Re: pg_hba_lookup function to get all matching pg_hba.conf entries

2015-12-03 5:00 GMT+01:00 Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>:

> On Wed, Nov 25, 2015 at 7:18 PM, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>
> wrote:
> >
> >
> > 2015-11-25 8:05 GMT+01:00 Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>:
> >>
> >>
> >> Thanks. Here I attached the poc patch that returns authentication method
> >> of the
> >> first matched hba entry in pg_hba.conf with the given input values.
> >> Currently these
> >> functions returns text type. Based on the details required to be
> >> printed, it can
> >> be changed.
> >>
> >> postgres=# select pg_hba_lookup('all', 'all');
> >> pg_hba_lookup
> >> ---------------
> >> trust
> >> (1 row)
> >>
> >> comments for the approach?
> >
> >
> > From my perspective, it shows too less informations.
> >
> > What I am expecting:
> >
> > 1. line num of choosed rule
> > 2. some tracing - via NOTICE, what and why some rules was skipped.
>
> Here I attached the patch with the suggested changes.
> Along with line number, I kept the options column also with authentication
> options as a jsonb datatype.
>
> Example output:
>
> postgres=# select pg_hba_lookup('test','all','::1');
> NOTICE: Skipped 84 Hba line, because of non matching IP.
> NOTICE: Skipped 86 Hba line, because of non matching database.
> NOTICE: Skipped 87 Hba line, because of non matching role.
> pg_hba_lookup
> ---------------
> (89,trust,{})
> (1 row)
>
> comments?
>

I liked it

The text of notice can be reduced "Skipped xx line, ..." - it have to be
pg_hba

Pavel

>
> Regards,
> Hari Babu
> Fujitsu Australia
>