List databases #50
List databases #50
Conversation
lib/PGObject/Util/DBAdmin.pm
Outdated
| my $_query = 'SELECT datname from pg_database ' . | ||
| "WHERE datdba=(SELECT usesysid FROM pg_user WHERE usename='$user') " . | ||
| 'AND datallowconn ' . | ||
| ( $excludes ? "AND datname NOT IN ('" . $excludes.join("','") . "') " : '' ) . |
There was a problem hiding this comment.
Same remark about SQL injection.
|
|
||
| Returns a list of db names. | ||
|
|
||
| When a database name is specified, uses that database to connect to, | ||
| using the credentials specified in the instance. | ||
|
|
||
| If no database name is specified, 'template1' is used. | ||
| If an array of excluded databases is provided, it is used to limit the list |
There was a problem hiding this comment.
Ok. But what is the reason we want this? I mean Perl has a nice construct with grep { not $excludes{$_} } @all_databases where you can really simply limit the values in a list. Is there a reason this must happen in the SQL phase?
There was a problem hiding this comment.
The latest commit does address the SQL injection, thanks. That leaves the above question (why is it necessary to do this at the query level) though.
| @@ -559,26 +559,62 @@ sub server_version { | |||
| } | |||
|
|
|||
|
|
|||
| =head2 list_dbs([$dbname]) | |||
| =head2 list_dbs([$dbname],[$excludes]) | |||
There was a problem hiding this comment.
This implies my $excludes = shift with a list of excludes passed as an arrayref. The implementation below takes all remaining arguments as excludes. I like this definition better than the implementation, because the latter does not allow further extension of the API.
This PR refines
list_dbsto allow optional exclusions from the list of databases.It also provides
list_dbs_this_userto give a list of databases owned by a specific user.