Support fixed database role db_accessadmin babelfish-for-postgresql#447…

… (#96) ### Description See babelfish-for-postgresql#447 Handle bbf dump restore changes for babelfish db_accessadmin fixed database role. #### Engine PR: babelfish-for-postgresql#447 #### Extension PR: babelfish-for-postgresql/babelfish_extensions#2970 ### Issues Resolved [List any issues this PR will resolve] ### Check List - [x] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is under the terms of the PostgreSQL license, and grant any person obtaining a copy of the contribution permission to relicense all or a portion of my contribution to the PostgreSQL License solely to contribute all or a portion of my contribution to the PostgreSQL open source project. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/babelfish-for-postgresql/postgresql_modified_for_babelfish/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).
amazon-aurora · Oct 18, 2024 · f572c25 · f572c25
1 parent 771a447
commit f572c25
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 14 deletions.
diff --git a/src/bin/pg_dump/dump_babel_utils.c b/src/bin/pg_dump/dump_babel_utils.c
@@ -52,6 +52,12 @@ typedef enum {
 
 static babelfish_status bbf_status = NONE;
 
+static char *default_bbf_db_principals =
+			"('master_dbo', 'master_db_owner', 'master_guest', 'master_db_accessadmin', "
+			"'msdb_dbo', 'msdb_db_owner', 'msdb_guest', 'msdb_db_accessadmin', "
+			"'tempdb_dbo', 'tempdb_db_owner', 'tempdb_guest', 'tempdb_db_accessadmin') ";
+
+
 
 static char *
 getMinOid(Archive *fout)
@@ -1123,11 +1129,8 @@ addFromClauseForLogicalDatabaseDump(PQExpBuffer buf, TableInfo *tbinfo)
 						  "INNER JOIN sys.babelfish_sysdatabases b "
 						  "ON a.database_name = b.name COLLATE \"C\" "
 						  "WHERE b.dbid = %d "
-						  "AND a.rolname NOT IN "
-						  "('master_dbo', 'master_db_owner', 'master_guest', "
-						  "'msdb_dbo', 'msdb_db_owner', 'msdb_guest', "
-						  "'tempdb_dbo', 'tempdb_db_owner', 'tempdb_guest') ",
-						  fmtQualifiedDumpable(tbinfo), bbf_db_id);
+						  "AND a.rolname NOT IN %s",
+						  fmtQualifiedDumpable(tbinfo), bbf_db_id, default_bbf_db_principals);
 	}
 	else
 	{
@@ -1169,11 +1172,8 @@ addFromClauseForPhysicalDatabaseDump(PQExpBuffer buf, TableInfo *tbinfo)
 	else if(strcmp(tbinfo->dobj.name, "babelfish_authid_user_ext") == 0)
 	{
 		appendPQExpBuffer(buf, " FROM ONLY %s a "
-						  "WHERE a.rolname NOT IN "
-						  "('master_dbo', 'master_db_owner', 'master_guest', "
-						  "'tempdb_dbo', 'tempdb_db_owner', 'tempdb_guest', "
-						  "'msdb_dbo', 'msdb_db_owner', 'msdb_guest')",
-						  fmtQualifiedDumpable(tbinfo));
+						  "WHERE a.rolname NOT IN %s",
+						  fmtQualifiedDumpable(tbinfo), default_bbf_db_principals);
 	}
 	else if(strcmp(tbinfo->dobj.name, "babelfish_authid_login_ext") == 0)
 		appendPQExpBuffer(buf, " FROM ONLY %s a "
@@ -1992,7 +1992,7 @@ dumpBabelPhysicalDatabaseACLs(Archive *fout)
 					"\n	SET LOCAL ROLE sysadmin;"
 					"\n	FOR rolname, original_name IN ("
 					"\n		SELECT a.rolname, a.orig_username FROM sys.babelfish_authid_user_ext a"
-					"\n			WHERE orig_username IN ('dbo') AND"
+					"\n			WHERE orig_username IN ('dbo','db_accessadmin') AND"
 					"\n			database_name NOT IN ('master', 'tempdb', 'msdb')");
 
 	if (bbf_db_name)
@@ -2003,6 +2003,8 @@ dumpBabelPhysicalDatabaseACLs(Archive *fout)
 					"\n	) LOOP"
 					"\n		CASE WHEN original_name = 'dbo' THEN"
 					"\n			EXECUTE format('GRANT CREATE, CONNECT, TEMPORARY ON DATABASE \"%%s\" TO \"%%s\"; ', CURRENT_DATABASE(), rolname);"
+					"\n		WHEN original_name = 'db_accessadmin' THEN"
+					"\n			EXECUTE format('GRANT CREATE ON DATABASE \"%%s\" TO \"%%s\"; ', CURRENT_DATABASE(), rolname);"
 					"\n		END CASE;"
 					"\n	END LOOP;"
 					"\n	RESET ROLE;"

diff --git a/src/bin/pg_dump/dumpall_babel_utils.c b/src/bin/pg_dump/dumpall_babel_utils.c
@@ -36,9 +36,9 @@ typedef enum {
 static babelfish_status bbf_status = NONE;
 
 static char default_bbf_roles[] = "('sysadmin', 'bbf_role_admin', 'securityadmin', "
-								  "'master_dbo', 'master_db_owner', 'master_guest', "
-								  "'msdb_dbo', 'msdb_db_owner', 'msdb_guest', "
-								  "'tempdb_dbo', 'tempdb_db_owner', 'tempdb_guest')";
+								  "'master_dbo', 'master_db_owner', 'master_guest', 'master_db_accessadmin', "
+								  "'msdb_dbo', 'msdb_db_owner', 'msdb_guest', 'msdb_db_accessadmin', "
+								  "'tempdb_dbo', 'tempdb_db_owner', 'tempdb_guest', 'tempdb_db_accessadmin')";
 
 /*
  * Run a query, return the results, exit program on failure.