbuf, keyword);
673  if (subname)
674  appendPQExpBuffer(aclbuf, "(%s)", subname);
675 }
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
NameData subname
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
void appendPQExpBufferChar(PQExpBuffer str, char ch)
Definition: pqexpbuffer.c:380

◆ buildACLCommands()

bool buildACLCommands ( const char *  name,
const char *  subname,
const char *  nspname,
const char *  type,
const char *  acls,
const char *  racls,
const char *  owner,
const char *  prefix,
int  remoteVersion,
PQExpBuffer  sql 
)

Definition at line 58 of file dumputils.c.

References appendPQExpBuffer(), appendPQExpBufferStr(), Assert, createPQExpBuffer(), PQExpBufferData::data, destroyPQExpBuffer(), fmtId(), free, grantor, i, PQExpBufferData::len, parseAclItem(), parsePGArray(), and printfPQExpBuffer().

Referenced by buildDefaultACLCommands(), dumpACL(), and dumpTablespaces().

62 {
63  bool ok = true;
64  char **aclitems = NULL;
65  char **raclitems = NULL;
66  int naclitems = 0;
67  int nraclitems = 0;
68  int i;
69  PQExpBuffer grantee,
70  grantor,
71  privs,
72  privswgo;
73  PQExpBuffer firstsql,
74  secondsql;
75  bool found_owner_privs = false;
76 
77  if (strlen(acls) == 0 && strlen(racls) == 0)
78  return true; /* object has default permissions */
79 
80  /* treat empty-string owner same as NULL */
81  if (owner && *owner == '\0')
82  owner = NULL;
83 
84  if (strlen(acls) != 0)
85  {
86  if (!parsePGArray(acls, &aclitems, &naclitems))
87  {
88  if (aclitems)
89  free(aclitems);
90  return false;
91  }
92  }
93 
94  if (strlen(racls) != 0)
95  {
96  if (!parsePGArray(racls, &raclitems, &nraclitems))
97  {
98  if (aclitems)
99  free(aclitems);
100  if (raclitems)
101  free(raclitems);
102  return false;
103  }
104  }
105 
106  grantee = createPQExpBuffer();
107  grantor = createPQExpBuffer();
108  privs = createPQExpBuffer();
109  privswgo = createPQExpBuffer();
110 
111  /*
112  * At the end, these two will be pasted together to form the result.
113  *
114  * For older systems we use these to ensure that the owner privileges go
115  * before the other ones, as a GRANT could create the default entry for
116  * the object, which generally includes all rights for the owner. In more
117  * recent versions we normally handle this because the owner rights come
118  * first in the ACLs, but older versions might have them after the PUBLIC
119  * privileges.
120  *
121  * For 9.6 and later systems, much of this changes. With 9.6, we check
122  * the default privileges for the objects at dump time and create two sets
123  * of ACLs- "racls" which are the ACLs to REVOKE from the object (as the
124  * object may have initial privileges on it, along with any default ACLs
125  * which are not part of the current set of privileges), and regular
126  * "acls", which are the ACLs to GRANT to the object. We handle the
127  * REVOKEs first, followed by the GRANTs.
128  */
129  firstsql = createPQExpBuffer();
130  secondsql = createPQExpBuffer();
131 
132  /*
133  * For pre-9.6 systems, we always start with REVOKE ALL FROM PUBLIC, as we
134  * don't wish to make any assumptions about what the default ACLs are, and
135  * we do not collect them during the dump phase (and racls will always be
136  * the empty set, see above).
137  *
138  * For 9.6 and later, if any revoke ACLs have been provided, then include
139  * them in 'firstsql'.
140  *
141  * Revoke ACLs happen when an object starts out life with a set of
142  * privileges (eg: GRANT SELECT ON pg_class TO PUBLIC;) and the user has
143  * decided to revoke those rights. Since those objects come into being
144  * with those default privileges, we have to revoke them to match what the
145  * current state of affairs is. Note that we only started explicitly
146  * tracking such initial rights in 9.6, and prior to that all initial
147  * rights are actually handled by the simple 'REVOKE ALL .. FROM PUBLIC'
148  * case, for initdb-created objects. Prior to 9.6, we didn't handle
149  * extensions correctly, but we do now by tracking their initial
150  * privileges, in the same way we track initdb initial privileges, see
151  * pg_init_privs.
152  */
153  if (remoteVersion < 90600)
154  {
155  Assert(nraclitems == 0);
156 
157  appendPQExpBuffer(firstsql, "%sREVOKE ALL", prefix);
158  if (subname)
159  appendPQExpBuffer(firstsql, "(%s)", subname);
160  appendPQExpBuffer(firstsql, " ON %s ", type);
161  if (nspname && *nspname)
162  appendPQExpBuffer(firstsql, "%s.", fmtId(nspname));
163  appendPQExpBuffer(firstsql, "%s FROM PUBLIC;\n", name);
164  }
165  else
166  {
167  /* Scan individual REVOKE ACL items */
168  for (i = 0; i < nraclitems; i++)
169  {
170  if (!parseAclItem(raclitems[i], type, name, subname, remoteVersion,
171  grantee, grantor, privs, privswgo))
172  {
173  ok = false;
174  break;
175  }
176 
177  if (privs->len > 0 || privswgo->len > 0)
178  {
179  if (privs->len > 0)
180  {
181  appendPQExpBuffer(firstsql, "%sREVOKE %s ON %s ",
182  prefix, privs->data, type);
183  if (nspname && *nspname)
184  appendPQExpBuffer(firstsql, "%s.", fmtId(nspname));
185  appendPQExpBuffer(firstsql, "%s FROM ", name);
186  if (grantee->len == 0)
187  appendPQExpBufferStr(firstsql, "PUBLIC;\n");
188  else if (strncmp(grantee->data, "group ",
189  strlen("group ")) == 0)
190  appendPQExpBuffer(firstsql, "GROUP %s;\n",
191  fmtId(grantee->data + strlen("group ")));
192  else
193  appendPQExpBuffer(firstsql, "%s;\n",
194  fmtId(grantee->data));
195  }
196  if (privswgo->len > 0)
197  {
198  appendPQExpBuffer(firstsql,
199  "%sREVOKE GRANT OPTION FOR %s ON %s ",
200  prefix, privswgo->data, type);
201  if (nspname && *nspname)
202  appendPQExpBuffer(firstsql, "%s.", fmtId(nspname));
203  appendPQExpBuffer(firstsql, "%s FROM ", name);
204  if (grantee->len == 0)
205  appendPQExpBufferStr(firstsql, "PUBLIC");
206  else if (strncmp(grantee->data, "group ",
207  strlen("group ")) == 0)
208  appendPQExpBuffer(firstsql, "GROUP %s",
209  fmtId(grantee->data + strlen("group ")));
210  else
211  appendPQExpBufferStr(firstsql, fmtId(grantee->data));
212  }
213  }
214  }
215  }
216 
217  /*
218  * We still need some hacking though to cover the case where new default
219  * public privileges are added in new versions: the REVOKE ALL will revoke
220  * them, leading to behavior different from what the old version had,
221  * which is generally not what's wanted. So add back default privs if the
222  * source database is too old to have had that particular priv.
223  */
224  if (remoteVersion < 80200 && strcmp(type, "DATABASE") == 0)
225  {
226  /* database CONNECT priv didn't exist before 8.2 */
227  appendPQExpBuffer(firstsql, "%sGRANT CONNECT ON %s %s TO PUBLIC;\n",
228  prefix, type, name);
229  }
230 
231  /* Scan individual ACL items */
232  for (i = 0; i < naclitems; i++)
233  {
234  if (!parseAclItem(aclitems[i], type, name, subname, remoteVersion,
235  grantee, grantor, privs, privswgo))
236  {
237  ok = false;
238  break;
239  }
240 
241  if (grantor->len == 0 && owner)
242  printfPQExpBuffer(grantor, "%s", owner);
243 
244  if (privs->len > 0 || privswgo->len > 0)
245  {
246  /*
247  * Prior to 9.6, we had to handle owner privileges in a special
248  * manner by first REVOKE'ing the rights and then GRANT'ing them
249  * after. With 9.6 and above, what we need to REVOKE and what we
250  * need to GRANT is figured out when we dump and stashed into
251  * "racls" and "acls", respectively. See above.
252  */
253  if (remoteVersion < 90600 && owner
254  && strcmp(grantee->data, owner) == 0
255  && strcmp(grantor->data, owner) == 0)
256  {
257  found_owner_privs = true;
258 
259  /*
260  * For the owner, the default privilege level is ALL WITH
261  * GRANT OPTION.
262  */
263  if (strcmp(privswgo->data, "ALL") != 0)
264  {
265  appendPQExpBuffer(firstsql, "%sREVOKE ALL", prefix);
266  if (subname)
267  appendPQExpBuffer(firstsql, "(%s)", subname);
268  appendPQExpBuffer(firstsql, " ON %s ", type);
269  if (nspname && *nspname)
270  appendPQExpBuffer(firstsql, "%s.", fmtId(nspname));
271  appendPQExpBuffer(firstsql, "%s FROM %s;\n",
272  name, fmtId(grantee->data));
273  if (privs->len > 0)
274  {
275  appendPQExpBuffer(firstsql,
276  "%sGRANT %s ON %s ",
277  prefix, privs->data, type);
278  if (nspname && *nspname)
279  appendPQExpBuffer(firstsql, "%s.", fmtId(nspname));
280  appendPQExpBuffer(firstsql,
281  "%s TO %s;\n",
282  name, fmtId(grantee->data));
283  }
284  if (privswgo->len > 0)
285  {
286  appendPQExpBuffer(firstsql,
287  "%sGRANT %s ON %s ",
288  prefix, privswgo->data, type);
289  if (nspname && *nspname)
290  appendPQExpBuffer(firstsql, "%s.", fmtId(nspname));
291  appendPQExpBuffer(firstsql,
292  "%s TO %s WITH GRANT OPTION;\n",
293  name, fmtId(grantee->data));
294  }
295  }
296  }
297  else
298  {
299  /*
300  * For systems prior to 9.6, we can assume we are starting
301  * from no privs at this point.
302  *
303  * For 9.6 and above, at this point we have issued REVOKE
304  * statements for all initial and default privileges which are
305  * no longer present on the object (as they were passed in as
306  * 'racls') and we can simply GRANT the rights which are in
307  * 'acls'.
308  */
309  if (grantor->len > 0
310  && (!owner || strcmp(owner, grantor->data) != 0))
311  appendPQExpBuffer(secondsql, "SET SESSION AUTHORIZATION %s;\n",
312  fmtId(grantor->data));
313 
314  if (privs->len > 0)
315  {
316  appendPQExpBuffer(secondsql, "%sGRANT %s ON %s ",
317  prefix, privs->data, type);
318  if (nspname && *nspname)
319  appendPQExpBuffer(secondsql, "%s.", fmtId(nspname));
320  appendPQExpBuffer(secondsql, "%s TO ", name);
321  if (grantee->len == 0)
322  appendPQExpBufferStr(secondsql, "PUBLIC;\n");
323  else if (strncmp(grantee->data, "group ",
324  strlen("group ")) == 0)
325  appendPQExpBuffer(secondsql, "GROUP %s;\n",
326  fmtId(grantee->data + strlen("group ")));
327  else
328  appendPQExpBuffer(secondsql, "%s;\n", fmtId(grantee->data));
329  }
330  if (privswgo->len > 0)
331  {
332  appendPQExpBuffer(secondsql, "%sGRANT %s ON %s ",
333  prefix, privswgo->data, type);
334  if (nspname && *nspname)
335  appendPQExpBuffer(secondsql, "%s.", fmtId(nspname));
336  appendPQExpBuffer(secondsql, "%s TO ", name);
337  if (grantee->len == 0)
338  appendPQExpBufferStr(secondsql, "PUBLIC");
339  else if (strncmp(grantee->data, "group ",
340  strlen("group ")) == 0)
341  appendPQExpBuffer(secondsql, "GROUP %s",
342  fmtId(grantee->data + strlen("group ")));
343  else
344  appendPQExpBufferStr(secondsql, fmtId(grantee->data));
345  appendPQExpBufferStr(secondsql, " WITH GRANT OPTION;\n");
346  }
347 
348  if (grantor->len > 0
349  && (!owner || strcmp(owner, grantor->data) != 0))
350  appendPQExpBufferStr(secondsql, "RESET SESSION AUTHORIZATION;\n");
351  }
352  }
353  }
354 
355  /*
356  * For systems prior to 9.6, if we didn't find any owner privs, the owner
357  * must have revoked 'em all.
358  *
359  * For 9.6 and above, we handle this through the 'racls'. See above.
360  */
361  if (remoteVersion < 90600 && !found_owner_privs && owner)
362  {
363  appendPQExpBuffer(firstsql, "%sREVOKE ALL", prefix);
364  if (subname)
365  appendPQExpBuffer(firstsql, "(%s)", subname);
366  appendPQExpBuffer(firstsql, " ON %s ", type);
367  if (nspname && *nspname)
368  appendPQExpBuffer(firstsql, "%s.", fmtId(nspname));
369  appendPQExpBuffer(firstsql, "%s FROM %s;\n",
370  name, fmtId(owner));
371  }
372 
373  destroyPQExpBuffer(grantee);
374  destroyPQExpBuffer(grantor);
375  destroyPQExpBuffer(privs);
376  destroyPQExpBuffer(privswgo);
377 
378  appendPQExpBuffer(sql, "%s%s", firstsql->data, secondsql->data);
379  destroyPQExpBuffer(firstsql);
380  destroyPQExpBuffer(secondsql);
381 
382  if (aclitems)
383  free(aclitems);
384 
385  if (raclitems)
386  free(raclitems);
387 
388  return ok;
389 }
void printfPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:237
bool parsePGArray(const char *atext, char ***itemarray, int *nitems)
Definition: string_utils.c:657
const char * fmtId(const char *rawid)
Definition: string_utils.c:64
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
NameData subname
Oid grantor
void destroyPQExpBuffer(PQExpBuffer str)
Definition: pqexpbuffer.c:116
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
PQExpBuffer createPQExpBuffer(void)
Definition: pqexpbuffer.c:74
#define free(a)
Definition: header.h:65
#define Assert(condition)
Definition: c.h:739
const char * name
Definition: encode.c:521
int i
static bool parseAclItem(const char *item, const char *type, const char *name, const char *subname, int remoteVersion, PQExpBuffer grantee, PQExpBuffer grantor, PQExpBuffer privs, PQExpBuffer privswgo)
Definition: dumputils.c:472

◆ buildACLQueries()

void buildACLQueries ( PQExpBuffer  acl_subquery,
PQExpBuffer  racl_subquery,
PQExpBuffer  init_acl_subquery,
PQExpBuffer  init_racl_subquery,
const char *  acl_column,
const char *  acl_owner,
const char *  obj_kind,
bool  binary_upgrade 
)

Definition at line 742 of file dumputils.c.

References printfPQExpBuffer().

Referenced by dumpTable(), getAggregates(), getBlobs(), getDefaultACLs(), getForeignDataWrappers(), getForeignServers(), getFuncs(), getNamespaces(), getProcLangs(), getTables(), and getTypes().

746 {
747  /*
748  * To get the delta from what the permissions were at creation time
749  * (either initdb or CREATE EXTENSION) vs. what they are now, we have to
750  * look at two things:
751  *
752  * What privileges have been added, which we calculate by extracting all
753  * the current privileges (using the set of default privileges for the
754  * object type if current privileges are NULL) and then removing those
755  * which existed at creation time (again, using the set of default
756  * privileges for the object type if there were no creation time
757  * privileges).
758  *
759  * What privileges have been removed, which we calculate by extracting the
760  * privileges as they were at creation time (or the default privileges, as
761  * above), and then removing the current privileges (or the default
762  * privileges, if current privileges are NULL).
763  *
764  * As a good cross-check, both directions of these checks should result in
765  * the empty set if both the current ACL and the initial privs are NULL
766  * (meaning, in practice, that the default ACLs were there at init time
767  * and is what the current privileges are).
768  *
769  * We always perform this delta on all ACLs and expect that by the time
770  * these are run the initial privileges will be in place, even in a binary
771  * upgrade situation (see below).
772  *
773  * Finally, the order in which privileges are in the ACL string (the order
774  * they been GRANT'd in, which the backend maintains) must be preserved to
775  * ensure that GRANTs WITH GRANT OPTION and subsequent GRANTs based on
776  * those are dumped in the correct order.
777  */
778  printfPQExpBuffer(acl_subquery,
779  "(SELECT pg_catalog.array_agg(acl ORDER BY row_n) FROM "
780  "(SELECT acl, row_n FROM "
781  "pg_catalog.unnest(coalesce(%s,pg_catalog.acldefault(%s,%s))) "
782  "WITH ORDINALITY AS perm(acl,row_n) "
783  "WHERE NOT EXISTS ( "
784  "SELECT 1 FROM "
785  "pg_catalog.unnest(coalesce(pip.initprivs,pg_catalog.acldefault(%s,%s))) "
786  "AS init(init_acl) WHERE acl = init_acl)) as foo)",
787  acl_column,
788  obj_kind,
789  acl_owner,
790  obj_kind,
791  acl_owner);
792 
793  printfPQExpBuffer(racl_subquery,
794  "(SELECT pg_catalog.array_agg(acl ORDER BY row_n) FROM "
795  "(SELECT acl, row_n FROM "
796  "pg_catalog.unnest(coalesce(pip.initprivs,pg_catalog.acldefault(%s,%s))) "
797  "WITH ORDINALITY AS initp(acl,row_n) "
798  "WHERE NOT EXISTS ( "
799  "SELECT 1 FROM "
800  "pg_catalog.unnest(coalesce(%s,pg_catalog.acldefault(%s,%s))) "
801  "AS permp(orig_acl) WHERE acl = orig_acl)) as foo)",
802  obj_kind,
803  acl_owner,
804  acl_column,
805  obj_kind,
806  acl_owner);
807 
808  /*
809  * In binary upgrade mode we don't run the extension script but instead
810  * dump out the objects independently and then recreate them. To preserve
811  * the initial privileges which were set on extension objects, we need to
812  * grab the set of GRANT and REVOKE commands necessary to get from the
813  * default privileges of an object to the initial privileges as recorded
814  * in pg_init_privs.
815  *
816  * These will then be run ahead of the regular ACL commands, which were
817  * calculated using the queries above, inside of a block which sets a flag
818  * to indicate that the backend should record the results of these GRANT
819  * and REVOKE statements into pg_init_privs. This is how we preserve the
820  * contents of that catalog across binary upgrades.
821  */
822  if (binary_upgrade)
823  {
824  printfPQExpBuffer(init_acl_subquery,
825  "CASE WHEN privtype = 'e' THEN "
826  "(SELECT pg_catalog.array_agg(acl ORDER BY row_n) FROM "
827  "(SELECT acl, row_n FROM pg_catalog.unnest(pip.initprivs) "
828  "WITH ORDINALITY AS initp(acl,row_n) "
829  "WHERE NOT EXISTS ( "
830  "SELECT 1 FROM "
831  "pg_catalog.unnest(pg_catalog.acldefault(%s,%s)) "
832  "AS privm(orig_acl) WHERE acl = orig_acl)) as foo) END",
833  obj_kind,
834  acl_owner);
835 
836  printfPQExpBuffer(init_racl_subquery,
837  "CASE WHEN privtype = 'e' THEN "
838  "(SELECT pg_catalog.array_agg(acl) FROM "
839  "(SELECT acl, row_n FROM "
840  "pg_catalog.unnest(pg_catalog.acldefault(%s,%s)) "
841  "WITH ORDINALITY AS privp(acl,row_n) "
842  "WHERE NOT EXISTS ( "
843  "SELECT 1 FROM pg_catalog.unnest(pip.initprivs) "
844  "AS initp(init_acl) WHERE acl = init_acl)) as foo) END",
845  obj_kind,
846  acl_owner);
847  }
848  else
849  {
850  printfPQExpBuffer(init_acl_subquery, "NULL");
851  printfPQExpBuffer(init_racl_subquery, "NULL");
852  }
853 }
void printfPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:237
static int binary_upgrade
Definition: pg_dumpall.c:67

◆ buildDefaultACLCommands()

bool buildDefaultACLCommands ( const char *  type,
const char *  nspname,
const char *  acls,
const char *  racls,
const char *  initacls,
const char *  initracls,
const char *  owner,
int  remoteVersion,
PQExpBuffer  sql 
)

Definition at line 404 of file dumputils.c.

References appendPQExpBuffer(), appendPQExpBufferStr(), buildACLCommands(), createPQExpBuffer(), PQExpBufferData::data, destroyPQExpBuffer(), and fmtId().

Referenced by dumpDefaultACL().

410 {
411  PQExpBuffer prefix;
412 
413  prefix = createPQExpBuffer();
414 
415  /*
416  * We incorporate the target role directly into the command, rather than
417  * playing around with SET ROLE or anything like that. This is so that a
418  * permissions error leads to nothing happening, rather than changing
419  * default privileges for the wrong user.
420  */
421  appendPQExpBuffer(prefix, "ALTER DEFAULT PRIVILEGES FOR ROLE %s ",
422  fmtId(owner));
423  if (nspname)
424  appendPQExpBuffer(prefix, "IN SCHEMA %s ", fmtId(nspname));
425 
426  if (strlen(initacls) != 0 || strlen(initracls) != 0)
427  {
428  appendPQExpBufferStr(sql, "SELECT pg_catalog.binary_upgrade_set_record_init_privs(true);\n");
429  if (!buildACLCommands("", NULL, NULL, type,
430  initacls, initracls, owner,
431  prefix->data, remoteVersion, sql))
432  {
433  destroyPQExpBuffer(prefix);
434  return false;
435  }
436  appendPQExpBufferStr(sql, "SELECT pg_catalog.binary_upgrade_set_record_init_privs(false);\n");
437  }
438 
439  if (!buildACLCommands("", NULL, NULL, type,
440  acls, racls, owner,
441  prefix->data, remoteVersion, sql))
442  {
443  destroyPQExpBuffer(prefix);
444  return false;
445  }
446 
447  destroyPQExpBuffer(prefix);
448 
449  return true;
450 }
const char * fmtId(const char *rawid)
Definition: string_utils.c:64
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
void destroyPQExpBuffer(PQExpBuffer str)
Definition: pqexpbuffer.c:116
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
PQExpBuffer createPQExpBuffer(void)
Definition: pqexpbuffer.c:74
bool buildACLCommands(const char *name, const char *subname, const char *nspname, const char *type, const char *acls, const char *racls, const char *owner, const char *prefix, int remoteVersion, PQExpBuffer sql)
Definition: dumputils.c:58

◆ buildShSecLabelQuery()

void buildShSecLabelQuery ( PGconn conn,
const char *  catalog_name,
Oid  objectId,
PQExpBuffer  sql 
)

Definition at line 688 of file dumputils.c.

References appendPQExpBuffer().

Referenced by buildShSecLabels(), and dumpDatabase().

690 {
691  appendPQExpBuffer(sql,
692  "SELECT provider, label FROM pg_catalog.pg_shseclabel "
693  "WHERE classoid = 'pg_catalog.%s'::pg_catalog.regclass "
694  "AND objoid = '%u'", catalog_name, objectId);
695 }
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267

◆ copyAclUserName()

static char * copyAclUserName ( PQExpBuffer  output,
char *  input 
)
static

Definition at line 629 of file dumputils.c.

References appendPQExpBufferChar(), and resetPQExpBuffer().

Referenced by parseAclItem().

630 {
631  resetPQExpBuffer(output);
632 
633  while (*input && *input != '=')
634  {
635  /*
636  * If user name isn't quoted, then just add it to the output buffer
637  */
638  if (*input != '"')
639  appendPQExpBufferChar(output, *input++);
640  else
641  {
642  /* Otherwise, it's a quoted username */
643  input++;
644  /* Loop until we come across an unescaped quote */
645  while (!(*input == '"' && *(input + 1) != '"'))
646  {
647  if (*input == '\0')
648  return input; /* really a syntax error... */
649 
650  /*
651  * Quoting convention is to escape " as "". Keep this code in
652  * sync with putid() in backend's acl.c.
653  */
654  if (*input == '"' && *(input + 1) == '"')
655  input++;
656  appendPQExpBufferChar(output, *input++);
657  }
658  input++;
659  }
660  }
661  return input;
662 }
void appendPQExpBufferChar(PQExpBuffer str, char ch)
Definition: pqexpbuffer.c:380
void resetPQExpBuffer(PQExpBuffer str)
Definition: pqexpbuffer.c:148

◆ emitShSecLabels()

void emitShSecLabels ( PGconn conn,
PGresult res,
PQExpBuffer  buffer,
const char *  objtype,
const char *  objname 
)

Definition at line 706 of file dumputils.c.

References appendPQExpBuffer(), appendPQExpBufferStr(), appendStringLiteralConn(), fmtId(), i, label, PQgetvalue(), PQntuples(), and provider.

Referenced by buildShSecLabels(), and dumpDatabase().

708 {
709  int i;
710 
711  for (i = 0; i < PQntuples(res); i++)
712  {
713  char *provider = PQgetvalue(res, i, 0);
714  char *label = PQgetvalue(res, i, 1);
715 
716  /* must use fmtId result before calling it again */
717  appendPQExpBuffer(buffer,
718  "SECURITY LABEL FOR %s ON %s",
719  fmtId(provider), objtype);
720  appendPQExpBuffer(buffer,
721  " %s IS ",
722  fmtId(objname));
723  appendStringLiteralConn(buffer, label, conn);
724  appendPQExpBufferStr(buffer, ";\n");
725  }
726 }
char * PQgetvalue(const PGresult *res, int tup_num, int field_num)
Definition: fe-exec.c:3163
const char * fmtId(const char *rawid)
Definition: string_utils.c:64
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
int PQntuples(const PGresult *res)
Definition: fe-exec.c:2769
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
static JitProviderCallbacks provider
Definition: jit.c:43
static char * label
void appendStringLiteralConn(PQExpBuffer buf, const char *str, PGconn *conn)
Definition: string_utils.c:293
int i

◆ makeAlterConfigCommand()

void makeAlterConfigCommand ( PGconn conn,
const char *  configitem,
const char *  type,
const char *  name,
const char *  type2,
const char *  name2,
PQExpBuffer  buf 
)

Definition at line 999 of file dumputils.c.

References appendPQExpBuffer(), appendPQExpBufferStr(), appendStringLiteralConn(), fmtId(), pg_free(), pg_strdup(), SplitGUCList(), and variable_is_guc_list_quote().

Referenced by dumpDatabaseConfig(), and dumpUserConfig().

1003 {
1004  char *mine;
1005  char *pos;
1006 
1007  /* Parse the configitem. If we can't find an "=", silently do nothing. */
1008  mine = pg_strdup(configitem);
1009  pos = strchr(mine, '=');
1010  if (pos == NULL)
1011  {
1012  pg_free(mine);
1013  return;
1014  }
1015  *pos++ = '\0';
1016 
1017  /* Build the command, with suitable quoting for everything. */
1018  appendPQExpBuffer(buf, "ALTER %s %s ", type, fmtId(name));
1019  if (type2 != NULL && name2 != NULL)
1020  appendPQExpBuffer(buf, "IN %s %s ", type2, fmtId(name2));
1021  appendPQExpBuffer(buf, "SET %s TO ", fmtId(mine));
1022 
1023  /*
1024  * Variables that are marked GUC_LIST_QUOTE were already fully quoted by
1025  * flatten_set_variable_args() before they were put into the setconfig
1026  * array. However, because the quoting rules used there aren't exactly
1027  * like SQL's, we have to break the list value apart and then quote the
1028  * elements as string literals. (The elements may be double-quoted as-is,
1029  * but we can't just feed them to the SQL parser; it would do the wrong
1030  * thing with elements that are zero-length or longer than NAMEDATALEN.)
1031  *
1032  * Variables that are not so marked should just be emitted as simple
1033  * string literals. If the variable is not known to
1034  * variable_is_guc_list_quote(), we'll do that; this makes it unsafe to
1035  * use GUC_LIST_QUOTE for extension variables.
1036  */
1037  if (variable_is_guc_list_quote(mine))
1038  {
1039  char **namelist;
1040  char **nameptr;
1041 
1042  /* Parse string into list of identifiers */
1043  /* this shouldn't fail really */
1044  if (SplitGUCList(pos, ',', &namelist))
1045  {
1046  for (nameptr = namelist; *nameptr; nameptr++)
1047  {
1048  if (nameptr != namelist)
1049  appendPQExpBufferStr(buf, ", ");
1050  appendStringLiteralConn(buf, *nameptr, conn);
1051  }
1052  }
1053  pg_free(namelist);
1054  }
1055  else
1056  appendStringLiteralConn(buf, pos, conn);
1057 
1058  appendPQExpBufferStr(buf, ";\n");
1059 
1060  pg_free(mine);
1061 }
const char * fmtId(const char *rawid)
Definition: string_utils.c:64
bool variable_is_guc_list_quote(const char *name)
Definition: dumputils.c:866
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
bool SplitGUCList(char *rawstring, char separator, char ***namelist)
Definition: dumputils.c:899
char * pg_strdup(const char *in)
Definition: fe_memutils.c:85
void pg_free(void *ptr)
Definition: fe_memutils.c:105
const char * name
Definition: encode.c:521
void appendStringLiteralConn(PQExpBuffer buf, const char *str, PGconn *conn)
Definition: string_utils.c:293

◆ parseAclItem()

static bool parseAclItem ( const char *  item,
const char *  type,
const char *  name,
const char *  subname,
int  remoteVersion,
PQExpBuffer  grantee,
PQExpBuffer  grantor,
PQExpBuffer  privs,
PQExpBuffer  privswgo 
)
static

Definition at line 472 of file dumputils.c.

References appendPQExpBuffer(), buf, CONVERT_PRIV, copyAclUserName(), pg_free(), pg_strdup(), printfPQExpBuffer(), and resetPQExpBuffer().

Referenced by buildACLCommands().

476 {
477  char *buf;
478  bool all_with_go = true;
479  bool all_without_go = true;
480  char *eqpos;
481  char *slpos;
482  char *pos;
483 
484  buf = pg_strdup(item);
485 
486  /* user or group name is string up to = */
487  eqpos = copyAclUserName(grantee, buf);
488  if (*eqpos != '=')
489  {
490  pg_free(buf);
491  return false;
492  }
493 
494  /* grantor should appear after / */
495  slpos = strchr(eqpos + 1, '/');
496  if (slpos)
497  {
498  *slpos++ = '\0';
499  slpos = copyAclUserName(grantor, slpos);
500  if (*slpos != '\0')
501  {
502  pg_free(buf);
503  return false;
504  }
505  }
506  else
507  {
508  pg_free(buf);
509  return false;
510  }
511 
512  /* privilege codes */
513 #define CONVERT_PRIV(code, keywd) \
514 do { \
515  if ((pos = strchr(eqpos + 1, code))) \
516  { \
517  if (*(pos + 1) == '*') \
518  { \
519  AddAcl(privswgo, keywd, subname); \
520  all_without_go = false; \
521  } \
522  else \
523  { \
524  AddAcl(privs, keywd, subname); \
525  all_with_go = false; \
526  } \
527  } \
528  else \
529  all_with_go = all_without_go = false; \
530 } while (0)
531 
532  resetPQExpBuffer(privs);
533  resetPQExpBuffer(privswgo);
534 
535  if (strcmp(type, "TABLE") == 0 || strcmp(type, "SEQUENCE") == 0 ||
536  strcmp(type, "TABLES") == 0 || strcmp(type, "SEQUENCES") == 0)
537  {
538  CONVERT_PRIV('r', "SELECT");
539 
540  if (strcmp(type, "SEQUENCE") == 0 ||
541  strcmp(type, "SEQUENCES") == 0)
542  /* sequence only */
543  CONVERT_PRIV('U', "USAGE");
544  else
545  {
546  /* table only */
547  CONVERT_PRIV('a', "INSERT");
548  CONVERT_PRIV('x', "REFERENCES");
549  /* rest are not applicable to columns */
550  if (subname == NULL)
551  {
552  CONVERT_PRIV('d', "DELETE");
553  CONVERT_PRIV('t', "TRIGGER");
554  if (remoteVersion >= 80400)
555  CONVERT_PRIV('D', "TRUNCATE");
556  }
557  }
558 
559  /* UPDATE */
560  CONVERT_PRIV('w', "UPDATE");
561  }
562  else if (strcmp(type, "FUNCTION") == 0 ||
563  strcmp(type, "FUNCTIONS") == 0)
564  CONVERT_PRIV('X', "EXECUTE");
565  else if (strcmp(type, "PROCEDURE") == 0 ||
566  strcmp(type, "PROCEDURES") == 0)
567  CONVERT_PRIV('X', "EXECUTE");
568  else if (strcmp(type, "LANGUAGE") == 0)
569  CONVERT_PRIV('U', "USAGE");
570  else if (strcmp(type, "SCHEMA") == 0 ||
571  strcmp(type, "SCHEMAS") == 0)
572  {
573  CONVERT_PRIV('C', "CREATE");
574  CONVERT_PRIV('U', "USAGE");
575  }
576  else if (strcmp(type, "DATABASE") == 0)
577  {
578  CONVERT_PRIV('C', "CREATE");
579  CONVERT_PRIV('c', "CONNECT");
580  CONVERT_PRIV('T', "TEMPORARY");
581  }
582  else if (strcmp(type, "TABLESPACE") == 0)
583  CONVERT_PRIV('C', "CREATE");
584  else if (strcmp(type, "TYPE") == 0 ||
585  strcmp(type, "TYPES") == 0)
586  CONVERT_PRIV('U', "USAGE");
587  else if (strcmp(type, "FOREIGN DATA WRAPPER") == 0)
588  CONVERT_PRIV('U', "USAGE");
589  else if (strcmp(type, "FOREIGN SERVER") == 0)
590  CONVERT_PRIV('U', "USAGE");
591  else if (strcmp(type, "FOREIGN TABLE") == 0)
592  CONVERT_PRIV('r', "SELECT");
593  else if (strcmp(type, "LARGE OBJECT") == 0)
594  {
595  CONVERT_PRIV('r', "SELECT");
596  CONVERT_PRIV('w', "UPDATE");
597  }
598  else
599  abort();
600 
601 #undef CONVERT_PRIV
602 
603  if (all_with_go)
604  {
605  resetPQExpBuffer(privs);
606  printfPQExpBuffer(privswgo, "ALL");
607  if (subname)
608  appendPQExpBuffer(privswgo, "(%s)", subname);
609  }
610  else if (all_without_go)
611  {
612  resetPQExpBuffer(privswgo);
613  printfPQExpBuffer(privs, "ALL");
614  if (subname)
615  appendPQExpBuffer(privs, "(%s)", subname);
616  }
617 
618  pg_free(buf);
619 
620  return true;
621 }
void printfPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:237
NameData subname
static char * copyAclUserName(PQExpBuffer output, char *input)
Definition: dumputils.c:629
#define CONVERT_PRIV(code, keywd)
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
static char * buf
Definition: pg_test_fsync.c:67
char * pg_strdup(const char *in)
Definition: fe_memutils.c:85
void pg_free(void *ptr)
Definition: fe_memutils.c:105
void resetPQExpBuffer(PQExpBuffer str)
Definition: pqexpbuffer.c:148

◆ SplitGUCList()

bool SplitGUCList ( char *  rawstring,
char  separator,
char ***  namelist 
)

Definition at line 899 of file dumputils.c.

References memmove, and pg_malloc().

Referenced by makeAlterConfigCommand().

901 {
902  char *nextp = rawstring;
903  bool done = false;
904  char **nextptr;
905 
906  /*
907  * Since we disallow empty identifiers, this is a conservative
908  * overestimate of the number of pointers we could need. Allow one for
909  * list terminator.
910  */
911  *namelist = nextptr = (char **)
912  pg_malloc((strlen(rawstring) / 2 + 2) * sizeof(char *));
913  *nextptr = NULL;
914 
915  while (isspace((unsigned char) *nextp))
916  nextp++; /* skip leading whitespace */
917 
918  if (*nextp == '\0')
919  return true; /* allow empty string */
920 
921  /* At the top of the loop, we are at start of a new identifier. */
922  do
923  {
924  char *curname;
925  char *endp;
926 
927  if (*nextp == '"')
928  {
929  /* Quoted name --- collapse quote-quote pairs */
930  curname = nextp + 1;
931  for (;;)
932  {
933  endp = strchr(nextp + 1, '"');
934  if (endp == NULL)
935  return false; /* mismatched quotes */
936  if (endp[1] != '"')
937  break; /* found end of quoted name */
938  /* Collapse adjacent quotes into one quote, and look again */
939  memmove(endp, endp + 1, strlen(endp));
940  nextp = endp;
941  }
942  /* endp now points at the terminating quote */
943  nextp = endp + 1;
944  }
945  else
946  {
947  /* Unquoted name --- extends to separator or whitespace */
948  curname = nextp;
949  while (*nextp && *nextp != separator &&
950  !isspace((unsigned char) *nextp))
951  nextp++;
952  endp = nextp;
953  if (curname == nextp)
954  return false; /* empty unquoted name not allowed */
955  }
956 
957  while (isspace((unsigned char) *nextp))
958  nextp++; /* skip trailing whitespace */
959 
960  if (*nextp == separator)
961  {
962  nextp++;
963  while (isspace((unsigned char) *nextp))
964  nextp++; /* skip leading whitespace for next */
965  /* we expect another name, so done remains false */
966  }
967  else if (*nextp == '\0')
968  done = true;
969  else
970  return false; /* invalid syntax */
971 
972  /* Now safe to overwrite separator with a null */
973  *endp = '\0';
974 
975  /*
976  * Finished isolating current name --- add it to output array
977  */
978  *nextptr++ = curname;
979 
980  /* Loop back if we didn't reach end of string */
981  } while (!done);
982 
983  *nextptr = NULL;
984  return true;
985 }
void * pg_malloc(size_t size)
Definition: fe_memutils.c:47
#define memmove(d, s, c)
Definition: c.h:1267

◆ variable_is_guc_list_quote()

bool variable_is_guc_list_quote ( const char *  name)

Definition at line 866 of file dumputils.c.

References pg_strcasecmp().

Referenced by dumpFunc(), and makeAlterConfigCommand().

867 {
868  if (pg_strcasecmp(name, "temp_tablespaces") == 0 ||
869  pg_strcasecmp(name, "session_preload_libraries") == 0 ||
870  pg_strcasecmp(name, "shared_preload_libraries") == 0 ||
871  pg_strcasecmp(name, "local_preload_libraries") == 0 ||
872  pg_strcasecmp(name, "search_path") == 0)
873  return true;
874  else
875  return false;
876 }
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
const char * name
Definition: encode.c:521