Re: [PATCH] Add pg_get_role_ddl() functions for role recreation

On Thu, Jan 8, 2026 at 8:20 PM Mario González Troncoso
<gonzalemario(at)gmail(dot)com> wrote:
>
> Cool. I rebased this morning and it passed just fine.
>

hi.

+ /*
+ * We don't support generating DDL for system roles. The primary reason
+ * for this is that users shouldn't be recreating them.
+ */
+ if (strncmp(rolname, "pg_", 3) == 0)
+ ereport(ERROR,
+ (errcode(ERRCODE_RESERVED_NAME),
+ errmsg("role name \"%s\" is reserved", rolname),
+ errdetail("Role names starting with \"pg_\" are reserved for system
roles.")));

There is a specific function for it, IsReservedName,
we should use it instead of strncmp, i think.

+ /*
+ * We intentionally omit PASSWORD. There's no way to retrieve the
+ * original password text from the stored hash, and even if we could,
+ * exposing passwords through a SQL function would be a security issue.
+ * Users must set passwords separately after recreating roles.
+ */
+
+ appendStringInfoChar(&buf, ';');

What about the PASSWORD NULL scarenio?

per Synopsis:
CREATE ROLE name [ [ WITH ] option [ ... ] ]

Do we need to include the optional keyword, WITH?

--
jian
https://www.enterprisedb.com/