github/repmgr
1
0
Fork 0
mirror of https://github.com/EnterpriseDB/repmgr.git synced 2026-03-25 16:16:29 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Consolidate role availability checking code

Browse Source
This commit is contained in:
Ian Barwick
2020-09-01 14:37:33 +09:00
parent 8d57d7e001
commit 1f7ac843fd
4 changed files with 2 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
dbutils.c
View File

@@ -1858,51 +1858,6 @@ can_execute_pg_promote(PGconn *conn)
} }
bool
connection_has_pg_settings(PGconn *conn)
{
bool has_pg_settings = false;
/* superusers can always read pg_settings */
if (is_superuser_connection(conn, NULL) == true)
{
has_pg_settings = true;
}
/* from PostgreSQL 10, a non-superuser may have been granted access */
else if (PQserverVersion(conn) >= 100000)
{
PQExpBufferData query;
PGresult *res;
initPQExpBuffer(&query);
appendPQExpBufferStr(&query,
" SELECT CASE "
" WHEN pg_catalog.pg_has_role('pg_monitor','MEMBER') "
" THEN TRUE "
" WHEN pg_catalog.pg_has_role('pg_read_all_settings','MEMBER') "
" THEN TRUE "
" ELSE FALSE "
" END AS has_pg_settings");
res = PQexec(conn, query.data);
if (PQresultStatus(res) != PGRES_TUPLES_OK)
{
log_db_error(conn, query.data,
_("connection_has_pg_settings(): unable to query user roles"));
}
else
{
has_pg_settings = atobool(PQgetvalue(res, 0, 0));
}
termPQExpBuffer(&query);
PQclear(res);
}
return has_pg_settings;
}
/* /*
* Determine if the user associated with the current connection is * Determine if the user associated with the current connection is
* a member of the "pg_monitor" default role, or optionally one * a member of the "pg_monitor" default role, or optionally one

1
dbutils.h
View File

@@ -453,7 +453,6 @@ TimeLineHistoryEntry *get_timeline_history(PGconn *repl_conn, TimeLineID tli);
/* user/role information functions */ /* user/role information functions */
bool can_execute_pg_promote(PGconn *conn); bool can_execute_pg_promote(PGconn *conn);
bool connection_has_pg_settings(PGconn *conn);
bool connection_has_pg_monitor_role(PGconn *conn, const char *subrole); bool connection_has_pg_monitor_role(PGconn *conn, const char *subrole);
bool is_replication_role(PGconn *conn, char *rolname); bool is_replication_role(PGconn *conn, char *rolname);
bool is_superuser_connection(PGconn *conn, t_connection_user *userinfo); bool is_superuser_connection(PGconn *conn, t_connection_user *userinfo);

2
repmgr-action-node.c
View File

@@ -2045,7 +2045,7 @@ do_node_check_data_directory(PGconn *conn, OutputMode mode, t_node_info *node_in
* Check actual data directory matches that in repmgr.conf; note this requires * Check actual data directory matches that in repmgr.conf; note this requires
* a superuser connection * a superuser connection
*/ */
if (connection_has_pg_settings(conn) == true) if (connection_has_pg_monitor_role(conn, "pg_read_all_settings") == true)
{ {
/* we expect to have a database connection */ /* we expect to have a database connection */
if (get_pg_setting(conn, "data_directory", actual_data_directory) == false) if (get_pg_setting(conn, "data_directory", actual_data_directory) == false)

2
repmgr-action-standby.c
View File

@@ -5784,7 +5784,7 @@ check_source_server()
* This will check if the user is superuser or (from Pg10) is a member * This will check if the user is superuser or (from Pg10) is a member
* of "pg_read_all_settings"/"pg_monitor" * of "pg_read_all_settings"/"pg_monitor"
*/ */
if (connection_has_pg_settings(source_conn)) if (connection_has_pg_monitor_role(source_conn, "pg_read_all_settings") == true)
{ {
SettingsUser = REPMGR_USER; SettingsUser = REPMGR_USER;
} }