search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix xslt_process() to ensure that it inserts a NULL terminator after the
[PostgreSQL.git] / src / bin / pg_dump / dumputils.c
blob93bd4d42735d7daf8e377c1755731ff9a61f30a7
1 /*-------------------------------------------------------------------------
2 *
3 * Utility routines for SQL dumping
4 * Basically this is stuff that is useful in both pg_dump and pg_dumpall.
5 * Lately it's also being used by psql and bin/scripts/ ...
6 *
7 *
8 * Portions Copyright (c) 1996-2009, PostgreSQL Global Development Group
9 * Portions Copyright (c) 1994, Regents of the University of California
10 *
11 * $PostgreSQL$
12 *
13 *-------------------------------------------------------------------------
14 */
15 #include "postgres_fe.h"
16
17 #include <ctype.h>
18
19 #include "dumputils.h"
20
21 #include "parser/keywords.h"
22
23
24 #define supports_grant_options(version) ((version) >= 70400)
25
26 static bool parseAclItem(const char *item, const char *type,
27 const char *name, const char *subname, int remoteVersion,
28 PQExpBuffer grantee, PQExpBuffer grantor,
29 PQExpBuffer privs, PQExpBuffer privswgo);
30 static char *copyAclUserName(PQExpBuffer output, char *input);
31 static void AddAcl(PQExpBuffer aclbuf, const char *keyword,
32 const char *subname);
33
34 #ifdef WIN32
35 static bool parallel_init_done = false;
36 static DWORD tls_index;
37 #endif
38
39 void
40 init_parallel_dump_utils(void)
41 {
42 #ifdef WIN32
43 if (!parallel_init_done)
44 {
45 tls_index = TlsAlloc();
46 parallel_init_done = true;
47 }
48 #endif
49 }
50
51 /*
52 * Quotes input string if it's not a legitimate SQL identifier as-is.
53 *
54 * Note that the returned string must be used before calling fmtId again,
55 * since we re-use the same return buffer each time. Non-reentrant but
56 * reduces memory leakage. (On Windows the memory leakage will be one buffer
57 * per thread, which is at least better than one per call).
58 */
59 const char *
60 fmtId(const char *rawid)
61 {
62 /*
63 * The Tls code goes awry if we use a static var, so we provide for both
64 * static and auto, and omit any use of the static var when using Tls.
65 */
66 static PQExpBuffer s_id_return = NULL;
67 PQExpBuffer id_return;
68
69 const char *cp;
70 bool need_quotes = false;
71
72 #ifdef WIN32
73 if (parallel_init_done)
74 id_return = (PQExpBuffer) TlsGetValue(tls_index); /* 0 when not set */
75 else
76 id_return = s_id_return;
77 #else
78 id_return = s_id_return;
79 #endif
80
81 if (id_return) /* first time through? */
82 {
83 /* same buffer, just wipe contents */
84 resetPQExpBuffer(id_return);
85 }
86 else
87 {
88 /* new buffer */
89 id_return = createPQExpBuffer();
90 #ifdef WIN32
91 if (parallel_init_done)
92 TlsSetValue(tls_index, id_return);
93 else
94 s_id_return = id_return;
95 #else
96 s_id_return = id_return;
97 #endif
98
99 }
100
101 /*
102 * These checks need to match the identifier production in scan.l. Don't
103 * use islower() etc.
104 */
105 /* slightly different rules for first character */
106 if (!((rawid[0] >= 'a' && rawid[0] <= 'z') || rawid[0] == '_'))
107 need_quotes = true;
108 else
109 {
110 /* otherwise check the entire string */
111 for (cp = rawid; *cp; cp++)
112 {
113 if (!((*cp >= 'a' && *cp <= 'z')
114 || (*cp >= '0' && *cp <= '9')
115 || (*cp == '_')))
116 {
117 need_quotes = true;
118 break;
119 }
120 }
121 }
122
123 if (!need_quotes)
124 {
125 /*
126 * Check for keyword. We quote keywords except for unreserved ones.
127 * (In some cases we could avoid quoting a col_name or type_func_name
128 * keyword, but it seems much harder than it's worth to tell that.)
129 *
130 * Note: ScanKeywordLookup() does case-insensitive comparison, but
131 * that's fine, since we already know we have all-lower-case.
132 */
133 const ScanKeyword *keyword = ScanKeywordLookup(rawid);
134
135 if (keyword != NULL && keyword->category != UNRESERVED_KEYWORD)
136 need_quotes = true;
137 }
138
139 if (!need_quotes)
140 {
141 /* no quoting needed */
142 appendPQExpBufferStr(id_return, rawid);
143 }
144 else
145 {
146 appendPQExpBufferChar(id_return, '\"');
147 for (cp = rawid; *cp; cp++)
148 {
149 /*
150 * Did we find a double-quote in the string? Then make this a
151 * double double-quote per SQL99. Before, we put in a
152 * backslash/double-quote pair. - thomas 2000-08-05
153 */
154 if (*cp == '\"')
155 appendPQExpBufferChar(id_return, '\"');
156 appendPQExpBufferChar(id_return, *cp);
157 }
158 appendPQExpBufferChar(id_return, '\"');
159 }
160
161 return id_return->data;
162 }
163
164
165 /*
166 * Convert a string value to an SQL string literal and append it to
167 * the given buffer. We assume the specified client_encoding and
168 * standard_conforming_strings settings.
169 *
170 * This is essentially equivalent to libpq's PQescapeStringInternal,
171 * except for the output buffer structure. We need it in situations
172 * where we do not have a PGconn available. Where we do,
173 * appendStringLiteralConn is a better choice.
174 */
175 void
176 appendStringLiteral(PQExpBuffer buf, const char *str,
177 int encoding, bool std_strings)
178 {
179 size_t length = strlen(str);
180 const char *source = str;
181 char *target;
182
183 if (!enlargePQExpBuffer(buf, 2 * length + 2))
184 return;
185
186 target = buf->data + buf->len;
187 *target++ = '\'';
188
189 while (*source != '\0')
190 {
191 char c = *source;
192 int len;
193 int i;
194
195 /* Fast path for plain ASCII */
196 if (!IS_HIGHBIT_SET(c))
197 {
198 /* Apply quoting if needed */
199 if (SQL_STR_DOUBLE(c, !std_strings))
200 *target++ = c;
201 /* Copy the character */
202 *target++ = c;
203 source++;
204 continue;
205 }
206
207 /* Slow path for possible multibyte characters */
208 len = PQmblen(source, encoding);
209
210 /* Copy the character */
211 for (i = 0; i < len; i++)
212 {
213 if (*source == '\0')
214 break;
215 *target++ = *source++;
216 }
217
218 /*
219 * If we hit premature end of string (ie, incomplete multibyte
220 * character), try to pad out to the correct length with spaces. We
221 * may not be able to pad completely, but we will always be able to
222 * insert at least one pad space (since we'd not have quoted a
223 * multibyte character). This should be enough to make a string that
224 * the server will error out on.
225 */
226 if (i < len)
227 {
228 char *stop = buf->data + buf->maxlen - 2;
229
230 for (; i < len; i++)
231 {
232 if (target >= stop)
233 break;
234 *target++ = ' ';
235 }
236 break;
237 }
238 }
239
240 /* Write the terminating quote and NUL character. */
241 *target++ = '\'';
242 *target = '\0';
243
244 buf->len = target - buf->data;
245 }
246
247
248 /*
249 * Convert a string value to an SQL string literal and append it to
250 * the given buffer. Encoding and string syntax rules are as indicated
251 * by current settings of the PGconn.
252 */
253 void
254 appendStringLiteralConn(PQExpBuffer buf, const char *str, PGconn *conn)
255 {
256 size_t length = strlen(str);
257
258 /*
259 * XXX This is a kluge to silence escape_string_warning in our utility
260 * programs. It should go away someday.
261 */
262 if (strchr(str, '\\') != NULL && PQserverVersion(conn) >= 80100)
263 {
264 /* ensure we are not adjacent to an identifier */
265 if (buf->len > 0 && buf->data[buf->len - 1] != ' ')
266 appendPQExpBufferChar(buf, ' ');
267 appendPQExpBufferChar(buf, ESCAPE_STRING_SYNTAX);
268 appendStringLiteral(buf, str, PQclientEncoding(conn), false);
269 return;
270 }
271 /* XXX end kluge */
272
273 if (!enlargePQExpBuffer(buf, 2 * length + 2))
274 return;
275 appendPQExpBufferChar(buf, '\'');
276 buf->len += PQescapeStringConn(conn, buf->data + buf->len,
277 str, length, NULL);
278 appendPQExpBufferChar(buf, '\'');
279 }
280
281
282 /*
283 * Convert a string value to a dollar quoted literal and append it to
284 * the given buffer. If the dqprefix parameter is not NULL then the
285 * dollar quote delimiter will begin with that (after the opening $).
286 *
287 * No escaping is done at all on str, in compliance with the rules
288 * for parsing dollar quoted strings. Also, we need not worry about
289 * encoding issues.
290 */
291 void
292 appendStringLiteralDQ(PQExpBuffer buf, const char *str, const char *dqprefix)
293 {
294 static const char suffixes[] = "_XXXXXXX";
295 int nextchar = 0;
296 PQExpBuffer delimBuf = createPQExpBuffer();
297
298 /* start with $ + dqprefix if not NULL */
299 appendPQExpBufferChar(delimBuf, '$');
300 if (dqprefix)
301 appendPQExpBufferStr(delimBuf, dqprefix);
302
303 /*
304 * Make sure we choose a delimiter which (without the trailing $) is not
305 * present in the string being quoted. We don't check with the trailing $
306 * because a string ending in $foo must not be quoted with $foo$.
307 */
308 while (strstr(str, delimBuf->data) != NULL)
309 {
310 appendPQExpBufferChar(delimBuf, suffixes[nextchar++]);
311 nextchar %= sizeof(suffixes) - 1;
312 }
313
314 /* add trailing $ */
315 appendPQExpBufferChar(delimBuf, '$');
316
317 /* quote it and we are all done */
318 appendPQExpBufferStr(buf, delimBuf->data);
319 appendPQExpBufferStr(buf, str);
320 appendPQExpBufferStr(buf, delimBuf->data);
321
322 destroyPQExpBuffer(delimBuf);
323 }
324
325
326 /*
327 * Convert backend's version string into a number.
328 */
329 int
330 parse_version(const char *versionString)
331 {
332 int cnt;
333 int vmaj,
334 vmin,
335 vrev;
336
337 cnt = sscanf(versionString, "%d.%d.%d", &vmaj, &vmin, &vrev);
338
339 if (cnt < 2)
340 return -1;
341
342 if (cnt == 2)
343 vrev = 0;
344
345 return (100 * vmaj + vmin) * 100 + vrev;
346 }
347
348
349 /*
350 * Deconstruct the text representation of a 1-dimensional Postgres array
351 * into individual items.
352 *
353 * On success, returns true and sets *itemarray and *nitems to describe
354 * an array of individual strings. On parse failure, returns false;
355 * *itemarray may exist or be NULL.
356 *
357 * NOTE: free'ing itemarray is sufficient to deallocate the working storage.
358 */
359 bool
360 parsePGArray(const char *atext, char ***itemarray, int *nitems)
361 {
362 int inputlen;
363 char **items;
364 char *strings;
365 int curitem;
366
367 /*
368 * We expect input in the form of "{item,item,item}" where any item is
369 * either raw data, or surrounded by double quotes (in which case embedded
370 * characters including backslashes and quotes are backslashed).
371 *
372 * We build the result as an array of pointers followed by the actual
373 * string data, all in one malloc block for convenience of deallocation.
374 * The worst-case storage need is not more than one pointer and one
375 * character for each input character (consider "{,,,,,,,,,,}").
376 */
377 *itemarray = NULL;
378 *nitems = 0;
379 inputlen = strlen(atext);
380 if (inputlen < 2 || atext[0] != '{' || atext[inputlen - 1] != '}')
381 return false; /* bad input */
382 items = (char **) malloc(inputlen * (sizeof(char *) + sizeof(char)));
383 if (items == NULL)
384 return false; /* out of memory */
385 *itemarray = items;
386 strings = (char *) (items + inputlen);
387
388 atext++; /* advance over initial '{' */
389 curitem = 0;
390 while (*atext != '}')
391 {
392 if (*atext == '\0')
393 return false; /* premature end of string */
394 items[curitem] = strings;
395 while (*atext != '}' && *atext != ',')
396 {
397 if (*atext == '\0')
398 return false; /* premature end of string */
399 if (*atext != '"')
400 *strings++ = *atext++; /* copy unquoted data */
401 else
402 {
403 /* process quoted substring */
404 atext++;
405 while (*atext != '"')
406 {
407 if (*atext == '\0')
408 return false; /* premature end of string */
409 if (*atext == '\\')
410 {
411 atext++;
412 if (*atext == '\0')
413 return false; /* premature end of string */
414 }
415 *strings++ = *atext++; /* copy quoted data */
416 }
417 atext++;
418 }
419 }
420 *strings++ = '\0';
421 if (*atext == ',')
422 atext++;
423 curitem++;
424 }
425 if (atext[1] != '\0')
426 return false; /* bogus syntax (embedded '}') */
427 *nitems = curitem;
428 return true;
429 }
430
431
432 /*
433 * Build GRANT/REVOKE command(s) for an object.
434 *
435 * name: the object name, in the form to use in the commands (already quoted)
436 * subname: the sub-object name, if any (already quoted); NULL if none
437 * type: the object type (as seen in GRANT command: must be one of
438 * TABLE, SEQUENCE, FUNCTION, LANGUAGE, SCHEMA, DATABASE, or TABLESPACE)
439 * acls: the ACL string fetched from the database
440 * owner: username of object owner (will be passed through fmtId); can be
441 * NULL or empty string to indicate "no owner known"
442 * remoteVersion: version of database
443 *
444 * Returns TRUE if okay, FALSE if could not parse the acl string.
445 * The resulting commands (if any) are appended to the contents of 'sql'.
446 *
447 * Note: beware of passing a fmtId() result directly as 'name' or 'subname',
448 * since this routine uses fmtId() internally.
449 */
450 bool
451 buildACLCommands(const char *name, const char *subname,
452 const char *type, const char *acls, const char *owner,
453 int remoteVersion,
454 PQExpBuffer sql)
455 {
456 char **aclitems;
457 int naclitems;
458 int i;
459 PQExpBuffer grantee,
460 grantor,
461 privs,
462 privswgo;
463 PQExpBuffer firstsql,
464 secondsql;
465 bool found_owner_privs = false;
466
467 if (strlen(acls) == 0)
468 return true; /* object has default permissions */
469
470 /* treat empty-string owner same as NULL */
471 if (owner && *owner == '\0')
472 owner = NULL;
473
474 if (!parsePGArray(acls, &aclitems, &naclitems))
475 {
476 if (aclitems)
477 free(aclitems);
478 return false;
479 }
480
481 grantee = createPQExpBuffer();
482 grantor = createPQExpBuffer();
483 privs = createPQExpBuffer();
484 privswgo = createPQExpBuffer();
485
486 /*
487 * At the end, these two will be pasted together to form the result. But
488 * the owner privileges need to go before the other ones to keep the
489 * dependencies valid. In recent versions this is normally the case, but
490 * in old versions they come after the PUBLIC privileges and that results
491 * in problems if we need to run REVOKE on the owner privileges.
492 */
493 firstsql = createPQExpBuffer();
494 secondsql = createPQExpBuffer();
495
496 /*
497 * Always start with REVOKE ALL FROM PUBLIC, so that we don't have to
498 * wire-in knowledge about the default public privileges for different
499 * kinds of objects.
500 */
501 appendPQExpBuffer(firstsql, "REVOKE ALL");
502 if (subname)
503 appendPQExpBuffer(firstsql, "(%s)", subname);
504 appendPQExpBuffer(firstsql, " ON %s %s FROM PUBLIC;\n", type, name);
505
506 /*
507 * We still need some hacking though to cover the case where new default
508 * public privileges are added in new versions: the REVOKE ALL will revoke
509 * them, leading to behavior different from what the old version had,
510 * which is generally not what's wanted. So add back default privs if the
511 * source database is too old to have had that particular priv.
512 */
513 if (remoteVersion < 80200 && strcmp(type, "DATABASE") == 0)
514 {
515 /* database CONNECT priv didn't exist before 8.2 */
516 appendPQExpBuffer(firstsql, "GRANT CONNECT ON %s %s TO PUBLIC;\n",
517 type, name);
518 }
519
520 /* Scan individual ACL items */
521 for (i = 0; i < naclitems; i++)
522 {
523 if (!parseAclItem(aclitems[i], type, name, subname, remoteVersion,
524 grantee, grantor, privs, privswgo))
525 return false;
526
527 if (grantor->len == 0 && owner)
528 printfPQExpBuffer(grantor, "%s", owner);
529
530 if (privs->len > 0 || privswgo->len > 0)
531 {
532 if (owner
533 && strcmp(grantee->data, owner) == 0
534 && strcmp(grantor->data, owner) == 0)
535 {
536 found_owner_privs = true;
537
538 /*
539 * For the owner, the default privilege level is ALL WITH
540 * GRANT OPTION (only ALL prior to 7.4).
541 */
542 if (supports_grant_options(remoteVersion)
543 ? strcmp(privswgo->data, "ALL") != 0
544 : strcmp(privs->data, "ALL") != 0)
545 {
546 appendPQExpBuffer(firstsql, "REVOKE ALL");
547 if (subname)
548 appendPQExpBuffer(firstsql, "(%s)", subname);
549 appendPQExpBuffer(firstsql, " ON %s %s FROM %s;\n",
550 type, name, fmtId(grantee->data));
551 if (privs->len > 0)
552 appendPQExpBuffer(firstsql,
553 "GRANT %s ON %s %s TO %s;\n",
554 privs->data, type, name,
555 fmtId(grantee->data));
556 if (privswgo->len > 0)
557 appendPQExpBuffer(firstsql,
558 "GRANT %s ON %s %s TO %s WITH GRANT OPTION;\n",
559 privswgo->data, type, name,
560 fmtId(grantee->data));
561 }
562 }
563 else
564 {
565 /*
566 * Otherwise can assume we are starting from no privs.
567 */
568 if (grantor->len > 0
569 && (!owner || strcmp(owner, grantor->data) != 0))
570 appendPQExpBuffer(secondsql, "SET SESSION AUTHORIZATION %s;\n",
571 fmtId(grantor->data));
572
573 if (privs->len > 0)
574 {
575 appendPQExpBuffer(secondsql, "GRANT %s ON %s %s TO ",
576 privs->data, type, name);
577 if (grantee->len == 0)
578 appendPQExpBuffer(secondsql, "PUBLIC;\n");
579 else if (strncmp(grantee->data, "group ",
580 strlen("group ")) == 0)
581 appendPQExpBuffer(secondsql, "GROUP %s;\n",
582 fmtId(grantee->data + strlen("group ")));
583 else
584 appendPQExpBuffer(secondsql, "%s;\n", fmtId(grantee->data));
585 }
586 if (privswgo->len > 0)
587 {
588 appendPQExpBuffer(secondsql, "GRANT %s ON %s %s TO ",
589 privswgo->data, type, name);
590 if (grantee->len == 0)
591 appendPQExpBuffer(secondsql, "PUBLIC");
592 else if (strncmp(grantee->data, "group ",
593 strlen("group ")) == 0)
594 appendPQExpBuffer(secondsql, "GROUP %s",
595 fmtId(grantee->data + strlen("group ")));
596 else
597 appendPQExpBuffer(secondsql, "%s", fmtId(grantee->data));
598 appendPQExpBuffer(secondsql, " WITH GRANT OPTION;\n");
599 }
600
601 if (grantor->len > 0
602 && (!owner || strcmp(owner, grantor->data) != 0))
603 appendPQExpBuffer(secondsql, "RESET SESSION AUTHORIZATION;\n");
604 }
605 }
606 }
607
608 /*
609 * If we didn't find any owner privs, the owner must have revoked 'em all
610 */
611 if (!found_owner_privs && owner)
612 {
613 appendPQExpBuffer(firstsql, "REVOKE ALL");
614 if (subname)
615 appendPQExpBuffer(firstsql, "(%s)", subname);
616 appendPQExpBuffer(firstsql, " ON %s %s FROM %s;\n",
617 type, name, fmtId(owner));
618 }
619
620 destroyPQExpBuffer(grantee);
621 destroyPQExpBuffer(grantor);
622 destroyPQExpBuffer(privs);
623 destroyPQExpBuffer(privswgo);
624
625 appendPQExpBuffer(sql, "%s%s", firstsql->data, secondsql->data);
626 destroyPQExpBuffer(firstsql);
627 destroyPQExpBuffer(secondsql);
628
629 free(aclitems);
630
631 return true;
632 }
633
634 /*
635 * This will parse an aclitem string, having the general form
636 * username=privilegecodes/grantor
637 * or
638 * group groupname=privilegecodes/grantor
639 * (the /grantor part will not be present if pre-7.4 database).
640 *
641 * The returned grantee string will be the dequoted username or groupname
642 * (preceded with "group " in the latter case). The returned grantor is
643 * the dequoted grantor name or empty. Privilege characters are decoded
644 * and split between privileges with grant option (privswgo) and without
645 * (privs).
646 *
647 * Note: for cross-version compatibility, it's important to use ALL when
648 * appropriate.
649 */
650 static bool
651 parseAclItem(const char *item, const char *type,
652 const char *name, const char *subname, int remoteVersion,
653 PQExpBuffer grantee, PQExpBuffer grantor,
654 PQExpBuffer privs, PQExpBuffer privswgo)
655 {
656 char *buf;
657 bool all_with_go = true;
658 bool all_without_go = true;
659 char *eqpos;
660 char *slpos;
661 char *pos;
662
663 buf = strdup(item);
664 if (!buf)
665 return false;
666
667 /* user or group name is string up to = */
668 eqpos = copyAclUserName(grantee, buf);
669 if (*eqpos != '=')
670 return false;
671
672 /* grantor may be listed after / */
673 slpos = strchr(eqpos + 1, '/');
674 if (slpos)
675 {
676 *slpos++ = '\0';
677 slpos = copyAclUserName(grantor, slpos);
678 if (*slpos != '\0')
679 return false;
680 }
681 else
682 resetPQExpBuffer(grantor);
683
684 /* privilege codes */
685 #define CONVERT_PRIV(code, keywd) \
686 do { \
687 if ((pos = strchr(eqpos + 1, code))) \
688 { \
689 if (*(pos + 1) == '*') \
690 { \
691 AddAcl(privswgo, keywd, subname); \
692 all_without_go = false; \
693 } \
694 else \
695 { \
696 AddAcl(privs, keywd, subname); \
697 all_with_go = false; \
698 } \
699 } \
700 else \
701 all_with_go = all_without_go = false; \
702 } while (0)
703
704 resetPQExpBuffer(privs);
705 resetPQExpBuffer(privswgo);
706
707 if (strcmp(type, "TABLE") == 0 || strcmp(type, "SEQUENCE") == 0)
708 {
709 CONVERT_PRIV('r', "SELECT");
710
711 if (strcmp(type, "SEQUENCE") == 0)
712 /* sequence only */
713 CONVERT_PRIV('U', "USAGE");
714 else
715 {
716 /* table only */
717 CONVERT_PRIV('a', "INSERT");
718 if (remoteVersion >= 70200)
719 CONVERT_PRIV('x', "REFERENCES");
720 /* rest are not applicable to columns */
721 if (subname == NULL)
722 {
723 if (remoteVersion >= 70200)
724 {
725 CONVERT_PRIV('d', "DELETE");
726 CONVERT_PRIV('t', "TRIGGER");
727 }
728 if (remoteVersion >= 80400)
729 CONVERT_PRIV('D', "TRUNCATE");
730 }
731 }
732
733 /* UPDATE */
734 if (remoteVersion >= 70200 || strcmp(type, "SEQUENCE") == 0)
735 CONVERT_PRIV('w', "UPDATE");
736 else
737 /* 7.0 and 7.1 have a simpler worldview */
738 CONVERT_PRIV('w', "UPDATE,DELETE");
739 }
740 else if (strcmp(type, "FUNCTION") == 0)
741 CONVERT_PRIV('X', "EXECUTE");
742 else if (strcmp(type, "LANGUAGE") == 0)
743 CONVERT_PRIV('U', "USAGE");
744 else if (strcmp(type, "SCHEMA") == 0)
745 {
746 CONVERT_PRIV('C', "CREATE");
747 CONVERT_PRIV('U', "USAGE");
748 }
749 else if (strcmp(type, "DATABASE") == 0)
750 {
751 CONVERT_PRIV('C', "CREATE");
752 CONVERT_PRIV('c', "CONNECT");
753 CONVERT_PRIV('T', "TEMPORARY");
754 }
755 else if (strcmp(type, "TABLESPACE") == 0)
756 CONVERT_PRIV('C', "CREATE");
757 else if (strcmp(type, "FOREIGN DATA WRAPPER") == 0)
758 CONVERT_PRIV('U', "USAGE");
759 else if (strcmp(type, "SERVER") == 0)
760 CONVERT_PRIV('U', "USAGE");
761 else
762 abort();
763
764 #undef CONVERT_PRIV
765
766 if (all_with_go)
767 {
768 resetPQExpBuffer(privs);
769 printfPQExpBuffer(privswgo, "ALL");
770 if (subname)
771 appendPQExpBuffer(privswgo, "(%s)", subname);
772 }
773 else if (all_without_go)
774 {
775 resetPQExpBuffer(privswgo);
776 printfPQExpBuffer(privs, "ALL");
777 if (subname)
778 appendPQExpBuffer(privs, "(%s)", subname);
779 }
780
781 free(buf);
782
783 return true;
784 }
785
786 /*
787 * Transfer a user or group name starting at *input into the output buffer,
788 * dequoting if needed. Returns a pointer to just past the input name.
789 * The name is taken to end at an unquoted '=' or end of string.
790 */
791 static char *
792 copyAclUserName(PQExpBuffer output, char *input)
793 {
794 resetPQExpBuffer(output);
795
796 while (*input && *input != '=')
797 {
798 /*
799 * If user name isn't quoted, then just add it to the output buffer
800 */
801 if (*input != '"')
802 appendPQExpBufferChar(output, *input++);
803 else
804 {
805 /* Otherwise, it's a quoted username */
806 input++;
807 /* Loop until we come across an unescaped quote */
808 while (!(*input == '"' && *(input + 1) != '"'))
809 {
810 if (*input == '\0')
811 return input; /* really a syntax error... */
812
813 /*
814 * Quoting convention is to escape " as "". Keep this code in
815 * sync with putid() in backend's acl.c.
816 */
817 if (*input == '"' && *(input + 1) == '"')
818 input++;
819 appendPQExpBufferChar(output, *input++);
820 }
821 input++;
822 }
823 }
824 return input;
825 }
826
827 /*
828 * Append a privilege keyword to a keyword list, inserting comma if needed.
829 */
830 static void
831 AddAcl(PQExpBuffer aclbuf, const char *keyword, const char *subname)
832 {
833 if (aclbuf->len > 0)
834 appendPQExpBufferChar(aclbuf, ',');
835 appendPQExpBuffer(aclbuf, "%s", keyword);
836 if (subname)
837 appendPQExpBuffer(aclbuf, "(%s)", subname);
838 }
839
840
841 /*
842 * processSQLNamePattern
843 *
844 * Scan a wildcard-pattern string and generate appropriate WHERE clauses
845 * to limit the set of objects returned. The WHERE clauses are appended
846 * to the already-partially-constructed query in buf.
847 *
848 * conn: connection query will be sent to (consulted for escaping rules).
849 * buf: output parameter.
850 * pattern: user-specified pattern option, or NULL if none ("*" is implied).
851 * have_where: true if caller already emitted "WHERE" (clauses will be ANDed
852 * onto the existing WHERE clause).
853 * force_escape: always quote regexp special characters, even outside
854 * double quotes (else they are quoted only between double quotes).
855 * schemavar: name of query variable to match against a schema-name pattern.
856 * Can be NULL if no schema.
857 * namevar: name of query variable to match against an object-name pattern.
858 * altnamevar: NULL, or name of an alternative variable to match against name.
859 * visibilityrule: clause to use if we want to restrict to visible objects
860 * (for example, "pg_catalog.pg_table_is_visible(p.oid)"). Can be NULL.
861 *
862 * Formatting note: the text already present in buf should end with a newline.
863 * The appended text, if any, will end with one too.
864 */
865 void
866 processSQLNamePattern(PGconn *conn, PQExpBuffer buf, const char *pattern,
867 bool have_where, bool force_escape,
868 const char *schemavar, const char *namevar,
869 const char *altnamevar, const char *visibilityrule)
870 {
871 PQExpBufferData schemabuf;
872 PQExpBufferData namebuf;
873 int encoding = PQclientEncoding(conn);
874 bool inquotes;
875 const char *cp;
876 int i;
877
878 #define WHEREAND() \
879 (appendPQExpBufferStr(buf, have_where ? " AND " : "WHERE "), have_where = true)
880
881 if (pattern == NULL)
882 {
883 /* Default: select all visible objects */
884 if (visibilityrule)
885 {
886 WHEREAND();
887 appendPQExpBuffer(buf, "%s\n", visibilityrule);
888 }
889 return;
890 }
891
892 initPQExpBuffer(&schemabuf);
893 initPQExpBuffer(&namebuf);
894
895 /*
896 * Parse the pattern, converting quotes and lower-casing unquoted letters.
897 * Also, adjust shell-style wildcard characters into regexp notation.
898 *
899 * We surround the pattern with "^(...)$" to force it to match the whole
900 * string, as per SQL practice. We have to have parens in case the string
901 * contains "|", else the "^" and "$" will be bound into the first and
902 * last alternatives which is not what we want.
903 *
904 * Note: the result of this pass is the actual regexp pattern(s) we want
905 * to execute. Quoting/escaping into SQL literal format will be done
906 * below using appendStringLiteralConn().
907 */
908 appendPQExpBufferStr(&namebuf, "^(");
909
910 inquotes = false;
911 cp = pattern;
912
913 while (*cp)
914 {
915 char ch = *cp;
916
917 if (ch == '"')
918 {
919 if (inquotes && cp[1] == '"')
920 {
921 /* emit one quote, stay in inquotes mode */
922 appendPQExpBufferChar(&namebuf, '"');
923 cp++;
924 }
925 else
926 inquotes = !inquotes;
927 cp++;
928 }
929 else if (!inquotes && isupper((unsigned char) ch))
930 {
931 appendPQExpBufferChar(&namebuf,
932 pg_tolower((unsigned char) ch));
933 cp++;
934 }
935 else if (!inquotes && ch == '*')
936 {
937 appendPQExpBufferStr(&namebuf, ".*");
938 cp++;
939 }
940 else if (!inquotes && ch == '?')
941 {
942 appendPQExpBufferChar(&namebuf, '.');
943 cp++;
944 }
945 else if (!inquotes && ch == '.')
946 {
947 /* Found schema/name separator, move current pattern to schema */
948 resetPQExpBuffer(&schemabuf);
949 appendPQExpBufferStr(&schemabuf, namebuf.data);
950 resetPQExpBuffer(&namebuf);
951 appendPQExpBufferStr(&namebuf, "^(");
952 cp++;
953 }
954 else if (ch == '$')
955 {
956 /*
957 * Dollar is always quoted, whether inside quotes or not. The
958 * reason is that it's allowed in SQL identifiers, so there's a
959 * significant use-case for treating it literally, while because
960 * we anchor the pattern automatically there is no use-case for
961 * having it possess its regexp meaning.
962 */
963 appendPQExpBufferStr(&namebuf, "\\$");
964 cp++;
965 }
966 else
967 {
968 /*
969 * Ordinary data character, transfer to pattern
970 *
971 * Inside double quotes, or at all times if force_escape is true,
972 * quote regexp special characters with a backslash to avoid
973 * regexp errors. Outside quotes, however, let them pass through
974 * as-is; this lets knowledgeable users build regexp expressions
975 * that are more powerful than shell-style patterns.
976 */
977 if ((inquotes || force_escape) &&
978 strchr("|*+?()[]{}.^$\\", ch))
979 appendPQExpBufferChar(&namebuf, '\\');
980 i = PQmblen(cp, encoding);
981 while (i-- && *cp)
982 {
983 appendPQExpBufferChar(&namebuf, *cp);
984 cp++;
985 }
986 }
987 }
988
989 /*
990 * Now decide what we need to emit. Note there will be a leading "^(" in
991 * the patterns in any case.
992 */
993 if (namebuf.len > 2)
994 {
995 /* We have a name pattern, so constrain the namevar(s) */
996
997 appendPQExpBufferStr(&namebuf, ")$");
998 /* Optimize away a "*" pattern */
999 if (strcmp(namebuf.data, "^(.*)$") != 0)
1000 {
1001 WHEREAND();
1002 if (altnamevar)
1003 {
1004 appendPQExpBuffer(buf, "(%s ~ ", namevar);
1005 appendStringLiteralConn(buf, namebuf.data, conn);
1006 appendPQExpBuffer(buf, "\n OR %s ~ ", altnamevar);
1007 appendStringLiteralConn(buf, namebuf.data, conn);
1008 appendPQExpBufferStr(buf, ")\n");
1009 }
1010 else
1011 {
1012 appendPQExpBuffer(buf, "%s ~ ", namevar);
1013 appendStringLiteralConn(buf, namebuf.data, conn);
1014 appendPQExpBufferChar(buf, '\n');
1015 }
1016 }
1017 }
1018
1019 if (schemabuf.len > 2)
1020 {
1021 /* We have a schema pattern, so constrain the schemavar */
1022
1023 appendPQExpBufferStr(&schemabuf, ")$");
1024 /* Optimize away a "*" pattern */
1025 if (strcmp(schemabuf.data, "^(.*)$") != 0 && schemavar)
1026 {
1027 WHEREAND();
1028 appendPQExpBuffer(buf, "%s ~ ", schemavar);
1029 appendStringLiteralConn(buf, schemabuf.data, conn);
1030 appendPQExpBufferChar(buf, '\n');
1031 }
1032 }
1033 else
1034 {
1035 /* No schema pattern given, so select only visible objects */
1036 if (visibilityrule)
1037 {
1038 WHEREAND();
1039 appendPQExpBuffer(buf, "%s\n", visibilityrule);
1040 }
1041 }
1042
1043 termPQExpBuffer(&schemabuf);
1044 termPQExpBuffer(&namebuf);
1045
1046 #undef WHEREAND
1047 }
PostgreSQL from CVS