-
Notifications
You must be signed in to change notification settings - Fork 34
/
pg_background--1.3.sql
117 lines (104 loc) · 4.22 KB
/
pg_background--1.3.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
-- complain if script is sourced in psql, rather than via CREATE EXTENSION
\echo Use "CREATE EXTENSION pg_background" to load this file. \quit
DROP ROLE IF EXISTS pgbackground_role;
CREATE FUNCTION pg_background_launch(sql pg_catalog.text,
queue_size pg_catalog.int4 DEFAULT 65536)
RETURNS pg_catalog.int4 STRICT
AS 'MODULE_PATHNAME' LANGUAGE C;
CREATE FUNCTION pg_background_result(pid pg_catalog.int4)
RETURNS SETOF pg_catalog.record STRICT
AS 'MODULE_PATHNAME' LANGUAGE C;
CREATE FUNCTION pg_background_detach(pid pg_catalog.int4)
RETURNS pg_catalog.void STRICT
AS 'MODULE_PATHNAME' LANGUAGE C;
CREATE OR REPLACE FUNCTION grant_pg_background_privileges(
user_name TEXT,
print_commands BOOLEAN DEFAULT FALSE
)
RETURNS BOOLEAN
LANGUAGE plpgsql
SECURITY DEFINER
AS $function$
/*
* Description: Grants the necessary privileges to a role for
* using the pg_background extension.
*
* Arguments:
* user_name: The name of the role to grant privileges to.
* print_commands: If TRUE, prints the executed SQL commands.
*
* Returns:
* TRUE if successful, FALSE otherwise.
*/
BEGIN
-- Grant execute permissions on pg_background functions
EXECUTE format('GRANT EXECUTE ON FUNCTION pg_background_launch(pg_catalog.text, pg_catalog.int4) TO %I', user_name);
IF print_commands THEN
RAISE INFO 'Executed command: GRANT EXECUTE ON FUNCTION pg_background_launch(pg_catalog.text, pg_catalog.int4) TO %', user_name;
END IF;
EXECUTE format('GRANT EXECUTE ON FUNCTION pg_background_result(pg_catalog.int4) TO %I', user_name);
IF print_commands THEN
RAISE INFO 'Executed command: GRANT EXECUTE ON FUNCTION pg_background_result(pg_catalog.int4) TO %', user_name;
END IF;
EXECUTE format('GRANT EXECUTE ON FUNCTION pg_background_detach(pg_catalog.int4) TO %I', user_name);
IF print_commands THEN
RAISE INFO 'Executed command: GRANT EXECUTE ON FUNCTION pg_background_detach(pg_catalog.int4) TO %', user_name;
END IF;
RETURN TRUE;
EXCEPTION WHEN OTHERS THEN
RAISE NOTICE 'Error granting pg_background privileges to %: %', user_name, SQLERRM;
RETURN FALSE;
END;
$function$;
CREATE OR REPLACE FUNCTION revoke_pg_background_privileges(
user_name TEXT,
print_commands BOOLEAN DEFAULT FALSE
)
RETURNS BOOLEAN
LANGUAGE plpgsql
SECURITY DEFINER
AS $function$
/*
* Description: Revokes the privileges previously granted to a role for
* using the pg_background extension.
*
* Arguments:
* user_name: The name of the role to revoke privileges from.
* print_commands: If TRUE, prints the executed SQL commands.
*
* Returns:
* TRUE if successful, FALSE otherwise.
*/
BEGIN
-- Enclose the main logic in a BEGIN block for exception handling
BEGIN
-- Revoke execute permissions on pg_background functions
EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_background_launch(pg_catalog.text, pg_catalog.int4) FROM %I', user_name);
IF print_commands THEN
RAISE INFO 'Executed command: REVOKE EXECUTE ON FUNCTION pg_background_launch(pg_catalog.text, pg_catalog.int4) FROM %', user_name;
END IF;
EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_background_result(pg_catalog.int4) FROM %I', user_name);
IF print_commands THEN
RAISE INFO 'Executed command: REVOKE EXECUTE ON FUNCTION pg_background_result(pg_catalog.int4) FROM %', user_name;
END IF;
EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_background_detach(pg_catalog.int4) FROM %I', user_name);
IF print_commands THEN
RAISE INFO 'Executed command: REVOKE EXECUTE ON FUNCTION pg_background_detach(pg_catalog.int4) FROM %', user_name;
END IF;
RETURN TRUE;
EXCEPTION WHEN OTHERS THEN
RAISE NOTICE 'Error revoking pg_background privileges from %: %', user_name, SQLERRM;
RETURN FALSE;
END;
END;
$function$;
REVOKE ALL ON FUNCTION revoke_pg_background_privileges(pg_catalog.text, boolean)
FROM public;
REVOKE ALL ON FUNCTION grant_pg_background_privileges(pg_catalog.text, boolean)
FROM public;
REVOKE ALL ON FUNCTION pg_background_launch(pg_catalog.text, pg_catalog.int4)
FROM public;
REVOKE ALL ON FUNCTION pg_background_result(pg_catalog.int4)
FROM public;
REVOKE ALL ON FUNCTION pg_background_detach(pg_catalog.int4)
FROM public;