rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/bin/pg_dump/dumputils.c

664 lines
17 KiB
C
Raw Blame History

/*-------------------------------------------------------------------------
*
* Utility routines for SQL dumping
* Basically this is stuff that is useful in both pg_dump and pg_dumpall.
*
*
* Portions Copyright (c) 1996-2004, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* $PostgreSQL: pgsql/src/bin/pg_dump/dumputils.c,v 1.15 2004/08/29 05:06:53 momjian Exp $
*
*-------------------------------------------------------------------------
*/
#include "postgres_fe.h"
#include "dumputils.h"
#include "parser/keywords.h"
#define supports_grant_options(version) ((version) >= 70400)
static bool parseAclItem(const char *item, const char *type, const char *name,
int remoteVersion,
PQExpBuffer grantee, PQExpBuffer grantor,
PQExpBuffer privs, PQExpBuffer privswgo);
static char *copyAclUserName(PQExpBuffer output, char *input);
static void AddAcl(PQExpBuffer aclbuf, const char *keyword);
/*
* Quotes input string if it's not a legitimate SQL identifier as-is.
*
* Note that the returned string must be used before calling fmtId again,
* since we re-use the same return buffer each time. Non-reentrant but
* avoids memory leakage.
*/
const char *
fmtId(const char *rawid)
{
static PQExpBuffer id_return = NULL;
const char *cp;
bool need_quotes = false;
if (id_return) /* first time through? */
resetPQExpBuffer(id_return);
else
id_return = createPQExpBuffer();
/*
* These checks need to match the identifier production in scan.l.
* Don't use islower() etc.
*/
if (ScanKeywordLookup(rawid))
need_quotes = true;
/* slightly different rules for first character */
else if (!((rawid[0] >= 'a' && rawid[0] <= 'z') || rawid[0] == '_'))
need_quotes = true;
else
{
/* otherwise check the entire string */
for (cp = rawid; *cp; cp++)
{
if (!((*cp >= 'a' && *cp <= 'z')
|| (*cp >= '0' && *cp <= '9')
|| (*cp == '_')))
{
need_quotes = true;
break;
}
}
}
if (!need_quotes)
{
/* no quoting needed */
appendPQExpBufferStr(id_return, rawid);
}
else
{
appendPQExpBufferChar(id_return, '\"');
for (cp = rawid; *cp; cp++)
{
/*
* Did we find a double-quote in the string? Then make this a
* double double-quote per SQL99. Before, we put in a
* backslash/double-quote pair. - thomas 2000-08-05
*/
if (*cp == '\"')
appendPQExpBufferChar(id_return, '\"');
appendPQExpBufferChar(id_return, *cp);
}
appendPQExpBufferChar(id_return, '\"');
}
return id_return->data;
}
/*
* Convert a string value to an SQL string literal and append it to
* the given buffer.
*
* Special characters are escaped. Quote mark ' goes to '' per SQL
* standard, other stuff goes to \ sequences. If escapeAll is false,
* whitespace characters are not escaped (tabs, newlines, etc.). This
* is appropriate for dump file output.
*/
void
appendStringLiteral(PQExpBuffer buf, const char *str, bool escapeAll)
{
appendPQExpBufferChar(buf, '\'');
while (*str)
{
char ch = *str++;
if (ch == '\\' || ch == '\'')
{
appendPQExpBufferChar(buf, ch); /* double these */
appendPQExpBufferChar(buf, ch);
}
else if ((unsigned char) ch < (unsigned char) ' ' &&
(escapeAll
|| (ch != '\t' && ch != '\n' && ch != '\v' && ch != '\f' && ch != '\r')
))
{
/*
* generate octal escape for control chars other than
* whitespace
*/
appendPQExpBufferChar(buf, '\\');
appendPQExpBufferChar(buf, ((ch >> 6) & 3) + '0');
appendPQExpBufferChar(buf, ((ch >> 3) & 7) + '0');
appendPQExpBufferChar(buf, (ch & 7) + '0');
}
else
appendPQExpBufferChar(buf, ch);
}
appendPQExpBufferChar(buf, '\'');
}
/*
* Convert a string value to a dollar quoted literal and append it to
* the given buffer. If the dqprefix parameter is not NULL then the
* dollar quote delimiter will begin with that (after the opening $).
*
* No escaping is done at all on str, in compliance with the rules
* for parsing dollar quoted strings.
*/
void
appendStringLiteralDQ(PQExpBuffer buf, const char *str, const char *dqprefix)
{
static const char suffixes[] = "_XXXXXXX";
int nextchar = 0;
PQExpBuffer delimBuf = createPQExpBuffer();
/* start with $ + dqprefix if not NULL */
appendPQExpBufferChar(delimBuf, '$');
if (dqprefix)
appendPQExpBuffer(delimBuf, dqprefix);
/*
* Make sure we choose a delimiter which (without the trailing $) is
* not present in the string being quoted. We don't check with the
* trailing $ because a string ending in $foo must not be quoted with
* $foo$.
*/
while (strstr(str, delimBuf->data) != NULL)
{
appendPQExpBufferChar(delimBuf, suffixes[nextchar++]);
nextchar %= sizeof(suffixes) - 1;
}
/* add trailing $ */
appendPQExpBufferChar(delimBuf, '$');
/* quote it and we are all done */
appendPQExpBufferStr(buf, delimBuf->data);
appendPQExpBufferStr(buf, str);
appendPQExpBufferStr(buf, delimBuf->data);
destroyPQExpBuffer(delimBuf);
}
/*
* Use dollar quoting if the string to be quoted contains ' or \,
* otherwise use standard quoting.
*/
void
appendStringLiteralDQOpt(PQExpBuffer buf, const char *str,
bool escapeAll, const char *dqprefix)
{
if (strchr(str, '\'') == NULL && strchr(str, '\\') == NULL)
appendStringLiteral(buf, str, escapeAll);
else
appendStringLiteralDQ(buf, str, dqprefix);
}
/*
* Convert backend's version string into a number.
*/
int
parse_version(const char *versionString)
{
int cnt;
int vmaj,
vmin,
vrev;
cnt = sscanf(versionString, "%d.%d.%d", &vmaj, &vmin, &vrev);
if (cnt < 2)
return -1;
if (cnt == 2)
vrev = 0;
return (100 * vmaj + vmin) * 100 + vrev;
}
/*
* Deconstruct the text representation of a 1-dimensional Postgres array
* into individual items.
*
* On success, returns true and sets *itemarray and *nitems to describe
* an array of individual strings. On parse failure, returns false;
* *itemarray may exist or be NULL.
*
* NOTE: free'ing itemarray is sufficient to deallocate the working storage.
*/
bool
parsePGArray(const char *atext, char ***itemarray, int *nitems)
{
int inputlen;
char **items;
char *strings;
int curitem;
/*
* We expect input in the form of "{item,item,item}" where any item is
* either raw data, or surrounded by double quotes (in which case
* embedded characters including backslashes and quotes are
* backslashed).
*
* We build the result as an array of pointers followed by the actual
* string data, all in one malloc block for convenience of
* deallocation. The worst-case storage need is not more than one
* pointer and one character for each input character (consider
* "{,,,,,,,,,,}").
*/
*itemarray = NULL;
*nitems = 0;
inputlen = strlen(atext);
if (inputlen < 2 || atext[0] != '{' || atext[inputlen - 1] != '}')
return false; /* bad input */
items = (char **) malloc(inputlen * (sizeof(char *) + sizeof(char)));
if (items == NULL)
return false; /* out of memory */
*itemarray = items;
strings = (char *) (items + inputlen);
atext++; /* advance over initial '{' */
curitem = 0;
while (*atext != '}')
{
if (*atext == '\0')
return false; /* premature end of string */
items[curitem] = strings;
while (*atext != '}' && *atext != ',')
{
if (*atext == '\0')
return false; /* premature end of string */
if (*atext != '"')
*strings++ = *atext++; /* copy unquoted data */
else
{
/* process quoted substring */
atext++;
while (*atext != '"')
{
if (*atext == '\0')
return false; /* premature end of string */
if (*atext == '\\')
{
atext++;
if (*atext == '\0')
return false; /* premature end of string */
}
*strings++ = *atext++; /* copy quoted data */
}
atext++;
}
}
*strings++ = '\0';
if (*atext == ',')
atext++;
curitem++;
}
if (atext[1] != '\0')
return false; /* bogus syntax (embedded '}') */
*nitems = curitem;
return true;
}
/*
* Build GRANT/REVOKE command(s) for an object.
*
* name: the object name, in the form to use in the commands (already quoted)
* type: the object type (as seen in GRANT command: must be one of
* TABLE, FUNCTION, LANGUAGE, or SCHEMA, or DATABASE)
* acls: the ACL string fetched from the database
* owner: username of object owner (will be passed through fmtId), or NULL
* remoteVersion: version of database
*
* Returns TRUE if okay, FALSE if could not parse the acl string.
* The resulting commands (if any) are appended to the contents of 'sql'.
*
* Note: beware of passing fmtId() result as 'name', since this routine
* uses fmtId() internally.
*/
bool
buildACLCommands(const char *name, const char *type,
const char *acls, const char *owner,
int remoteVersion,
PQExpBuffer sql)
{
char **aclitems;
int naclitems;
int i;
PQExpBuffer grantee,
grantor,
privs,
privswgo;
PQExpBuffer firstsql,
secondsql;
bool found_owner_privs = false;
if (strlen(acls) == 0)
return true; /* object has default permissions */
if (!parsePGArray(acls, &aclitems, &naclitems))
{
if (aclitems)
free(aclitems);
return false;
}
grantee = createPQExpBuffer();
grantor = createPQExpBuffer();
privs = createPQExpBuffer();
privswgo = createPQExpBuffer();
/*
* At the end, these two will be pasted together to form the result.
* But the owner privileges need to go before the other ones to keep
* the dependencies valid. In recent versions this is normally the
* case, but in old versions they come after the PUBLIC privileges and
* that results in problems if we need to run REVOKE on the owner
* privileges.
*/
firstsql = createPQExpBuffer();
secondsql = createPQExpBuffer();
/*
* Always start with REVOKE ALL FROM PUBLIC, so that we don't have to
* wire-in knowledge about the default public privileges for different
* kinds of objects.
*/
appendPQExpBuffer(firstsql, "REVOKE ALL ON %s %s FROM PUBLIC;\n",
type, name);
/* Scan individual ACL items */
for (i = 0; i < naclitems; i++)
{
if (!parseAclItem(aclitems[i], type, name, remoteVersion,
grantee, grantor, privs, privswgo))
return false;
if (grantor->len == 0 && owner)
printfPQExpBuffer(grantor, "%s", owner);
if (privs->len > 0 || privswgo->len > 0)
{
if (owner
&& strcmp(grantee->data, owner) == 0
&& strcmp(grantor->data, owner) == 0)
{
found_owner_privs = true;
/*
* For the owner, the default privilege level is ALL WITH
* GRANT OPTION (only ALL prior to 7.4).
*/
if (supports_grant_options(remoteVersion)
? strcmp(privswgo->data, "ALL") != 0
: strcmp(privs->data, "ALL") != 0)
{
appendPQExpBuffer(firstsql, "REVOKE ALL ON %s %s FROM %s;\n",
type, name,
fmtId(grantee->data));
if (privs->len > 0)
appendPQExpBuffer(firstsql, "GRANT %s ON %s %s TO %s;\n",
privs->data, type, name,
fmtId(grantee->data));
if (privswgo->len > 0)
appendPQExpBuffer(firstsql, "GRANT %s ON %s %s TO %s WITH GRANT OPTION;\n",
privswgo->data, type, name,
fmtId(grantee->data));
}
}
else
{
/*
* Otherwise can assume we are starting from no privs.
*/
if (grantor->len > 0
&& (!owner || strcmp(owner, grantor->data) != 0))
appendPQExpBuffer(secondsql, "SET SESSION AUTHORIZATION %s;\n",
fmtId(grantor->data));
if (privs->len > 0)
{
appendPQExpBuffer(secondsql, "GRANT %s ON %s %s TO ",
privs->data, type, name);
if (grantee->len == 0)
appendPQExpBuffer(secondsql, "PUBLIC;\n");
else if (strncmp(grantee->data, "group ",
strlen("group ")) == 0)
appendPQExpBuffer(secondsql, "GROUP %s;\n",
fmtId(grantee->data + strlen("group ")));
else
appendPQExpBuffer(secondsql, "%s;\n", fmtId(grantee->data));
}
if (privswgo->len > 0)
{
appendPQExpBuffer(secondsql, "GRANT %s ON %s %s TO ",
privswgo->data, type, name);
if (grantee->len == 0)
appendPQExpBuffer(secondsql, "PUBLIC");
else if (strncmp(grantee->data, "group ",
strlen("group ")) == 0)
appendPQExpBuffer(secondsql, "GROUP %s",
fmtId(grantee->data + strlen("group ")));
else
appendPQExpBuffer(secondsql, "%s", fmtId(grantee->data));
appendPQExpBuffer(secondsql, " WITH GRANT OPTION;\n");
}
if (grantor->len > 0
&& (!owner || strcmp(owner, grantor->data) != 0))
appendPQExpBuffer(secondsql, "RESET SESSION AUTHORIZATION;\n");
}
}
}
/*
* If we didn't find any owner privs, the owner must have revoked 'em
* all
*/
if (!found_owner_privs && owner)
{
appendPQExpBuffer(firstsql, "REVOKE ALL ON %s %s FROM %s;\n",
type, name, fmtId(owner));
}
destroyPQExpBuffer(grantee);
destroyPQExpBuffer(grantor);
destroyPQExpBuffer(privs);
destroyPQExpBuffer(privswgo);
appendPQExpBuffer(sql, "%s%s", firstsql->data, secondsql->data);
destroyPQExpBuffer(firstsql);
destroyPQExpBuffer(secondsql);
free(aclitems);
return true;
}
/*
* This will parse an aclitem string, having the general form
* username=privilegecodes/grantor
* or
* group groupname=privilegecodes/grantor
* (the /grantor part will not be present if pre-7.4 database).
*
* The returned grantee string will be the dequoted username or groupname
* (preceded with "group " in the latter case). The returned grantor is
* the dequoted grantor name or empty. Privilege characters are decoded
* and split between privileges with grant option (privswgo) and without
* (privs).
*
* Note: for cross-version compatibility, it's important to use ALL when
* appropriate.
*/
static bool
parseAclItem(const char *item, const char *type, const char *name,
int remoteVersion,
PQExpBuffer grantee, PQExpBuffer grantor,
PQExpBuffer privs, PQExpBuffer privswgo)
{
char *buf;
bool all_with_go = true;
bool all_without_go = true;
char *eqpos;
char *slpos;
char *pos;
buf = strdup(item);
/* user or group name is string up to = */
eqpos = copyAclUserName(grantee, buf);
if (*eqpos != '=')
return false;
/* grantor may be listed after / */
slpos = strchr(eqpos + 1, '/');
if (slpos)
{
*slpos++ = '\0';
slpos = copyAclUserName(grantor, slpos);
if (*slpos != '\0')
return false;
}
else
resetPQExpBuffer(grantor);
/* privilege codes */
#define CONVERT_PRIV(code, keywd) \
if ((pos = strchr(eqpos + 1, code))) \
{ \
if (*(pos + 1) == '*') \
{ \
AddAcl(privswgo, keywd); \
all_without_go = false; \
} \
else \
{ \
AddAcl(privs, keywd); \
all_with_go = false; \
} \
} \
else \
all_with_go = all_without_go = false
resetPQExpBuffer(privs);
resetPQExpBuffer(privswgo);
if (strcmp(type, "TABLE") == 0)
{
CONVERT_PRIV('a', "INSERT");
CONVERT_PRIV('r', "SELECT");
CONVERT_PRIV('R', "RULE");
if (remoteVersion >= 70200)
{
CONVERT_PRIV('w', "UPDATE");
CONVERT_PRIV('d', "DELETE");
CONVERT_PRIV('x', "REFERENCES");
CONVERT_PRIV('t', "TRIGGER");
}
else
{
/* 7.0 and 7.1 have a simpler worldview */
CONVERT_PRIV('w', "UPDATE,DELETE");
}
}
else if (strcmp(type, "FUNCTION") == 0)
CONVERT_PRIV('X', "EXECUTE");
else if (strcmp(type, "LANGUAGE") == 0)
CONVERT_PRIV('U', "USAGE");
else if (strcmp(type, "SCHEMA") == 0)
{
CONVERT_PRIV('C', "CREATE");
CONVERT_PRIV('U', "USAGE");
}
else if (strcmp(type, "DATABASE") == 0)
{
CONVERT_PRIV('C', "CREATE");
CONVERT_PRIV('T', "TEMPORARY");
}
else if (strcmp(type, "TABLESPACE") == 0)
CONVERT_PRIV('C', "CREATE");
else
abort();
#undef CONVERT_PRIV
if (all_with_go)
{
resetPQExpBuffer(privs);
printfPQExpBuffer(privswgo, "ALL");
}
else if (all_without_go)
{
resetPQExpBuffer(privswgo);
printfPQExpBuffer(privs, "ALL");
}
free(buf);
return true;
}
/*
* Transfer a user or group name starting at *input into the output buffer,
* dequoting if needed. Returns a pointer to just past the input name.
* The name is taken to end at an unquoted '=' or end of string.
*/
static char *
copyAclUserName(PQExpBuffer output, char *input)
{
resetPQExpBuffer(output);
while (*input && *input != '=')
{
/*
* If user name isn't quoted, then just add it to the output
* buffer
*/
if (*input != '"')
appendPQExpBufferChar(output, *input++);
else
{
/* Otherwise, it's a quoted username */
input++;
/* Loop until we come across an unescaped quote */
while (!(*input == '"' && *(input + 1) != '"'))
{
if (*input == '\0')
return input; /* really a syntax error... */
/*
* Quoting convention is to escape " as "". Keep this
* code in sync with putid() in backend's acl.c.
*/
if (*input == '"' && *(input + 1) == '"')
input++;
appendPQExpBufferChar(output, *input++);
}
input++;
}
}
return input;
}
/*
* Append a privilege keyword to a keyword list, inserting comma if needed.
*/
static void
AddAcl(PQExpBuffer aclbuf, const char *keyword)
{
if (aclbuf->len > 0)
appendPQExpBufferChar(aclbuf, ',');
appendPQExpBuffer(aclbuf, "%s", keyword);
}
Reference in New Issue View Git Blame Copy Permalink