Skip to content

Commit a9e9abe

Browse files
tglsfdctglsfdc
committed
Issue CREATE SCHEMA as the originally connecting user, with an
AUTHORIZATION clause to specify the desired owner. This allows a superuser to restore schemas owned by users without CREATE-SCHEMA permissions (ie, schemas originally created by a superuser using AUTHORIZATION). --no-owner can be specified to suppress the AUTHORIZATION clause if need be.
1 parent 6767ceb commit a9e9abe

File tree

2 files changed

+40
-28
lines changed

2 files changed

+40
-28
lines changed

src/bin/pg_dump/pg_backup_archiver.c

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
*
1616
*
1717
* IDENTIFICATION
18-
* $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_archiver.c,v 1.76 2003/09/23 22:48:53 tgl Exp $
18+
* $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_archiver.c,v 1.77 2003/09/23 23:31:52 tgl Exp $
1919
*
2020
*-------------------------------------------------------------------------
2121
*/
@@ -2211,8 +2211,21 @@ _printTocEntry(ArchiveHandle *AH, TocEntry *te, RestoreOptions *ropt, bool isDat
22112211
(*AH->PrintExtraTocPtr) (AH, te);
22122212
ahprintf(AH, "--\n\n");
22132213

2214-
if (strlen(te->defn) > 0)
2215-
ahprintf(AH, "%s\n\n", te->defn);
2214+
/*
2215+
* Really crude hack for suppressing AUTHORIZATION clause of CREATE SCHEMA
2216+
* when --no-owner mode is selected. This is ugly, but I see no other
2217+
* good way ...
2218+
*/
2219+
if (AH->ropt && AH->ropt->noOwner && strcmp(te->desc, "SCHEMA") == 0)
2220+
{
2221+
ahprintf(AH, "CREATE SCHEMA %s;\n\n\n", te->tag);
2222+
}
2223+
else
2224+
{
2225+
/* normal case */
2226+
if (strlen(te->defn) > 0)
2227+
ahprintf(AH, "%s\n\n", te->defn);
2228+
}
22162229

22172230
return 1;
22182231
}

src/bin/pg_dump/pg_dump.c

Lines changed: 24 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
* by PostgreSQL
1313
*
1414
* IDENTIFICATION
15-
* $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_dump.c,v 1.349 2003/09/23 22:48:53 tgl Exp $
15+
* $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_dump.c,v 1.350 2003/09/23 23:31:52 tgl Exp $
1616
*
1717
*-------------------------------------------------------------------------
1818
*/
@@ -2879,42 +2879,41 @@ dumpNamespaces(Archive *fout, NamespaceInfo *nsinfo, int numNamespaces)
28792879
/*
28802880
* If it's the PUBLIC namespace, don't emit a CREATE SCHEMA record
28812881
* for it, since we expect PUBLIC to exist already in the
2882-
* destination database. And emit ACL info only if the ACL isn't
2883-
* the standard value for PUBLIC.
2882+
* destination database. But do emit ACL in case it's not standard,
2883+
* likewise comment.
2884+
*
2885+
* Note that ownership is shown in the AUTHORIZATION clause,
2886+
* while the archive entry is listed with empty owner (causing
2887+
* it to be emitted with SET SESSION AUTHORIZATION DEFAULT).
2888+
* This seems the best way of dealing with schemas owned by
2889+
* users without CREATE SCHEMA privilege. Further hacking has
2890+
* to be applied for --no-owner mode, though!
28842891
*/
2885-
if (strcmp(nspinfo->nspname, "public") == 0)
2886-
{
2887-
if (!aclsSkip && strcmp(nspinfo->nspacl, "{=UC}") != 0)
2888-
dumpACL(fout, "SCHEMA", qnspname, nspinfo->nspname, NULL,
2889-
nspinfo->usename, nspinfo->nspacl,
2890-
nspinfo->oid);
2891-
}
2892-
else
2892+
if (strcmp(nspinfo->nspname, "public") != 0)
28932893
{
28942894
resetPQExpBuffer(q);
28952895
resetPQExpBuffer(delq);
28962896

28972897
appendPQExpBuffer(delq, "DROP SCHEMA %s;\n", qnspname);
28982898

2899-
appendPQExpBuffer(q, "CREATE SCHEMA %s;\n", qnspname);
2899+
appendPQExpBuffer(q, "CREATE SCHEMA %s AUTHORIZATION %s;\n",
2900+
qnspname, fmtId(nspinfo->usename));
29002901

29012902
ArchiveEntry(fout, nspinfo->oid, nspinfo->nspname,
2902-
NULL,
2903-
nspinfo->usename, "SCHEMA", NULL,
2903+
NULL, "", "SCHEMA", NULL,
29042904
q->data, delq->data, NULL, NULL, NULL);
2905+
}
29052906

2906-
/* Dump Schema Comments */
2907-
resetPQExpBuffer(q);
2908-
appendPQExpBuffer(q, "SCHEMA %s", qnspname);
2909-
dumpComment(fout, q->data,
2910-
NULL, nspinfo->usename,
2911-
nspinfo->oid, "pg_namespace", 0, NULL);
2907+
/* Dump Schema Comments */
2908+
resetPQExpBuffer(q);
2909+
appendPQExpBuffer(q, "SCHEMA %s", qnspname);
2910+
dumpComment(fout, q->data,
2911+
NULL, nspinfo->usename,
2912+
nspinfo->oid, "pg_namespace", 0, NULL);
29122913

2913-
if (!aclsSkip)
2914-
dumpACL(fout, "SCHEMA", qnspname, nspinfo->nspname, NULL,
2915-
nspinfo->usename, nspinfo->nspacl,
2916-
nspinfo->oid);
2917-
}
2914+
dumpACL(fout, "SCHEMA", qnspname, nspinfo->nspname, NULL,
2915+
nspinfo->usename, nspinfo->nspacl,
2916+
nspinfo->oid);
29182917

29192918
free(qnspname);
29202919
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy