(userNames []string)
| 200 | } |
| 201 | |
| 202 | func (c *Cluster) readPgUsersFromDatabase(userNames []string) (users spec.PgUserMap, err error) { |
| 203 | c.setProcessName("reading users from the database") |
| 204 | var rows *sql.Rows |
| 205 | users = make(spec.PgUserMap) |
| 206 | if rows, err = c.pgDb.Query(getUserSQL, pq.Array(userNames)); err != nil { |
| 207 | return nil, fmt.Errorf("error when querying users: %v", err) |
| 208 | } |
| 209 | defer func() { |
| 210 | if err2 := rows.Close(); err2 != nil { |
| 211 | if err != nil { |
| 212 | err = fmt.Errorf("error when closing query cursor: %v, previous error: %v", err2, err) |
| 213 | } else { |
| 214 | err = fmt.Errorf("error when closing query cursor: %v", err2) |
| 215 | } |
| 216 | } |
| 217 | }() |
| 218 | |
| 219 | for rows.Next() { |
| 220 | var ( |
| 221 | rolname, rolpassword string |
| 222 | rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin bool |
| 223 | roloptions, memberof []string |
| 224 | roldeleted bool |
| 225 | ) |
| 226 | err := rows.Scan(&rolname, &rolpassword, &rolsuper, &rolinherit, |
| 227 | &rolcreaterole, &rolcreatedb, &rolcanlogin, pq.Array(&roloptions), pq.Array(&memberof)) |
| 228 | if err != nil { |
| 229 | return nil, fmt.Errorf("error when processing user rows: %v", err) |
| 230 | } |
| 231 | flags := makeUserFlags(rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin) |
| 232 | // XXX: the code assumes the password we get from pg_authid is always MD5 |
| 233 | parameters := make(map[string]string) |
| 234 | for _, option := range roloptions { |
| 235 | fields := strings.Split(option, "=") |
| 236 | if len(fields) != 2 { |
| 237 | c.logger.Warningf("skipping malformed option: %q", option) |
| 238 | continue |
| 239 | } |
| 240 | parameters[fields[0]] = fields[1] |
| 241 | } |
| 242 | |
| 243 | // consider NOLOGIN roles with deleted suffix as deprecated users |
| 244 | if strings.HasSuffix(rolname, c.OpConfig.RoleDeletionSuffix) && !rolcanlogin { |
| 245 | roldeleted = true |
| 246 | } |
| 247 | |
| 248 | users[rolname] = spec.PgUser{Name: rolname, Password: rolpassword, Flags: flags, MemberOf: memberof, Parameters: parameters, Deleted: roldeleted} |
| 249 | } |
| 250 | |
| 251 | return users, nil |
| 252 | } |
| 253 | |
| 254 | func findUsersFromRotation(rotatedUsers []string, db *sql.DB) (map[string]string, error) { |
| 255 | extraUsers := make(map[string]string, 0) |
no test coverage detected