Fix handling of default option values in createuser

Add description of which one is the default between two complementary
options of --bypassrls and --replication in the help text and docs. In
correspondence let the command always include the tokens corresponding
to every options of that kind in the SQL command sent to server. Tests
are updated accordingly.

Also fix the checks of some trivalue vars which were using literal zero
for checking default value instead of the enum label TRI_DEFAULT. While
not a bug, since TRI_DEFAULT is defined as zero, fixing improves read-
ability improved readability (and avoid bugs if the enum is changed).

Author: Kyotaro Horiguchi <horikyota.ntt@gmail.com>
Discussion: https://postgr.es/m/20220810.151243.1073197628358749087.horikyota.ntt@gmail.com

diff --git a/doc/src/sgml/ref/createuser.sgml b/doc/src/sgml/ref/createuser.sgml
index e3af87f71bff15aa89ddbc56fc8878b5f051ff8d..0e19da90d38d108af08216b66ac5932d248637f9 100644 (file)
--- a/doc/src/sgml/ref/createuser.sgml
+++ b/doc/src/sgml/ref/createuser.sgml
@@ -348,7 +348,7 @@ PostgreSQL documentation
        <para>
         The new user will not have the <literal>REPLICATION</literal>
         privilege, which is described more fully in the documentation for <xref
-        linkend="sql-createrole"/>.
+        linkend="sql-createrole"/>.  This is the default.
        </para>
       </listitem>
      </varlistentry>

diff --git a/src/bin/scripts/createuser.c b/src/bin/scripts/createuser.c
index 3a1825e61fe8ba97fce3764d9739e5992bf01513..3f58759aa2c974c39a17b16dd2cfd031829f76b1 100644 (file)
--- a/src/bin/scripts/createuser.c
+++ b/src/bin/scripts/createuser.c
@@ -239,7 +239,7 @@ main(int argc, char *argv[])
        free(pw2);
    }
 
-   if (superuser == 0)
+   if (superuser == TRI_DEFAULT)
    {
        if (interactive && yesno_prompt("Shall the new role be a superuser?"))
            superuser = TRI_YES;
@@ -254,7 +254,7 @@ main(int argc, char *argv[])
        createrole = TRI_YES;
    }
 
-   if (createdb == 0)
+   if (createdb == TRI_DEFAULT)
    {
        if (interactive && yesno_prompt("Shall the new role be allowed to create databases?"))
            createdb = TRI_YES;
@@ -262,7 +262,7 @@ main(int argc, char *argv[])
            createdb = TRI_NO;
    }
 
-   if (createrole == 0)
+   if (createrole == TRI_DEFAULT)
    {
        if (interactive && yesno_prompt("Shall the new role be allowed to create more new roles?"))
            createrole = TRI_YES;
@@ -270,10 +270,16 @@ main(int argc, char *argv[])
            createrole = TRI_NO;
    }
 
-   if (inherit == 0)
+   if (bypassrls == TRI_DEFAULT)
+       bypassrls = TRI_NO;
+
+   if (replication == TRI_DEFAULT)
+       replication = TRI_NO;
+
+   if (inherit == TRI_DEFAULT)
        inherit = TRI_YES;
 
-   if (login == 0)
+   if (login == TRI_DEFAULT)
        login = TRI_YES;
 
    cparams.dbname = NULL;      /* this program lacks any dbname option... */
@@ -432,9 +438,10 @@ help(const char *progname)
    printf(_("  --interactive             prompt for missing role name and attributes rather\n"
             "                            than using defaults\n"));
    printf(_("  --bypassrls               role can bypass row-level security (RLS) policy\n"));
-   printf(_("  --no-bypassrls            role cannot bypass row-level security (RLS) policy\n"));
+   printf(_("  --no-bypassrls            role cannot bypass row-level security (RLS) policy\n"
+            "                            (default)\n"));
    printf(_("  --replication             role can initiate replication\n"));
-   printf(_("  --no-replication          role cannot initiate replication\n"));
+   printf(_("  --no-replication          role cannot initiate replication (default)\n"));
    printf(_("  -?, --help                show this help, then exit\n"));
    printf(_("\nConnection options:\n"));
    printf(_("  -h, --host=HOSTNAME       database server host or socket directory\n"));

diff --git a/src/bin/scripts/t/040_createuser.pl b/src/bin/scripts/t/040_createuser.pl
index 03830120fd11b98fd4a51380419a0ce261beab89..d60cae4f5833274384eb989a93e5e4699a5196b4 100644 (file)
--- a/src/bin/scripts/t/040_createuser.pl
+++ b/src/bin/scripts/t/040_createuser.pl
@@ -18,19 +18,19 @@ $node->start;
 
 $node->issues_sql_like(
    [ 'createuser', 'regress_user1' ],
-   qr/statement: CREATE ROLE regress_user1 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;/,
+   qr/statement: CREATE ROLE regress_user1 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS;/,
    'SQL CREATE USER run');
 $node->issues_sql_like(
    [ 'createuser', '-L', 'regress_role1' ],
-   qr/statement: CREATE ROLE regress_role1 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT NOLOGIN;/,
+   qr/statement: CREATE ROLE regress_role1 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT NOLOGIN NOREPLICATION NOBYPASSRLS;/,
    'create a non-login role');
 $node->issues_sql_like(
    [ 'createuser', '-r', 'regress user2' ],
-   qr/statement: CREATE ROLE "regress user2" NOSUPERUSER NOCREATEDB CREATEROLE INHERIT LOGIN;/,
+   qr/statement: CREATE ROLE "regress user2" NOSUPERUSER NOCREATEDB CREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS;/,
    'create a CREATEROLE user');
 $node->issues_sql_like(
    [ 'createuser', '-s', 'regress_user3' ],
-   qr/statement: CREATE ROLE regress_user3 SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN;/,
+   qr/statement: CREATE ROLE regress_user3 SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS;/,
    'create a superuser');
 $node->issues_sql_like(
    [
@@ -38,7 +38,7 @@ $node->issues_sql_like(
        'regress_user1', '-a',
        'regress user2', 'regress user #4'
    ],
-   qr/statement: CREATE ROLE "regress user #4" NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN ADMIN regress_user1,"regress user2";/,
+   qr/statement: CREATE ROLE "regress user #4" NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS ADMIN regress_user1,"regress user2";/,
    'add a role as a member with admin option of the newly created role');
 $node->issues_sql_like(
    [
@@ -46,19 +46,19 @@ $node->issues_sql_like(
        'regress_user3',   '-m',
        'regress user #4', 'REGRESS_USER5'
    ],
-   qr/statement: CREATE ROLE "REGRESS_USER5" NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN ROLE regress_user3,"regress user #4";/,
+   qr/statement: CREATE ROLE "REGRESS_USER5" NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS ROLE regress_user3,"regress user #4";/,
    'add a role as a member of the newly created role');
 $node->issues_sql_like(
    [ 'createuser', '-v', '2029 12 31', 'regress_user6' ],
-   qr/statement: CREATE ROLE regress_user6 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN VALID UNTIL \'2029 12 31\';/,
+   qr/statement: CREATE ROLE regress_user6 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS VALID UNTIL \'2029 12 31\';/,
    'create a role with a password expiration date');
 $node->issues_sql_like(
    [ 'createuser', '--bypassrls', 'regress_user7' ],
-   qr/statement: CREATE ROLE regress_user7 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN BYPASSRLS;/,
+   qr/statement: CREATE ROLE regress_user7 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN NOREPLICATION BYPASSRLS;/,
    'create a BYPASSRLS role');
 $node->issues_sql_like(
    [ 'createuser', '--no-bypassrls', 'regress_user8' ],
-   qr/statement: CREATE ROLE regress_user8 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN NOBYPASSRLS;/,
+   qr/statement: CREATE ROLE regress_user8 NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS;/,
    'create a role without BYPASSRLS');
 
 $node->command_fails([ 'createuser', 'regress_user1' ],