2000-07-21 13:40:08 +02:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
*
|
|
|
|
* pg_backup.h
|
|
|
|
*
|
|
|
|
* Public interface to the pg_dump archiver routines.
|
|
|
|
*
|
|
|
|
* See the headers to pg_restore for more details.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2000, Philip Warner
|
2001-03-22 05:01:46 +01:00
|
|
|
* Rights are granted to use this software in any way so long
|
|
|
|
* as this notice is not removed.
|
2000-07-21 13:40:08 +02:00
|
|
|
*
|
|
|
|
* The author is not responsible for loss or damages that may
|
|
|
|
* result from it's use.
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* IDENTIFICATION
|
2010-09-20 22:08:53 +02:00
|
|
|
* src/bin/pg_dump/pg_backup.h
|
2000-08-01 17:51:45 +02:00
|
|
|
*
|
2000-07-21 13:40:08 +02:00
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
|
2003-12-06 04:00:16 +01:00
|
|
|
#ifndef PG_BACKUP_H
|
|
|
|
#define PG_BACKUP_H
|
2000-07-21 13:40:08 +02:00
|
|
|
|
2013-01-17 11:24:47 +01:00
|
|
|
#include "dumputils.h"
|
2000-07-21 13:40:08 +02:00
|
|
|
#include "libpq-fe.h"
|
|
|
|
|
2003-12-06 04:00:16 +01:00
|
|
|
|
2014-10-14 20:00:55 +02:00
|
|
|
typedef enum trivalue
|
2009-02-26 17:02:39 +01:00
|
|
|
{
|
|
|
|
TRI_DEFAULT,
|
|
|
|
TRI_NO,
|
|
|
|
TRI_YES
|
2014-10-14 20:00:55 +02:00
|
|
|
} trivalue;
|
2009-02-26 17:02:39 +01:00
|
|
|
|
2001-03-22 05:01:46 +01:00
|
|
|
typedef enum _archiveFormat
|
|
|
|
{
|
2001-10-28 07:26:15 +01:00
|
|
|
archUnknown = 0,
|
|
|
|
archCustom = 1,
|
|
|
|
archTar = 3,
|
2011-01-23 22:10:15 +01:00
|
|
|
archNull = 4,
|
|
|
|
archDirectory = 5
|
2000-07-21 13:40:08 +02:00
|
|
|
} ArchiveFormat;
|
|
|
|
|
2007-01-25 04:30:43 +01:00
|
|
|
typedef enum _archiveMode
|
|
|
|
{
|
|
|
|
archModeAppend,
|
|
|
|
archModeWrite,
|
|
|
|
archModeRead
|
|
|
|
} ArchiveMode;
|
|
|
|
|
2009-02-02 21:07:37 +01:00
|
|
|
typedef enum _teSection
|
|
|
|
{
|
|
|
|
SECTION_NONE = 1, /* COMMENTs, ACLs, etc; can be anywhere */
|
|
|
|
SECTION_PRE_DATA, /* stuff to be processed before data */
|
|
|
|
SECTION_DATA, /* TABLE DATA, BLOBS, BLOB COMMENTS */
|
|
|
|
SECTION_POST_DATA /* stuff to be processed after data */
|
|
|
|
} teSection;
|
|
|
|
|
2000-07-21 13:40:08 +02:00
|
|
|
/*
|
2003-12-06 04:00:16 +01:00
|
|
|
* We may want to have some more user-readable data, but in the mean
|
2001-03-22 05:01:46 +01:00
|
|
|
* time this gives us some abstraction and type checking.
|
2000-07-21 13:40:08 +02:00
|
|
|
*/
|
2014-10-14 20:00:55 +02:00
|
|
|
typedef struct Archive
|
2001-03-22 05:01:46 +01:00
|
|
|
{
|
2001-10-25 07:50:21 +02:00
|
|
|
int verbose;
|
2005-10-15 04:49:52 +02:00
|
|
|
char *remoteVersionStr; /* server's version string */
|
|
|
|
int remoteVersion; /* same in numeric form */
|
2004-11-06 20:36:02 +01:00
|
|
|
|
2005-10-15 04:49:52 +02:00
|
|
|
int minRemoteVersion; /* allowable range */
|
2001-10-25 07:50:21 +02:00
|
|
|
int maxRemoteVersion;
|
2004-04-22 04:39:10 +02:00
|
|
|
|
2013-03-24 16:27:20 +01:00
|
|
|
int numWorkers; /* number of parallel processes */
|
|
|
|
char *sync_snapshot_id; /* sync snapshot id for parallel
|
|
|
|
* operation */
|
|
|
|
|
2006-05-28 23:13:54 +02:00
|
|
|
/* info needed for string escaping */
|
|
|
|
int encoding; /* libpq code for client_encoding */
|
|
|
|
bool std_strings; /* standard_conforming_strings */
|
2013-03-24 16:27:20 +01:00
|
|
|
char *use_role; /* Issue SET ROLE to this */
|
2006-05-28 23:13:54 +02:00
|
|
|
|
2004-04-22 04:39:10 +02:00
|
|
|
/* error handling */
|
2004-08-20 06:20:23 +02:00
|
|
|
bool exit_on_error; /* whether to exit on SQL errors... */
|
2004-04-22 04:39:10 +02:00
|
|
|
int n_errors; /* number of errors (if no die) */
|
|
|
|
|
2001-03-22 05:01:46 +01:00
|
|
|
/* The rest is private */
|
2014-10-14 20:00:55 +02:00
|
|
|
} Archive;
|
2000-07-21 13:40:08 +02:00
|
|
|
|
2001-03-22 05:01:46 +01:00
|
|
|
typedef struct _restoreOptions
|
|
|
|
{
|
2010-05-15 23:41:16 +02:00
|
|
|
int createDB; /* Issue commands to create the database */
|
2005-10-15 04:49:52 +02:00
|
|
|
int noOwner; /* Don't try to match original object owner */
|
2009-06-11 16:49:15 +02:00
|
|
|
int noTablespace; /* Don't issue tablespace-related commands */
|
2005-10-15 04:49:52 +02:00
|
|
|
int disable_triggers; /* disable triggers during data-only
|
|
|
|
* restore */
|
2004-08-29 07:07:03 +02:00
|
|
|
int use_setsessauth;/* Use SET SESSION AUTHORIZATION commands
|
|
|
|
* instead of OWNER TO */
|
2001-03-22 05:01:46 +01:00
|
|
|
char *superuser; /* Username to use as superuser */
|
2009-01-05 17:54:37 +01:00
|
|
|
char *use_role; /* Issue SET ROLE to this */
|
2000-07-21 13:40:08 +02:00
|
|
|
int dropSchema;
|
2014-10-14 20:00:55 +02:00
|
|
|
int disable_dollar_quoting;
|
|
|
|
int dump_inserts;
|
|
|
|
int column_inserts;
|
2014-03-03 19:02:18 +01:00
|
|
|
int if_exists;
|
2014-10-14 20:00:55 +02:00
|
|
|
int no_security_labels; /* Skip security label entries */
|
|
|
|
|
2012-02-07 22:20:29 +01:00
|
|
|
const char *filename;
|
Rewrite --section option to decouple it from --schema-only/--data-only.
The initial implementation of pg_dump's --section option supposed that the
existing --schema-only and --data-only options could be made equivalent to
--section settings. This is wrong, though, due to dubious but long since
set-in-stone decisions about where to dump SEQUENCE SET items, as seen in
bug report from Martin Pitt. (And I'm not totally convinced there weren't
other bugs, either.) Undo that coupling and instead drive --section
filtering off current-section state tracked as we scan through the TOC
list to call _tocEntryRequired().
To make sure those decisions don't shift around and hopefully save a few
cycles, run _tocEntryRequired() only once per TOC entry and save the result
in a new TOC field. This required minor rejiggering of ACL handling but
also allows a far cleaner implementation of inhibit_data_for_failed_table.
Also, to ensure that pg_dump and pg_restore have the same behavior with
respect to the --section switches, add _tocEntryRequired() filtering to
WriteToc() and WriteDataChunks(), rather than trying to implement section
filtering in an entirely orthogonal way in dumpDumpableObject(). This
required adjusting the handling of the special ENCODING and STDSTRINGS
items, but they were pretty weird before anyway.
Minor other code review for the patch, too.
2012-05-30 05:22:14 +02:00
|
|
|
int dataOnly;
|
2000-07-21 13:40:08 +02:00
|
|
|
int schemaOnly;
|
2012-06-10 21:20:04 +02:00
|
|
|
int dumpSections;
|
2000-07-21 13:40:08 +02:00
|
|
|
int verbose;
|
|
|
|
int aclsSkip;
|
2014-10-14 20:00:55 +02:00
|
|
|
const char *lockWaitTimeout;
|
|
|
|
int include_everything;
|
|
|
|
|
2000-07-21 13:40:08 +02:00
|
|
|
int tocSummary;
|
2001-03-22 05:01:46 +01:00
|
|
|
char *tocFile;
|
2000-07-21 13:40:08 +02:00
|
|
|
int format;
|
2001-03-22 05:01:46 +01:00
|
|
|
char *formatName;
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
int selTypes;
|
|
|
|
int selIndex;
|
|
|
|
int selFunction;
|
|
|
|
int selTrigger;
|
|
|
|
int selTable;
|
2013-08-28 08:43:34 +02:00
|
|
|
SimpleStringList indexNames;
|
|
|
|
SimpleStringList functionNames;
|
|
|
|
SimpleStringList schemaNames;
|
|
|
|
SimpleStringList triggerNames;
|
2013-01-17 11:24:47 +01:00
|
|
|
SimpleStringList tableNames;
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
int useDB;
|
2001-03-22 05:01:46 +01:00
|
|
|
char *dbname;
|
|
|
|
char *pgport;
|
|
|
|
char *pghost;
|
2001-05-17 23:12:49 +02:00
|
|
|
char *username;
|
2006-08-01 20:21:44 +02:00
|
|
|
int noDataForFailedTables;
|
2014-10-14 20:00:55 +02:00
|
|
|
trivalue promptPassword;
|
2004-08-20 06:20:23 +02:00
|
|
|
int exit_on_error;
|
2000-08-01 17:51:45 +02:00
|
|
|
int compression;
|
2005-10-15 04:49:52 +02:00
|
|
|
int suppressDumpWarnings; /* Suppress output of WARNING entries
|
|
|
|
* to stderr */
|
2006-10-04 02:30:14 +02:00
|
|
|
bool single_txn;
|
2006-02-12 05:04:32 +01:00
|
|
|
|
2006-10-15 01:07:22 +02:00
|
|
|
bool *idWanted; /* array showing which dump IDs to emit */
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
int enable_row_security;
|
2000-07-21 13:40:08 +02:00
|
|
|
} RestoreOptions;
|
|
|
|
|
2014-10-14 20:00:55 +02:00
|
|
|
typedef struct _dumpOptions
|
|
|
|
{
|
|
|
|
const char *dbname;
|
|
|
|
const char *pghost;
|
|
|
|
const char *pgport;
|
|
|
|
const char *username;
|
|
|
|
bool oids;
|
|
|
|
|
|
|
|
int binary_upgrade;
|
|
|
|
|
|
|
|
/* various user-settable parameters */
|
|
|
|
bool schemaOnly;
|
|
|
|
bool dataOnly;
|
|
|
|
int dumpSections; /* bitmask of chosen sections */
|
|
|
|
bool aclsSkip;
|
|
|
|
const char *lockWaitTimeout;
|
|
|
|
|
|
|
|
/* flags for various command-line long options */
|
|
|
|
int disable_dollar_quoting;
|
|
|
|
int dump_inserts;
|
|
|
|
int column_inserts;
|
|
|
|
int if_exists;
|
|
|
|
int no_security_labels;
|
|
|
|
int no_synchronized_snapshots;
|
|
|
|
int no_unlogged_table_data;
|
|
|
|
int serializable_deferrable;
|
|
|
|
int quote_all_identifiers;
|
|
|
|
int disable_triggers;
|
|
|
|
int outputNoTablespaces;
|
|
|
|
int use_setsessauth;
|
|
|
|
int enable_row_security;
|
|
|
|
|
|
|
|
/* default, if no "inclusion" switches appear, is to dump everything */
|
|
|
|
bool include_everything;
|
|
|
|
|
|
|
|
int outputClean;
|
|
|
|
int outputCreateDB;
|
|
|
|
bool outputBlobs;
|
|
|
|
int outputNoOwner;
|
|
|
|
char *outputSuperuser;
|
|
|
|
} DumpOptions;
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* pg_dump uses two different mechanisms for identifying database objects:
|
|
|
|
*
|
|
|
|
* CatalogId represents an object by the tableoid and oid of its defining
|
|
|
|
* entry in the system catalogs. We need this to interpret pg_depend entries,
|
|
|
|
* for instance.
|
|
|
|
*
|
|
|
|
* DumpId is a simple sequential integer counter assigned as dumpable objects
|
|
|
|
* are identified during a pg_dump run. We use DumpId internally in preference
|
|
|
|
* to CatalogId for two reasons: it's more compact, and we can assign DumpIds
|
|
|
|
* to "objects" that don't have a separate CatalogId. For example, it is
|
|
|
|
* convenient to consider a table, its data, and its ACL as three separate
|
|
|
|
* dumpable "objects" with distinct DumpIds --- this lets us reason about the
|
|
|
|
* order in which to dump these things.
|
|
|
|
*/
|
|
|
|
|
|
|
|
typedef struct
|
|
|
|
{
|
|
|
|
Oid tableoid;
|
|
|
|
Oid oid;
|
|
|
|
} CatalogId;
|
|
|
|
|
|
|
|
typedef int DumpId;
|
|
|
|
|
|
|
|
typedef int (*DataDumperPtr) (Archive *AH, DumpOptions *dopt, void *userArg);
|
|
|
|
|
|
|
|
typedef void (*SetupWorkerPtr) (Archive *AH, DumpOptions *dopt, RestoreOptions *ropt);
|
2013-03-24 16:27:20 +01:00
|
|
|
|
2000-07-21 13:40:08 +02:00
|
|
|
/*
|
|
|
|
* Main archiver interface.
|
|
|
|
*/
|
|
|
|
|
2012-02-16 19:00:24 +01:00
|
|
|
extern void ConnectDatabase(Archive *AH,
|
2001-03-22 05:01:46 +01:00
|
|
|
const char *dbname,
|
|
|
|
const char *pghost,
|
|
|
|
const char *pgport,
|
2001-05-17 23:12:49 +02:00
|
|
|
const char *username,
|
2014-10-14 20:00:55 +02:00
|
|
|
trivalue prompt_password);
|
2012-02-16 17:49:20 +01:00
|
|
|
extern void DisconnectDatabase(Archive *AHX);
|
2012-02-16 19:00:24 +01:00
|
|
|
extern PGconn *GetConnection(Archive *AHX);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
/* Called to add a TOC entry */
|
2003-12-06 04:00:16 +01:00
|
|
|
extern void ArchiveEntry(Archive *AHX,
|
|
|
|
CatalogId catalogId, DumpId dumpId,
|
|
|
|
const char *tag,
|
2004-11-06 20:36:02 +01:00
|
|
|
const char *namespace, const char *tablespace,
|
|
|
|
const char *owner, bool withOids,
|
2009-02-02 21:07:37 +01:00
|
|
|
const char *desc, teSection section,
|
|
|
|
const char *defn,
|
2003-12-06 04:00:16 +01:00
|
|
|
const char *dropStmt, const char *copyStmt,
|
|
|
|
const DumpId *deps, int nDeps,
|
2002-09-04 22:31:48 +02:00
|
|
|
DataDumperPtr dumpFn, void *dumpArg);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
/* Called to write *data* to the archive */
|
2014-05-06 02:27:16 +02:00
|
|
|
extern void WriteData(Archive *AH, const void *data, size_t dLen);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
2001-04-01 07:42:51 +02:00
|
|
|
extern int StartBlob(Archive *AH, Oid oid);
|
|
|
|
extern int EndBlob(Archive *AH, Oid oid);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
2014-10-14 20:00:55 +02:00
|
|
|
extern void CloseArchive(Archive *AH, DumpOptions *dopt);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
Rewrite --section option to decouple it from --schema-only/--data-only.
The initial implementation of pg_dump's --section option supposed that the
existing --schema-only and --data-only options could be made equivalent to
--section settings. This is wrong, though, due to dubious but long since
set-in-stone decisions about where to dump SEQUENCE SET items, as seen in
bug report from Martin Pitt. (And I'm not totally convinced there weren't
other bugs, either.) Undo that coupling and instead drive --section
filtering off current-section state tracked as we scan through the TOC
list to call _tocEntryRequired().
To make sure those decisions don't shift around and hopefully save a few
cycles, run _tocEntryRequired() only once per TOC entry and save the result
in a new TOC field. This required minor rejiggering of ACL handling but
also allows a far cleaner implementation of inhibit_data_for_failed_table.
Also, to ensure that pg_dump and pg_restore have the same behavior with
respect to the --section switches, add _tocEntryRequired() filtering to
WriteToc() and WriteDataChunks(), rather than trying to implement section
filtering in an entirely orthogonal way in dumpDumpableObject(). This
required adjusting the handling of the special ENCODING and STDSTRINGS
items, but they were pretty weird before anyway.
Minor other code review for the patch, too.
2012-05-30 05:22:14 +02:00
|
|
|
extern void SetArchiveRestoreOptions(Archive *AH, RestoreOptions *ropt);
|
|
|
|
|
|
|
|
extern void RestoreArchive(Archive *AH);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
/* Open an existing archive */
|
2001-03-22 05:01:46 +01:00
|
|
|
extern Archive *OpenArchive(const char *FileSpec, const ArchiveFormat fmt);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
/* Create a new archive */
|
2001-03-22 05:01:46 +01:00
|
|
|
extern Archive *CreateArchive(const char *FileSpec, const ArchiveFormat fmt,
|
2013-03-24 16:27:20 +01:00
|
|
|
const int compression, ArchiveMode mode,
|
|
|
|
SetupWorkerPtr setupDumpWorker);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
/* The --list option */
|
2001-03-22 05:01:46 +01:00
|
|
|
extern void PrintTOCSummary(Archive *AH, RestoreOptions *ropt);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
2001-03-22 05:01:46 +01:00
|
|
|
extern RestoreOptions *NewRestoreOptions(void);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
2014-10-14 20:00:55 +02:00
|
|
|
extern DumpOptions *NewDumpOptions(void);
|
2015-01-11 19:28:26 +01:00
|
|
|
extern void InitDumpOptions(DumpOptions *opts);
|
2014-10-14 20:00:55 +02:00
|
|
|
extern DumpOptions *dumpOptionsFromRestoreOptions(RestoreOptions *ropt);
|
|
|
|
|
2006-10-15 01:07:22 +02:00
|
|
|
/* Rearrange and filter TOC entries */
|
|
|
|
extern void SortTocFromFile(Archive *AHX, RestoreOptions *ropt);
|
2000-07-21 13:40:08 +02:00
|
|
|
|
|
|
|
/* Convenience functions used only when writing DATA */
|
2014-05-06 18:12:18 +02:00
|
|
|
extern void archputs(const char *s, Archive *AH);
|
2001-10-25 07:50:21 +02:00
|
|
|
extern int
|
|
|
|
archprintf(Archive *AH, const char *fmt,...)
|
2001-10-03 23:58:28 +02:00
|
|
|
/* This extension allows gcc to check the format string */
|
2011-04-28 16:56:14 +02:00
|
|
|
__attribute__((format(PG_PRINTF_ATTRIBUTE, 2, 3)));
|
2001-10-28 07:26:15 +01:00
|
|
|
|
2006-05-28 23:13:54 +02:00
|
|
|
#define appendStringLiteralAH(buf,str,AH) \
|
|
|
|
appendStringLiteral(buf, str, (AH)->encoding, (AH)->std_strings)
|
|
|
|
|
2004-08-29 07:07:03 +02:00
|
|
|
#endif /* PG_BACKUP_H */
|