sharpetronics/PostgreSQL
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-05-31 00:01:57 -04:00
Code Issues Projects Releases Wiki Activity

Repair problems with omitted password and VALID UNTIL

Browse Source 
parameters in CREATE USER.
This commit is contained in:
Tom Lane 1999-04-02 06:16:36 +00:00
parent f620241d73
commit 97c52abcc5
1 changed files with 37 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/backend/commands/user.c
View File

@ -5,7 +5,7 @@
* *
* Copyright (c) 1994, Regents of the University of California * Copyright (c) 1994, Regents of the University of California
* *
* $Id: user.c,v 1.26 1999/03/16 04:25:45 momjian Exp $ * $Id: user.c,v 1.27 1999/04/02 06:16:36 tgl Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -94,7 +94,6 @@ UpdatePgPwdFile(char *sql, CommandDest dest)
void void
DefineUser(CreateUserStmt *stmt, CommandDest dest) DefineUser(CreateUserStmt *stmt, CommandDest dest)
{ {
char *pg_shadow, char *pg_shadow,
sql[SQL_LENGTH]; sql[SQL_LENGTH];
Relation pg_shadow_rel; Relation pg_shadow_rel;
@ -104,10 +103,15 @@ DefineUser(CreateUserStmt *stmt, CommandDest dest)
Datum datum; Datum datum;
bool exists = false, bool exists = false,
n, n,
inblock; inblock,
havepassword,
havevaluntil;
int max_id = -1; int max_id = -1;
if (stmt->password) havepassword = stmt->password && stmt->password[0];
havevaluntil = stmt->validUntil && stmt->validUntil[0];
if (havepassword)
CheckPgUserAclNotNull(); CheckPgUserAclNotNull();
if (!(inblock = IsTransactionBlock())) if (!(inblock = IsTransactionBlock()))
BeginTransactionBlock(); BeginTransactionBlock();
@ -163,18 +167,31 @@ DefineUser(CreateUserStmt *stmt, CommandDest dest)
} }
/* /*
* Build the insert statment to be executed. * Build the insert statement to be executed.
*
* XXX Ugly as this code is, it still fails to cope with ' or \
* in any of the provided strings.
*/ */
snprintf(sql, SQL_LENGTH, snprintf(sql, SQL_LENGTH,
"insert into %s(usename,usesysid,usecreatedb,usetrace,usesuper," "insert into %s (usename,usesysid,usecreatedb,usetrace,"
"usecatupd,passwd,valuntil) values('%s',%d%s%s,'%s','%s')", "usesuper,usecatupd,passwd,valuntil) "
"values('%s',%d,'%c','t','%c','t',%s%s%s,%s%s%s)",
ShadowRelationName, ShadowRelationName,
stmt->user, max_id + 1, stmt->user,
(stmt->createdb && *stmt->createdb) ? ",'t','t'" : ",'f','t'", max_id + 1,
(stmt->createuser && *stmt->createuser) ? ",'t','t'" : ",'f','t'", (stmt->createdb && *stmt->createdb) ? 't' : 'f',
stmt->password ? stmt->password : "''", (stmt->createuser && *stmt->createuser) ? 't' : 'f',
stmt->validUntil ? stmt->validUntil : ""); havepassword ? "'" : "",
havepassword ? stmt->password : "NULL",
havepassword ? "'" : "",
havevaluntil ? "'" : "",
havevaluntil ? stmt->validUntil : "NULL",
havevaluntil ? "'" : "");
/*
* XXX If insert fails, say because a bogus valuntil date is given,
* need to catch the resulting error and undo our transaction.
*/
pg_exec_query_dest(sql, dest, false); pg_exec_query_dest(sql, dest, false);
/* /*