Hi,
Thanks to the developers and reviewers.
The attached small patch fixes the message in "createuser --help" command. The patch has changed to specify a time
stampfor the --valid-for option. I don't think the SGML description needs to be modified.
Regards,
Noriyoshi Shinoda
-----Original Message-----
From: Michael Paquier <michael@paquier.xyz>
Sent: Wednesday, July 13, 2022 12:25 PM
To: Kyotaro Horiguchi <horikyota.ntt@gmail.com>
Cc: Shinya11.Kato@oss.nttdata.com; nathandbossart@gmail.com; przemyslaw@sztoch.pl; david.g.johnston@gmail.com;
robertmhaas@gmail.com;daniel@yesql.se; pgsql-hackers@postgresql.org
Subject: Re: Add --{no-,}bypassrls flags to createuser
On Thu, May 26, 2022 at 04:47:46PM +0900, Kyotaro Horiguchi wrote:
> FWIW, the "fancy" here causes me to think about something likely to
> cause syntax breakage of the query to be sent.
>
> createuser -a 'user"1' -a 'user"2' 'user"3'
> createuser -v "2023-1-1'; DROP TABLE public.x; select '" hoge
That would be mostly using spaces here, to make sure that quoting is correctly applied.
> BUT, thses should be prevented by the functions enumerated above. So,
> I don't think we need them.
Mostly. For example, the test for --valid-until can use a timestamp with spaces to validate the use of
appendStringLiteralConn(). A second thing is that --member was checked, but not --admin, so I have renamed
regress_user2to "regress user2" for that to apply a maximum of coverage, and applied the patch.
One thing that I found annoying is that this made the list of options of createuser much harder to follow. That's not
somethingcaused by this patch as many options have accumulated across the years and there is a kind pattern where the
connectionoptions were listed first, but I have cleaned up that while on it. A second area where this could be done is
createdb,as it could be easily expanded if the backend query gains support for more stuff, but that can happen when it
makesmore sense.
--
Michael
