diff options
| author | Michael Paquier <michael@paquier.xyz> | 2022-07-13 12:21:20 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2022-07-13 12:21:20 +0900 |
| commit | 08951a7c93cf0dd791ee6ac8a8cf5e4b152528e5 (patch) | |
| tree | 8df0cc6cc141afde94f98d3ac9ac32421e428d76 /doc/src | |
| parent | c23e3e6beb273ae8c0f8e616edb7ed1acb0271c4 (diff) | |
| download | postgresql-08951a7c93cf0dd791ee6ac8a8cf5e4b152528e5.tar.gz postgresql-08951a7c93cf0dd791ee6ac8a8cf5e4b152528e5.zip | |
createuser: Add support for more clause types through new options
The following options are added to createuser:
* --valid-until to generate a VALID UNTIL clause for the role created.
* --bypassrls/--no-bypassrls for BYPASSRLS/NOBYPASSRLS.
* -m/--member to make the new role a member of an existing role, with an
extra ROLE clause generated. The clause generated overlaps with
-g/--role, but per discussion this was the most popular choice as option
name.
* -a/--admin for the addition of an ADMIN clause.
These option names are chosen to be completely new, so as they do not
impact anybody relying on the existing option set. Tests are added for
the new options and extended a bit, while on it, to cover more patterns
where quotes are added to various elements of the query generated.
Author: Shinya Kato
Reviewed-by: Nathan Bossart, Daniel Gustafsson, Robert Haas, Kyotaro
Horiguchi, David G. Johnston, Przemysław Sztoch
Discussion: https://postgr.es/m/69a9851035cf0f0477bcc5d742b031a3@oss.nttdata.com
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/ref/createuser.sgml | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/doc/src/sgml/ref/createuser.sgml b/doc/src/sgml/ref/createuser.sgml index 17579e50afb..c6a7c603f78 100644 --- a/doc/src/sgml/ref/createuser.sgml +++ b/doc/src/sgml/ref/createuser.sgml @@ -77,6 +77,20 @@ PostgreSQL documentation </varlistentry> <varlistentry> + <term><option>-a <replaceable class="parameter">role</replaceable></option></term> + <term><option>--admin=<replaceable class="parameter">role</replaceable></option></term> + <listitem> + <para> + Indicates role that will be immediately added as a member of the new + role with admin option, giving it the right to grant membership in the + new role to others. Multiple roles to add as members (with admin + option) of the new role can be specified by writing multiple + <option>-a</option> switches. + </para> + </listitem> + </varlistentry> + + <varlistentry> <term><option>-c <replaceable class="parameter">number</replaceable></option></term> <term><option>--connection-limit=<replaceable class="parameter">number</replaceable></option></term> <listitem> @@ -205,6 +219,18 @@ PostgreSQL documentation </varlistentry> <varlistentry> + <term><option>-m <replaceable class="parameter">role</replaceable></option></term> + <term><option>--member=<replaceable class="parameter">role</replaceable></option></term> + <listitem> + <para> + Indicates role that will be immediately added as a member of the new + role. Multiple roles to add as members of the new role can be specified + by writing multiple <option>-m</option> switches. + </para> + </listitem> + </varlistentry> + + <varlistentry> <term><option>-P</option></term> <term><option>--pwprompt</option></term> <listitem> @@ -259,6 +285,17 @@ PostgreSQL documentation </varlistentry> <varlistentry> + <term><option>-v <replaceable class="parameter">timestamp</replaceable></option></term> + <term><option>--valid-until=<replaceable class="parameter">timestamp</replaceable></option></term> + <listitem> + <para> + Set a date and time after which the role's password is no longer valid. + The default is to set no password expiry date. + </para> + </listitem> + </varlistentry> + + <varlistentry> <term><option>-V</option></term> <term><option>--version</option></term> <listitem> @@ -269,6 +306,25 @@ PostgreSQL documentation </varlistentry> <varlistentry> + <term><option>--bypassrls</option></term> + <listitem> + <para> + The new user will bypass every row-level security (RLS) policy. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><option>--no-bypassrls</option></term> + <listitem> + <para> + The new user will not bypass row-level security (RLS) policies. This is + the default. + </para> + </listitem> + </varlistentry> + + <varlistentry> <term><option>--replication</option></term> <listitem> <para> |