search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix a few errors in comments. Patch by Fujii Masao, plus the one in
[PostgreSQL.git] / src / bin / scripts / createuser.c
blobb2af4155fe257995fe283633566b39962862b874
1 /*-------------------------------------------------------------------------
2 *
3 * createuser
4 *
5 * Portions Copyright (c) 1996-2009, PostgreSQL Global Development Group
6 * Portions Copyright (c) 1994, Regents of the University of California
7 *
8 * $PostgreSQL$
9 *
10 *-------------------------------------------------------------------------
11 */
12
13 #include "postgres_fe.h"
14 #include "common.h"
15 #include "dumputils.h"
16
17
18 static void help(const char *progname);
19
20 int
21 main(int argc, char *argv[])
22 {
23 static struct option long_options[] = {
24 {"host", required_argument, NULL, 'h'},
25 {"port", required_argument, NULL, 'p'},
26 {"username", required_argument, NULL, 'U'},
27 {"no-password", no_argument, NULL, 'w'},
28 {"password", no_argument, NULL, 'W'},
29 {"echo", no_argument, NULL, 'e'},
30 {"createdb", no_argument, NULL, 'd'},
31 {"no-createdb", no_argument, NULL, 'D'},
32 {"superuser", no_argument, NULL, 's'},
33 {"no-superuser", no_argument, NULL, 'S'},
34 {"createrole", no_argument, NULL, 'r'},
35 {"no-createrole", no_argument, NULL, 'R'},
36 {"inherit", no_argument, NULL, 'i'},
37 {"no-inherit", no_argument, NULL, 'I'},
38 {"login", no_argument, NULL, 'l'},
39 {"no-login", no_argument, NULL, 'L'},
40 /* adduser is obsolete, undocumented spelling of superuser */
41 {"adduser", no_argument, NULL, 'a'},
42 {"no-adduser", no_argument, NULL, 'A'},
43 {"connection-limit", required_argument, NULL, 'c'},
44 {"pwprompt", no_argument, NULL, 'P'},
45 {"encrypted", no_argument, NULL, 'E'},
46 {"unencrypted", no_argument, NULL, 'N'},
47 {NULL, 0, NULL, 0}
48 };
49
50 const char *progname;
51 int optindex;
52 int c;
53 char *newuser = NULL;
54 char *host = NULL;
55 char *port = NULL;
56 char *username = NULL;
57 enum trivalue prompt_password = TRI_DEFAULT;
58 bool echo = false;
59 char *conn_limit = NULL;
60 bool pwprompt = false;
61 char *newpassword = NULL;
62
63 /* Tri-valued variables. */
64 enum trivalue createdb = TRI_DEFAULT,
65 superuser = TRI_DEFAULT,
66 createrole = TRI_DEFAULT,
67 inherit = TRI_DEFAULT,
68 login = TRI_DEFAULT,
69 encrypted = TRI_DEFAULT;
70
71 PQExpBufferData sql;
72
73 PGconn *conn;
74 PGresult *result;
75
76 progname = get_progname(argv[0]);
77 set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("pgscripts"));
78
79 handle_help_version_opts(argc, argv, "createuser", help);
80
81 while ((c = getopt_long(argc, argv, "h:p:U:wWedDsSaArRiIlLc:PEN",
82 long_options, &optindex)) != -1)
83 {
84 switch (c)
85 {
86 case 'h':
87 host = optarg;
88 break;
89 case 'p':
90 port = optarg;
91 break;
92 case 'U':
93 username = optarg;
94 break;
95 case 'w':
96 prompt_password = TRI_NO;
97 break;
98 case 'W':
99 prompt_password = TRI_YES;
100 break;
101 case 'e':
102 echo = true;
103 break;
104 case 'd':
105 createdb = TRI_YES;
106 break;
107 case 'D':
108 createdb = TRI_NO;
109 break;
110 case 's':
111 case 'a':
112 superuser = TRI_YES;
113 break;
114 case 'S':
115 case 'A':
116 superuser = TRI_NO;
117 break;
118 case 'r':
119 createrole = TRI_YES;
120 break;
121 case 'R':
122 createrole = TRI_NO;
123 break;
124 case 'i':
125 inherit = TRI_YES;
126 break;
127 case 'I':
128 inherit = TRI_NO;
129 break;
130 case 'l':
131 login = TRI_YES;
132 break;
133 case 'L':
134 login = TRI_NO;
135 break;
136 case 'c':
137 conn_limit = optarg;
138 break;
139 case 'P':
140 pwprompt = true;
141 break;
142 case 'E':
143 encrypted = TRI_YES;
144 break;
145 case 'N':
146 encrypted = TRI_NO;
147 break;
148 default:
149 fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname);
150 exit(1);
151 }
152 }
153
154 switch (argc - optind)
155 {
156 case 0:
157 break;
158 case 1:
159 newuser = argv[optind];
160 break;
161 default:
162 fprintf(stderr, _("%s: too many command-line arguments (first is \"%s\")\n"),
163 progname, argv[optind + 1]);
164 fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname);
165 exit(1);
166 }
167
168 if (newuser == NULL)
169 newuser = simple_prompt("Enter name of role to add: ", 128, true);
170
171 if (pwprompt)
172 {
173 char *pw1,
174 *pw2;
175
176 pw1 = simple_prompt("Enter password for new role: ", 100, false);
177 pw2 = simple_prompt("Enter it again: ", 100, false);
178 if (strcmp(pw1, pw2) != 0)
179 {
180 fprintf(stderr, _("Passwords didn't match.\n"));
181 exit(1);
182 }
183 newpassword = pw1;
184 free(pw2);
185 }
186
187 if (superuser == 0)
188 {
189 if (yesno_prompt("Shall the new role be a superuser?"))
190 superuser = TRI_YES;
191 else
192 superuser = TRI_NO;
193 }
194
195 if (superuser == TRI_YES)
196 {
197 /* Not much point in trying to restrict a superuser */
198 createdb = TRI_YES;
199 createrole = TRI_YES;
200 }
201
202 if (createdb == 0)
203 {
204 if (yesno_prompt("Shall the new role be allowed to create databases?"))
205 createdb = TRI_YES;
206 else
207 createdb = TRI_NO;
208 }
209
210 if (createrole == 0)
211 {
212 if (yesno_prompt("Shall the new role be allowed to create more new roles?"))
213 createrole = TRI_YES;
214 else
215 createrole = TRI_NO;
216 }
217
218 if (inherit == 0)
219 inherit = TRI_YES;
220
221 if (login == 0)
222 login = TRI_YES;
223
224 conn = connectDatabase("postgres", host, port, username, prompt_password, progname);
225
226 initPQExpBuffer(&sql);
227
228 printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));
229 if (newpassword)
230 {
231 if (encrypted == TRI_YES)
232 appendPQExpBuffer(&sql, " ENCRYPTED");
233 if (encrypted == TRI_NO)
234 appendPQExpBuffer(&sql, " UNENCRYPTED");
235 appendPQExpBuffer(&sql, " PASSWORD ");
236
237 if (encrypted != TRI_NO)
238 {
239 char *encrypted_password;
240
241 encrypted_password = PQencryptPassword(newpassword,
242 newuser);
243 if (!encrypted_password)
244 {
245 fprintf(stderr, _("Password encryption failed.\n"));
246 exit(1);
247 }
248 appendStringLiteralConn(&sql, encrypted_password, conn);
249 PQfreemem(encrypted_password);
250 }
251 else
252 appendStringLiteralConn(&sql, newpassword, conn);
253 }
254 if (superuser == TRI_YES)
255 appendPQExpBuffer(&sql, " SUPERUSER");
256 if (superuser == TRI_NO)
257 appendPQExpBuffer(&sql, " NOSUPERUSER");
258 if (createdb == TRI_YES)
259 appendPQExpBuffer(&sql, " CREATEDB");
260 if (createdb == TRI_NO)
261 appendPQExpBuffer(&sql, " NOCREATEDB");
262 if (createrole == TRI_YES)
263 appendPQExpBuffer(&sql, " CREATEROLE");
264 if (createrole == TRI_NO)
265 appendPQExpBuffer(&sql, " NOCREATEROLE");
266 if (inherit == TRI_YES)
267 appendPQExpBuffer(&sql, " INHERIT");
268 if (inherit == TRI_NO)
269 appendPQExpBuffer(&sql, " NOINHERIT");
270 if (login == TRI_YES)
271 appendPQExpBuffer(&sql, " LOGIN");
272 if (login == TRI_NO)
273 appendPQExpBuffer(&sql, " NOLOGIN");
274 if (conn_limit != NULL)
275 appendPQExpBuffer(&sql, " CONNECTION LIMIT %s", conn_limit);
276 appendPQExpBuffer(&sql, ";\n");
277
278 if (echo)
279 printf("%s", sql.data);
280 result = PQexec(conn, sql.data);
281
282 if (PQresultStatus(result) != PGRES_COMMAND_OK)
283 {
284 fprintf(stderr, _("%s: creation of new role failed: %s"),
285 progname, PQerrorMessage(conn));
286 PQfinish(conn);
287 exit(1);
288 }
289
290 PQclear(result);
291 PQfinish(conn);
292 exit(0);
293 }
294
295
296 static void
297 help(const char *progname)
298 {
299 printf(_("%s creates a new PostgreSQL role.\n\n"), progname);
300 printf(_("Usage:\n"));
301 printf(_(" %s [OPTION]... [ROLENAME]\n"), progname);
302 printf(_("\nOptions:\n"));
303 printf(_(" -c, --connection-limit=N connection limit for role (default: no limit)\n"));
304 printf(_(" -d, --createdb role can create new databases\n"));
305 printf(_(" -D, --no-createdb role cannot create databases\n"));
306 printf(_(" -e, --echo show the commands being sent to the server\n"));
307 printf(_(" -E, --encrypted encrypt stored password\n"));
308 printf(_(" -i, --inherit role inherits privileges of roles it is a\n"
309 " member of (default)\n"));
310 printf(_(" -I, --no-inherit role does not inherit privileges\n"));
311 printf(_(" -l, --login role can login (default)\n"));
312 printf(_(" -L, --no-login role cannot login\n"));
313 printf(_(" -N, --unencrypted do not encrypt stored password\n"));
314 printf(_(" -P, --pwprompt assign a password to new role\n"));
315 printf(_(" -r, --createrole role can create new roles\n"));
316 printf(_(" -R, --no-createrole role cannot create roles\n"));
317 printf(_(" -s, --superuser role will be superuser\n"));
318 printf(_(" -S, --no-superuser role will not be superuser\n"));
319 printf(_(" --help show this help, then exit\n"));
320 printf(_(" --version output version information, then exit\n"));
321 printf(_("\nConnection options:\n"));
322 printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
323 printf(_(" -p, --port=PORT database server port\n"));
324 printf(_(" -U, --username=USERNAME user name to connect as (not the one to create)\n"));
325 printf(_(" -w, --no-password never prompt for password\n"));
326 printf(_(" -W, --password force password prompt\n"));
327 printf(_("\nIf one of -d, -D, -r, -R, -s, -S, and ROLENAME is not specified, you will\n"
328 "be prompted interactively.\n"));
329 printf(_("\nReport bugs to <pgsql-bugs@postgresql.org>.\n"));
330 }
PostgreSQL from CVS