1 /*-------------------------------------------------------------------------
5 * Portions Copyright (c) 1996-2009, PostgreSQL Global Development Group
6 * Portions Copyright (c) 1994, Regents of the University of California
10 *-------------------------------------------------------------------------
13 #include "postgres_fe.h"
15 #include "dumputils.h"
18 static void help(const char *progname
);
28 main(int argc
, char *argv
[])
30 static struct option long_options
[] = {
31 {"host", required_argument
, NULL
, 'h'},
32 {"port", required_argument
, NULL
, 'p'},
33 {"username", required_argument
, NULL
, 'U'},
34 {"password", no_argument
, NULL
, 'W'},
35 {"echo", no_argument
, NULL
, 'e'},
36 {"quiet", no_argument
, NULL
, 'q'},
37 {"createdb", no_argument
, NULL
, 'd'},
38 {"no-createdb", no_argument
, NULL
, 'D'},
39 {"superuser", no_argument
, NULL
, 's'},
40 {"no-superuser", no_argument
, NULL
, 'S'},
41 {"createrole", no_argument
, NULL
, 'r'},
42 {"no-createrole", no_argument
, NULL
, 'R'},
43 {"inherit", no_argument
, NULL
, 'i'},
44 {"no-inherit", no_argument
, NULL
, 'I'},
45 {"login", no_argument
, NULL
, 'l'},
46 {"no-login", no_argument
, NULL
, 'L'},
47 /* adduser is obsolete, undocumented spelling of superuser */
48 {"adduser", no_argument
, NULL
, 'a'},
49 {"no-adduser", no_argument
, NULL
, 'A'},
50 {"connection-limit", required_argument
, NULL
, 'c'},
51 {"pwprompt", no_argument
, NULL
, 'P'},
52 {"encrypted", no_argument
, NULL
, 'E'},
53 {"unencrypted", no_argument
, NULL
, 'N'},
63 char *username
= NULL
;
64 bool password
= false;
66 char *conn_limit
= NULL
;
67 bool pwprompt
= false;
68 char *newpassword
= NULL
;
70 /* Tri-valued variables. */
71 enum trivalue createdb
= TRI_DEFAULT
,
72 superuser
= TRI_DEFAULT
,
73 createrole
= TRI_DEFAULT
,
74 inherit
= TRI_DEFAULT
,
76 encrypted
= TRI_DEFAULT
;
83 progname
= get_progname(argv
[0]);
84 set_pglocale_pgservice(argv
[0], PG_TEXTDOMAIN("pgscripts"));
86 handle_help_version_opts(argc
, argv
, "createuser", help
);
88 while ((c
= getopt_long(argc
, argv
, "h:p:U:WeqdDsSaArRiIlLc:PEN",
89 long_options
, &optindex
)) != -1)
109 /* obsolete; remove in 8.4 */
126 createrole
= TRI_YES
;
156 fprintf(stderr
, _("Try \"%s --help\" for more information.\n"), progname
);
161 switch (argc
- optind
)
166 newuser
= argv
[optind
];
169 fprintf(stderr
, _("%s: too many command-line arguments (first is \"%s\")\n"),
170 progname
, argv
[optind
+ 1]);
171 fprintf(stderr
, _("Try \"%s --help\" for more information.\n"), progname
);
176 newuser
= simple_prompt("Enter name of role to add: ", 128, true);
183 pw1
= simple_prompt("Enter password for new role: ", 100, false);
184 pw2
= simple_prompt("Enter it again: ", 100, false);
185 if (strcmp(pw1
, pw2
) != 0)
187 fprintf(stderr
, _("Passwords didn't match.\n"));
196 if (yesno_prompt("Shall the new role be a superuser?"))
202 if (superuser
== TRI_YES
)
204 /* Not much point in trying to restrict a superuser */
206 createrole
= TRI_YES
;
211 if (yesno_prompt("Shall the new role be allowed to create databases?"))
219 if (yesno_prompt("Shall the new role be allowed to create more new roles?"))
220 createrole
= TRI_YES
;
231 conn
= connectDatabase("postgres", host
, port
, username
, password
, progname
);
233 initPQExpBuffer(&sql
);
235 printfPQExpBuffer(&sql
, "CREATE ROLE %s", fmtId(newuser
));
238 if (encrypted
== TRI_YES
)
239 appendPQExpBuffer(&sql
, " ENCRYPTED");
240 if (encrypted
== TRI_NO
)
241 appendPQExpBuffer(&sql
, " UNENCRYPTED");
242 appendPQExpBuffer(&sql
, " PASSWORD ");
244 if (encrypted
!= TRI_NO
)
246 char *encrypted_password
;
248 encrypted_password
= PQencryptPassword(newpassword
,
250 if (!encrypted_password
)
252 fprintf(stderr
, _("Password encryption failed.\n"));
255 appendStringLiteralConn(&sql
, encrypted_password
, conn
);
256 PQfreemem(encrypted_password
);
259 appendStringLiteralConn(&sql
, newpassword
, conn
);
261 if (superuser
== TRI_YES
)
262 appendPQExpBuffer(&sql
, " SUPERUSER");
263 if (superuser
== TRI_NO
)
264 appendPQExpBuffer(&sql
, " NOSUPERUSER");
265 if (createdb
== TRI_YES
)
266 appendPQExpBuffer(&sql
, " CREATEDB");
267 if (createdb
== TRI_NO
)
268 appendPQExpBuffer(&sql
, " NOCREATEDB");
269 if (createrole
== TRI_YES
)
270 appendPQExpBuffer(&sql
, " CREATEROLE");
271 if (createrole
== TRI_NO
)
272 appendPQExpBuffer(&sql
, " NOCREATEROLE");
273 if (inherit
== TRI_YES
)
274 appendPQExpBuffer(&sql
, " INHERIT");
275 if (inherit
== TRI_NO
)
276 appendPQExpBuffer(&sql
, " NOINHERIT");
277 if (login
== TRI_YES
)
278 appendPQExpBuffer(&sql
, " LOGIN");
280 appendPQExpBuffer(&sql
, " NOLOGIN");
281 if (conn_limit
!= NULL
)
282 appendPQExpBuffer(&sql
, " CONNECTION LIMIT %s", conn_limit
);
283 appendPQExpBuffer(&sql
, ";\n");
286 printf("%s", sql
.data
);
287 result
= PQexec(conn
, sql
.data
);
289 if (PQresultStatus(result
) != PGRES_COMMAND_OK
)
291 fprintf(stderr
, _("%s: creation of new role failed: %s"),
292 progname
, PQerrorMessage(conn
));
304 help(const char *progname
)
306 printf(_("%s creates a new PostgreSQL role.\n\n"), progname
);
307 printf(_("Usage:\n"));
308 printf(_(" %s [OPTION]... [ROLENAME]\n"), progname
);
309 printf(_("\nOptions:\n"));
310 printf(_(" -c, --connection-limit=N connection limit for role (default: no limit)\n"));
311 printf(_(" -d, --createdb role can create new databases\n"));
312 printf(_(" -D, --no-createdb role cannot create databases\n"));
313 printf(_(" -e, --echo show the commands being sent to the server\n"));
314 printf(_(" -E, --encrypted encrypt stored password\n"));
315 printf(_(" -i, --inherit role inherits privileges of roles it is a\n"
316 " member of (default)\n"));
317 printf(_(" -I, --no-inherit role does not inherit privileges\n"));
318 printf(_(" -l, --login role can login (default)\n"));
319 printf(_(" -L, --no-login role cannot login\n"));
320 printf(_(" -N, --unencrypted do not encrypt stored password\n"));
321 printf(_(" -P, --pwprompt assign a password to new role\n"));
322 printf(_(" -r, --createrole role can create new roles\n"));
323 printf(_(" -R, --no-createrole role cannot create roles\n"));
324 printf(_(" -s, --superuser role will be superuser\n"));
325 printf(_(" -S, --no-superuser role will not be superuser\n"));
326 printf(_(" --help show this help, then exit\n"));
327 printf(_(" --version output version information, then exit\n"));
328 printf(_("\nConnection options:\n"));
329 printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
330 printf(_(" -p, --port=PORT database server port\n"));
331 printf(_(" -U, --username=USERNAME user name to connect as (not the one to create)\n"));
332 printf(_(" -W, --password force password prompt\n"));
333 printf(_("\nIf one of -d, -D, -r, -R, -s, -S, and ROLENAME is not specified, you will\n"
334 "be prompted interactively.\n"));
335 printf(_("\nReport bugs to <pgsql-bugs@postgresql.org>.\n"));