Hi, Thanks to the developers and reviewers. The attached small patch fixes the message in "createuser --help" command. The patch has changed to specify a time stamp for the --valid-for option. I don't think the SGML description needs to be modified.
Regards,
Noriyoshi Shinoda
-----Original Message-----
From: Michael Paquier <mich...@paquier.xyz>
Sent: Wednesday, July 13, 2022 12:25 PM
To: Kyotaro Horiguchi <horikyota....@gmail.com>
Cc: shinya11.k...@oss.nttdata.com; nathandboss...@gmail.com;
przemys...@sztoch.pl; david.g.johns...@gmail.com; robertmh...@gmail.com;
dan...@yesql.se; pgsql-hack...@postgresql.org
Subject: Re: Add --{no-,}bypassrls flags to createuser
On Thu, May 26, 2022 at 04:47:46PM +0900, Kyotaro Horiguchi wrote:
> FWIW, the "fancy" here causes me to think about something likely to
> cause syntax breakage of the query to be sent.
>
> createuser -a 'user"1' -a 'user"2' 'user"3'
> createuser -v "2023-1-1'; DROP TABLE public.x; select '" hoge
That would be mostly using spaces here, to make sure that quoting is correctly
applied.
> BUT, thses should be prevented by the functions enumerated above. So,
> I don't think we need them.
Mostly. For example, the test for --valid-until can use a timestamp with
spaces to validate the use of appendStringLiteralConn(). A second thing is
that --member was checked, but not --admin, so I have renamed regress_user2 to
"regress user2" for that to apply a maximum of coverage, and applied the patch.
One thing that I found annoying is that this made the list of options of
createuser much harder to follow. That's not something caused by this patch as
many options have accumulated across the years and there is a kind pattern
where the connection options were listed first, but I have cleaned up that
while on it. A second area where this could be done is createdb, as it could
be easily expanded if the backend query gains support for more stuff, but that
can happen when it makes more sense.
--
Michael
createuser_help_v1.diff
Description: createuser_help_v1.diff
