1
0
mirror of https://github.com/postgres/postgres.git synced 2025-07-27 12:41:57 +03:00

createuser: Add support for more clause types through new options

The following options are added to createuser:
* --valid-until to generate a VALID UNTIL clause for the role created.
* --bypassrls/--no-bypassrls for BYPASSRLS/NOBYPASSRLS.
* -m/--member to make the new role a member of an existing role, with an
extra ROLE clause generated.  The clause generated overlaps with
-g/--role, but per discussion this was the most popular choice as option
name.
* -a/--admin for the addition of an ADMIN clause.

These option names are chosen to be completely new, so as they do not
impact anybody relying on the existing option set.  Tests are added for
the new options and extended a bit, while on it, to cover more patterns
where quotes are added to various elements of the query generated.

Author: Shinya Kato
Reviewed-by: Nathan Bossart, Daniel Gustafsson, Robert Haas, Kyotaro
Horiguchi, David G. Johnston, Przemysław Sztoch
Discussion: https://postgr.es/m/69a9851035cf0f0477bcc5d742b031a3@oss.nttdata.com
This commit is contained in:
Michael Paquier
2022-07-13 12:21:20 +09:00
parent c23e3e6beb
commit 08951a7c93
3 changed files with 156 additions and 4 deletions

View File

@ -76,6 +76,20 @@ PostgreSQL documentation
</listitem>
</varlistentry>
<varlistentry>
<term><option>-a <replaceable class="parameter">role</replaceable></option></term>
<term><option>--admin=<replaceable class="parameter">role</replaceable></option></term>
<listitem>
<para>
Indicates role that will be immediately added as a member of the new
role with admin option, giving it the right to grant membership in the
new role to others. Multiple roles to add as members (with admin
option) of the new role can be specified by writing multiple
<option>-a</option> switches.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-c <replaceable class="parameter">number</replaceable></option></term>
<term><option>--connection-limit=<replaceable class="parameter">number</replaceable></option></term>
@ -204,6 +218,18 @@ PostgreSQL documentation
</listitem>
</varlistentry>
<varlistentry>
<term><option>-m <replaceable class="parameter">role</replaceable></option></term>
<term><option>--member=<replaceable class="parameter">role</replaceable></option></term>
<listitem>
<para>
Indicates role that will be immediately added as a member of the new
role. Multiple roles to add as members of the new role can be specified
by writing multiple <option>-m</option> switches.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-P</option></term>
<term><option>--pwprompt</option></term>
@ -258,6 +284,17 @@ PostgreSQL documentation
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v <replaceable class="parameter">timestamp</replaceable></option></term>
<term><option>--valid-until=<replaceable class="parameter">timestamp</replaceable></option></term>
<listitem>
<para>
Set a date and time after which the role's password is no longer valid.
The default is to set no password expiry date.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-V</option></term>
<term><option>--version</option></term>
@ -268,6 +305,25 @@ PostgreSQL documentation
</listitem>
</varlistentry>
<varlistentry>
<term><option>--bypassrls</option></term>
<listitem>
<para>
The new user will bypass every row-level security (RLS) policy.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--no-bypassrls</option></term>
<listitem>
<para>
The new user will not bypass row-level security (RLS) policies. This is
the default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--replication</option></term>
<listitem>