1
/*-------------------------------------------------------------------------
5
* Portions Copyright (c) 1996-2009, PostgreSQL Global Development Group
6
* Portions Copyright (c) 1994, Regents of the University of California
10
*-------------------------------------------------------------------------
13
#include "postgres_fe.h"
15
#include "dumputils.h"
18
static void help(const char *progname);
21
main(int argc, char *argv[])
23
static struct option long_options[] = {
24
{"host", required_argument, NULL, 'h'},
25
{"port", required_argument, NULL, 'p'},
26
{"username", required_argument, NULL, 'U'},
27
{"no-password", no_argument, NULL, 'w'},
28
{"password", no_argument, NULL, 'W'},
29
{"echo", no_argument, NULL, 'e'},
30
{"createdb", no_argument, NULL, 'd'},
31
{"no-createdb", no_argument, NULL, 'D'},
32
{"superuser", no_argument, NULL, 's'},
33
{"no-superuser", no_argument, NULL, 'S'},
34
{"createrole", no_argument, NULL, 'r'},
35
{"no-createrole", no_argument, NULL, 'R'},
36
{"inherit", no_argument, NULL, 'i'},
37
{"no-inherit", no_argument, NULL, 'I'},
38
{"login", no_argument, NULL, 'l'},
39
{"no-login", no_argument, NULL, 'L'},
40
/* adduser is obsolete, undocumented spelling of superuser */
41
{"adduser", no_argument, NULL, 'a'},
42
{"no-adduser", no_argument, NULL, 'A'},
43
{"connection-limit", required_argument, NULL, 'c'},
44
{"pwprompt", no_argument, NULL, 'P'},
45
{"encrypted", no_argument, NULL, 'E'},
46
{"unencrypted", no_argument, NULL, 'N'},
56
char *username = NULL;
57
enum trivalue prompt_password = TRI_DEFAULT;
59
char *conn_limit = NULL;
60
bool pwprompt = false;
61
char *newpassword = NULL;
63
/* Tri-valued variables. */
64
enum trivalue createdb = TRI_DEFAULT,
65
superuser = TRI_DEFAULT,
66
createrole = TRI_DEFAULT,
67
inherit = TRI_DEFAULT,
69
encrypted = TRI_DEFAULT;
76
progname = get_progname(argv[0]);
77
set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("pgscripts"));
79
handle_help_version_opts(argc, argv, "createuser", help);
81
while ((c = getopt_long(argc, argv, "h:p:U:wWedDsSaArRiIlLc:PEN",
82
long_options, &optindex)) != -1)
96
prompt_password = TRI_NO;
99
prompt_password = TRI_YES;
119
createrole = TRI_YES;
149
fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname);
154
switch (argc - optind)
159
newuser = argv[optind];
162
fprintf(stderr, _("%s: too many command-line arguments (first is \"%s\")\n"),
163
progname, argv[optind + 1]);
164
fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname);
169
newuser = simple_prompt("Enter name of role to add: ", 128, true);
176
pw1 = simple_prompt("Enter password for new role: ", 100, false);
177
pw2 = simple_prompt("Enter it again: ", 100, false);
178
if (strcmp(pw1, pw2) != 0)
180
fprintf(stderr, _("Passwords didn't match.\n"));
189
if (yesno_prompt("Shall the new role be a superuser?"))
195
if (superuser == TRI_YES)
197
/* Not much point in trying to restrict a superuser */
199
createrole = TRI_YES;
204
if (yesno_prompt("Shall the new role be allowed to create databases?"))
212
if (yesno_prompt("Shall the new role be allowed to create more new roles?"))
213
createrole = TRI_YES;
224
conn = connectDatabase("postgres", host, port, username, prompt_password, progname);
226
initPQExpBuffer(&sql);
228
printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));
231
if (encrypted == TRI_YES)
232
appendPQExpBuffer(&sql, " ENCRYPTED");
233
if (encrypted == TRI_NO)
234
appendPQExpBuffer(&sql, " UNENCRYPTED");
235
appendPQExpBuffer(&sql, " PASSWORD ");
237
if (encrypted != TRI_NO)
239
char *encrypted_password;
241
encrypted_password = PQencryptPassword(newpassword,
243
if (!encrypted_password)
245
fprintf(stderr, _("Password encryption failed.\n"));
248
appendStringLiteralConn(&sql, encrypted_password, conn);
249
PQfreemem(encrypted_password);
252
appendStringLiteralConn(&sql, newpassword, conn);
254
if (superuser == TRI_YES)
255
appendPQExpBuffer(&sql, " SUPERUSER");
256
if (superuser == TRI_NO)
257
appendPQExpBuffer(&sql, " NOSUPERUSER");
258
if (createdb == TRI_YES)
259
appendPQExpBuffer(&sql, " CREATEDB");
260
if (createdb == TRI_NO)
261
appendPQExpBuffer(&sql, " NOCREATEDB");
262
if (createrole == TRI_YES)
263
appendPQExpBuffer(&sql, " CREATEROLE");
264
if (createrole == TRI_NO)
265
appendPQExpBuffer(&sql, " NOCREATEROLE");
266
if (inherit == TRI_YES)
267
appendPQExpBuffer(&sql, " INHERIT");
268
if (inherit == TRI_NO)
269
appendPQExpBuffer(&sql, " NOINHERIT");
270
if (login == TRI_YES)
271
appendPQExpBuffer(&sql, " LOGIN");
273
appendPQExpBuffer(&sql, " NOLOGIN");
274
if (conn_limit != NULL)
275
appendPQExpBuffer(&sql, " CONNECTION LIMIT %s", conn_limit);
276
appendPQExpBuffer(&sql, ";\n");
279
printf("%s", sql.data);
280
result = PQexec(conn, sql.data);
282
if (PQresultStatus(result) != PGRES_COMMAND_OK)
284
fprintf(stderr, _("%s: creation of new role failed: %s"),
285
progname, PQerrorMessage(conn));
297
help(const char *progname)
299
printf(_("%s creates a new PostgreSQL role.\n\n"), progname);
300
printf(_("Usage:\n"));
301
printf(_(" %s [OPTION]... [ROLENAME]\n"), progname);
302
printf(_("\nOptions:\n"));
303
printf(_(" -c, --connection-limit=N connection limit for role (default: no limit)\n"));
304
printf(_(" -d, --createdb role can create new databases\n"));
305
printf(_(" -D, --no-createdb role cannot create databases\n"));
306
printf(_(" -e, --echo show the commands being sent to the server\n"));
307
printf(_(" -E, --encrypted encrypt stored password\n"));
308
printf(_(" -i, --inherit role inherits privileges of roles it is a\n"
309
" member of (default)\n"));
310
printf(_(" -I, --no-inherit role does not inherit privileges\n"));
311
printf(_(" -l, --login role can login (default)\n"));
312
printf(_(" -L, --no-login role cannot login\n"));
313
printf(_(" -N, --unencrypted do not encrypt stored password\n"));
314
printf(_(" -P, --pwprompt assign a password to new role\n"));
315
printf(_(" -r, --createrole role can create new roles\n"));
316
printf(_(" -R, --no-createrole role cannot create roles\n"));
317
printf(_(" -s, --superuser role will be superuser\n"));
318
printf(_(" -S, --no-superuser role will not be superuser\n"));
319
printf(_(" --help show this help, then exit\n"));
320
printf(_(" --version output version information, then exit\n"));
321
printf(_("\nConnection options:\n"));
322
printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
323
printf(_(" -p, --port=PORT database server port\n"));
324
printf(_(" -U, --username=USERNAME user name to connect as (not the one to create)\n"));
325
printf(_(" -w, --no-password never prompt for password\n"));
326
printf(_(" -W, --password force password prompt\n"));
327
printf(_("\nIf one of -d, -D, -r, -R, -s, -S, and ROLENAME is not specified, you will\n"
328
"be prompted interactively.\n"));
329
printf(_("\nReport bugs to <pgsql-bugs@postgresql.org>.\n"));