Tweak pg_dumpall to add GRANT CONNECT ON DATABASE ... TO PUBLIC when dumping

tglsfdc · tglsfdc · commit 2ee56b6a3ab8 · 2007-01-04T17:49:37.000Z
database privileges from a pre-8.2 server.  This ensures that the reloaded
database will maintain the same behavior it had in the previous installation,
ie, everybody has connect privilege.  Per gripe from L Bayuk.
diff --git a/src/bin/pg_dump/dumputils.c b/src/bin/pg_dump/dumputils.c
@@ -8,7 +8,7 @@
  * Portions Copyright (c) 1996-2006, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $PostgreSQL: pgsql/src/bin/pg_dump/dumputils.c,v 1.33 2006/10/09 23:30:33 tgl Exp $
+ * $PostgreSQL: pgsql/src/bin/pg_dump/dumputils.c,v 1.34 2007/01/04 17:49:37 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -438,6 +438,20 @@ buildACLCommands(const char *name, const char *type,
 	appendPQExpBuffer(firstsql, "REVOKE ALL ON %s %s FROM PUBLIC;\n",
 					  type, name);
 
+	/*
+	 * We still need some hacking though to cover the case where new default
+	 * public privileges are added in new versions: the REVOKE ALL will revoke
+	 * them, leading to behavior different from what the old version had,
+	 * which is generally not what's wanted.  So add back default privs if
+	 * the source database is too old to have had that particular priv.
+	 */
+	if (remoteVersion < 80200 && strcmp(type, "DATABASE") == 0)
+	{
+		/* database CONNECT priv didn't exist before 8.2 */
+		appendPQExpBuffer(firstsql, "GRANT CONNECT ON %s %s TO PUBLIC;\n",
+						  type, name);
+	}
+
 	/* Scan individual ACL items */
 	for (i = 0; i < naclitems; i++)
 	{
