From 2112092f8e10db4bee69907501167e54becbab96 Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Tue, 10 Dec 2024 10:18:01 +0530 Subject: [PATCH 01/11] EPAS 13 - update clone schema setup steps Addresses [DI-1271](https://enterprisedb.atlassian.net/browse/DI-1271) --- .../13/epas_guide/14_edb_clone_schema.mdx | 25 ++++++++++++++++--- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx index f6bbe31b9c3..6c5898b2aa7 100644 --- a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx @@ -77,7 +77,24 @@ The following describes the steps to install the required extensions and the PL/ **These steps must be performed on any database to be used as the source or target database by an EDB Clone Schema function.** -**Step 1:** The following extensions must be installed on the database: +**Step 1:** Create the directory object and update the directory path to the directory object: + +``` +CREATE DIRECTORY edb_cs_lfp AS '/any/path/'; + +UPDATE pg_catalog.edb_dir +SET dirpath = ( + SELECT current_setting('data_directory')||'/'|| + current_setting('log_directory')||'/' +) +WHERE dirname = 'edb_cs_lfp'; +``` + +Where, + +`/any/path` is the path to the physical directory with required read-write permissions to store the data files. + +**Step 2:** The following extensions must be installed on the database: - `postgres_fdw` - `dblink` @@ -99,7 +116,7 @@ For more information about using the `CREATE EXTENSION` command, see the Postgre -**Step 2:** Modify the `postgresql.conf` file. +**Step 3:** Modify the `postgresql.conf` file. Modify the `postgresql.conf` file by adding `$libdir/parallel_clone` to the `shared_preload_libraries` configuration parameter as shown by the following example: @@ -107,11 +124,11 @@ Modify the `postgresql.conf` file by adding `$libdir/parallel_clone` to the `sha shared_preload_libraries = '$libdir/dbms_pipe,$libdir/dbms_aq,$libdir/parallel_clone' ``` -**Step 3:** The Perl Procedural Language (PL/Perl) must be installed on the database and the `CREATE TRUSTED LANGUAGE plperl` command must be run. For Linux, install PL/Perl using the `edb-asxx-server-plperl` RPM package where `xx` is the Advanced Server version number. For Windows, use the EDB Postgres Language Pack. For information on EDB Language Pack, see the *EDB Postgres Language Pack Guide* available at: +**Step 4:** The Perl Procedural Language (PL/Perl) must be installed on the database and the `CREATE TRUSTED LANGUAGE plperl` command must be run. For Linux, install PL/Perl using the `edb-asxx-server-plperl` RPM package where `xx` is the Advanced Server version number. For Windows, use the EDB Postgres Language Pack. For information on EDB Language Pack, see the *EDB Postgres Language Pack Guide* available at: [https://www.enterprisedb.com/docs](/language_pack/latest/) -**Step 4:** Connect to the database as a superuser and run the following command: +**Step 5:** Connect to the database as a superuser and run the following command: ```text CREATE TRUSTED LANGUAGE plperl; From 918f18726eb9115f1cd001dad5717675c3e9e2e3 Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Mon, 16 Dec 2024 15:40:08 +0530 Subject: [PATCH 02/11] Update the syntax as per discussion with Sravan for v13 to 16 --- .../epas/13/epas_guide/14_edb_clone_schema.mdx | 18 ++++-------------- .../epas/14/epas_guide/14_edb_clone_schema.mdx | 7 +++++++ .../setting_up_edb_clone_schema.mdx | 11 +++++++++++ .../setting_up_edb_clone_schema.mdx | 12 ++++++++++++ 4 files changed, 34 insertions(+), 14 deletions(-) diff --git a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx index 6c5898b2aa7..005a30bb06e 100644 --- a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx @@ -77,22 +77,12 @@ The following describes the steps to install the required extensions and the PL/ **These steps must be performed on any database to be used as the source or target database by an EDB Clone Schema function.** -**Step 1:** Create the directory object and update the directory path to the directory object: +**Step 1:** The log directory is required to store all the log files. Create the log directory as a superuser: +```sql +SELECT edb_util.create_clone_log_dir(); ``` -CREATE DIRECTORY edb_cs_lfp AS '/any/path/'; - -UPDATE pg_catalog.edb_dir -SET dirpath = ( - SELECT current_setting('data_directory')||'/'|| - current_setting('log_directory')||'/' -) -WHERE dirname = 'edb_cs_lfp'; -``` - -Where, - -`/any/path` is the path to the physical directory with required read-write permissions to store the data files. +It returns the value true on successful execution. **Step 2:** The following extensions must be installed on the database: diff --git a/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx index 3acb1469ba6..c72cfe402f9 100644 --- a/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx @@ -74,6 +74,13 @@ In addition, it might help to modify some configuration parameters in the `postg Perform this installation on any database to be used as the source or target database by an EDB Clone Schema function. +1. The log directory is required to store all the log files. Create the log directory as a superuser: + +```sql +SELECT edb_util.create_clone_log_dir(); +``` +It returns the value true on successful execution. + 1. Install the following extensions on the database: - `postgres_fdw` diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx index 796546f1933..13926d47c36 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx @@ -106,6 +106,17 @@ Install the EDB Clone Schema on any database to be used as the source or target CREATE EXTENSION edb_cloneschema; ``` +## Creating Log directory + +The log directory is required to store all the log files. + +After creating the extensions the following statement must be executed, as a superuser, to create the log directory: + + ```sql + SELECT edb_util.create_clone_log_dir(); + ``` + +It returns the value true on successful execution. ## Creating the foreign servers and user mappings diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx index 796546f1933..161c004ae2b 100644 --- a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx @@ -107,6 +107,18 @@ Install the EDB Clone Schema on any database to be used as the source or target CREATE EXTENSION edb_cloneschema; ``` +## Creating Log directory + +The log directory is required to store all the log files. + +After creating the extensions the following statement must be executed, as a superuser, to create the log directory: + + ```sql + SELECT edb_util.create_clone_log_dir(); + ``` + +It returns the value true on successful execution. + ## Creating the foreign servers and user mappings When using one of the local cloning functions `localcopyschema` or `localcopyschema_nb`, one of the required parameters includes a single, foreign server. This server is for identifying the database server and its database that's the source and receiver of the cloned schema. From d48f4b4efe0b4b176762cd4370f82515832fd3fa Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Tue, 31 Dec 2024 14:53:50 +0530 Subject: [PATCH 03/11] updated v13 topic as discussed with Abbas --- .../13/epas_guide/14_edb_clone_schema.mdx | 383 +++++++++++++++++- .../setting_up_edb_clone_schema.mdx | 2 + 2 files changed, 377 insertions(+), 8 deletions(-) diff --git a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx index 005a30bb06e..d295d2cf075 100644 --- a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx @@ -20,6 +20,9 @@ Use the following functions with EDB Clone Schema: - **remotecopyschema_nb.** This function performs the same purpose as `remotecopyschema`, but as a background job, thus freeing up the terminal from which the function was initiated. This is referred to as a *non-blocking* function. See [remotecopyschema_nb](#remotecopyschema_nb) for information on the `remotecopyschema_nb` function. - **process_status_from_log.** This function displays the status of the cloning functions. The information is obtained from a log file that must be specified when a cloning function is invoked. See [process_status_from_log](#process_status_from_log) for information on the `process_status_from_log` function. - **remove_log_file_and_job.** This function deletes the log file created by a cloning function. This function can also be used to delete a job created by the non-blocking form of the function. See [remove_log_file_and_job](#remove_log_file_and_job) for information on the `remove_log_file_and_job` function. +- **create_clone_log_dir.** This function creates a directory to store all the log files. +- **grant_clone_schema_privileges.** This function grants the privileges to a non-super user to clone the schema. +- **revoke_clone_schema_privileges.** This function revokes the privileges from a non-super user for cloning the schema. The database objects that can be cloned from one schema to another are the following: @@ -114,6 +117,8 @@ Modify the `postgresql.conf` file by adding `$libdir/parallel_clone` to the `sha shared_preload_libraries = '$libdir/dbms_pipe,$libdir/dbms_aq,$libdir/parallel_clone' ``` +Restart the database server to reflect the changes. + **Step 4:** The Perl Procedural Language (PL/Perl) must be installed on the database and the `CREATE TRUSTED LANGUAGE plperl` command must be run. For Linux, install PL/Perl using the `edb-asxx-server-plperl` RPM package where `xx` is the Advanced Server version number. For Windows, use the EDB Postgres Language Pack. For information on EDB Language Pack, see the *EDB Postgres Language Pack Guide* available at: [https://www.enterprisedb.com/docs](/language_pack/latest/) @@ -198,13 +203,25 @@ CREATE EXTENSION edb_cloneschema; Make sure you create the `parallel_clone` extension before creating the `edb_cloneschema` extension. +### Creating Log directory + +The Log directory is required to store all the log files. + +After creating the extensions the following statement must be executed, as a superuser, to create the log directory: + + ```sql + SELECT edb_util.create_clone_log_dir(); + ``` + +It will return the value true on successful execution. + ### Creating the Foreign Servers and User Mappings When using one of the local cloning functions, `localcopyschema` or `localcopyschema_nb`, one of the required parameters includes a single, foreign server for identifying the database server along with its database that is the source and the receiver of the cloned schema. When using one of the remote cloning functions, `remotecopyschema` or `remotecopyschema_nb`, two of the required parameters include two foreign servers. The foreign server specified as the first parameter identifies the source database server along with its database that is the provider of the cloned schema. The foreign server specified as the second parameter identifies the target database server along with its database that is the receiver of the cloned schema. -For each foreign server, a user mapping must be created. When a selected database superuser invokes a cloning function, that database superuser who invokes the function must have been mapped to a database user name and password that has access to the foreign server that is specified as a parameter in the cloning function. +For each foreign server, a user mapping must be created. When a selected database user invokes a cloning function, that database user who invokes the function must have been mapped to a database user name and password that has access to the foreign server that is specified as a parameter in the cloning function. For general information about foreign data, foreign servers, and user mappings, see the PostgreSQL core documentation at: @@ -222,7 +239,7 @@ The user mapping defines the connection and authentication information for the f **This foreign server and user mapping must be created within the database of the local server in which the cloning is to occur.** -**The database user for whom the user mapping is defined must be a superuser and the user connected to the local server when invoking an EDB Clone Schema function.** +**The database user for whom the user mapping is defined must have required privileges and the user must be connected to the local server when invoking an EDB Clone Schema function.** The following example creates the foreign server for the database containing the schema to be cloned, and to receive the cloned schema as well. @@ -276,7 +293,7 @@ edb=# \deu+ (1 row) ``` -When database superuser `enterprisedb` invokes a cloning function, the database user `enterprisedb` with its password is used to connect to `local_server` on the `localhost` with port `5444` to database `edb`. +When database user `enterprisedb` invokes a cloning function, the database user `enterprisedb` with its password is used to connect to `local_server` on the `localhost` with port `5444` to database `edb`. In this case, the mapped database user, `enterprisedb`, and the database user, `enterprisedb`, used to connect to the local `edb` database happen to be the same, identical database user, but that is not an absolute requirement. @@ -296,7 +313,7 @@ The user mappings define the connection and authentication information for the f **All of these foreign servers and user mappings must be created within the target database of the target/local server.** -**The database user for whom the user mappings are defined must be a superuser and the user connected to the local server when invoking an EDB Clone Schema function.** +**The database user for whom the user mappings are defined must have required privileges and the user must be connected to the local server when invoking an EDB Clone Schema function.** The following example creates the foreign server for the local, target database that is to receive the cloned schema. @@ -373,7 +390,7 @@ tgtdb=# \deu+ (2 rows) ``` -When database superuser `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. +When database user `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. In addition, database user `srcuser` with password `srcpassword` connects to `src_server` on host `192.168.2.28` with port `5444` to database `srcdb`. @@ -397,7 +414,7 @@ The EDB Clone Schema functions are created in the `edb_util` schema when the `pa Verify the following conditions before using an EDB Clone Schema function: -- You are connected to the target or local database as the database superuser defined in the `CREATE USER MAPPING` command for the foreign server of the target or local database. +- You are connected to the target or local database as the database user defined in the `CREATE USER MAPPING` command for the foreign server of the target or local database. - The `edb_util` schema is in the search path, or the cloning function is to be invoked with the `edb_util` prefix. - The target schema does not exist in the target database. - When using the remote copy functions, if the `on_tblspace` parameter is to be set to `true`, then the target database cluster contains all tablespaces that are referenced by objects in the source schema, otherwise creation of the DDL statements for those database objects will fail in the target schema. This causes a failure of the cloning process. @@ -479,7 +496,7 @@ The example is for the following environment: - Foreign server (`local_server`) and user mapping with the information of the preceding bullet points - Source schema: `edb` - Target schema: `edbcopy` -- Database superuser to invoke `localcopyschema: enterprisedb` +- Database user to invoke `localcopyschema: enterprisedb` Before invoking the function, the connection is made by database user `enterprisedb` to database `edb`. @@ -777,7 +794,7 @@ The target server environment: - Database target of the clone: `tgtdb` - Foreign server (`tgt_server`) and user mapping with the information of the preceding bullet points - Target schema: `tgtschema` -- Database superuser to invoke `remotecopyschema: enterprisedb` +- Database user to invoke `remotecopyschema: enterprisedb` Before invoking the function, the connection is made by database user `enterprisedb` to database `tgtdb`. A `worker_count` of `4` is specified for this function. @@ -1094,3 +1111,353 @@ tgtdb=# SELECT edb_util.remove_log_file_and_job ('clone_rmt_src_tgt',2); t (1 row) ``` + +## Cloning schema as a non-super user + +You can now clone the schema as a non-super user. This two functions are created while creating the extension: + +- GRANT_CLONE_SCHEMA_PRIVILEGES - Grants the privileges to a non-super user to clone the schema. +- REVOKE_CLONE_SCHEMA_PRIVILEGES - Revokes the privileges from a non-super user for cloning the schema. + +### GRANT_CLONE_SCHEMA_PRIVILEGES + +You can grant the clone schema privileges to a non-super user using this function. + +Syntax: + +```sql +GRANT_CLONE_SCHEMA_PRIVILEGES( TEXT, [ BOOLEAN], [ BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user to whom privileges are to be granted to do local cloning. + +`allow_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value grants user the privileges to do remote cloning. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to grant a non-super user ec2-user the privileges for local and remote cloning: + +```sql +SELECT edb_util.grant_clone_schema(user_name => 'ec2-user', + allow_remote_schema => true, + print_commands => true); +__OUTPUT__ +INFO: Executed command: GRANT USAGE ON SCHEMA edb_util TO "ec2-user" +INFO: Executed command: GRANT pg_read_all_settings TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON PACKAGE SYS.UTL_FILE TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_stat_file(text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_read_file(text, bigint, bigint) TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_authid TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_user_mapping TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink_connect_u(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_file_write(text, text, boolean) TO "ec2-user" +INFO: Executed command: GRANT USAGE ON FOREIGN DATA WRAPPER postgres_fdw TO "ec2-user" +┌───────────────────────────────┐ +│ grant_clone_schema_privileges │ +├───────────────────────────────┤ +│ t │ +└───────────────────────────────┘ +(1 row) +``` + +### REVOKE_CLONE_SCHEMA_PRIVILEGES + +You can revoke the clone schema privileges from a non-super user using this function. + +Syntax: + +```sql +revoke_clone_schema_privileges( TEXT[, BOOLEAN][, BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user from whom we want to revoke the cloning privileges. + +`revoke_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value revokes the remote cloning privileges from the user. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to revoke cloning privileges from the ec2-user user. + +```sql +SELECT edb_util.revoke_clone_schema_privileges(user_name => 'ec2-user', + revoke_remote_schema_clone => true, + print_commands => true); +__OUTPUT__ +INFO: Revoked USAGE on schema edb_util from ec2-user. +INFO: Revoked pg_read_all_settings from ec2-user. +INFO: Revoked EXECUTE on package SYS.UTL_FILE from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_stat_file(text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) from ec2-user. +INFO: Revoked SELECT on pg_authid from ec2-user. +INFO: Revoked SELECT on pg_user_mapping from ec2-user. +INFO: Revoked EXECUTE on function dblink_connect_u(text, text) from ec2-user. +INFO: Revoked EXECUTE on function dblink(text, text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) from ec2-user. +INFO: Revoked USAGE on foreign data wrapper postgres_fdw from ec2-user. +┌────────────────────────────────┐ +│ revoke_clone_schema_privileges │ +├────────────────────────────────┤ +│ t │ +└────────────────────────────────┘ +(1 row) +``` + +### Example - clone a schema locally as a non-super user + +This example shows how to clone a local schema as a non-super user: + +Create a non-super user named `forcs` for this example: + +``` +createuser -h 127.0.0.1 -p 6543 -U enterprisedb forcs + +edb-psql -p 6543 -U enterprisedb edb +__OUTPUT__ +edb-psql (13.17.23) +Type "help" for help. +``` + +Set the password of user `forcs`: + +```sql +ALTER USER forcs WITH PASSWORD 'abc123'; +__OUTPUT__ +ALTER ROLE +``` + +Give CREATE privileges to `forcs` on `edb` database: + +```sql +edb=# GRANT CREATE on DATABASE edb to forcs; +__OUTPUT__ +GRANT +``` + +Create the `postgres_fdw` extension: + +```sql +CREATE EXTENSION postgres_fdw; +__OUTPUT__ +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give clone schema privilege to `forcs` user: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to `edb` datbase as `forcs` user: + +``` +edb-psql -h 127.0.0.1 -p 6543 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create the foreign server: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +__OUTPUT__ +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +CREATE SERVER +CREATE USER MAPPING +``` + +```sql +CREATE SCHEMA src; +SET search_path=src, public, "$user$"; +CREATE TABLE t1 AS (SELECT generate_series(1,100000)); +CREATE TABLE t2 AS (SELECT generate_series(1,100000)); +CREATE TABLE t3 AS (SELECT generate_series(1,100000)); +CREATE TABLE t4 AS (SELECT generate_series(1,100000)); +__OUTPUT__ +CREATE SCHEMA +SET +SELECT 100000 +SELECT 100000 +SELECT 100000 +SELECT 100000 +``` + +Clone the schema locally: + +```sql +select edb_util.localcopyschema('local_postgres_server','src','src2','src2_log',true,true,true,4); +__OUTPUT__ + localcopyschema +----------------- + t +(1 row) +``` + +### Example - clone a schema remotely as a non-super user + +This example shows how to clone a schema remotely as a non-super user. + +Create a non-super user named `forcs` for this example: + +``` +createuser -p 4422 -U enterprisedb forcs + +edb-psql -p 4422 -U enterprisedb edb +__OUTPUT__ +edb-psql (13.17.23) +Type "help" for help. +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give the clone schema privileges to the non-super user `forcs`: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Set the password of the non-super user `forcs`: + +```sql +ALTER USER forcs WITH PASSWORD 'abc123'; +__OUTPUT__ +ALTER ROLE +``` + +``` +edb-psql -h 127.0.0.1 -p 4422 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create a foreign server and user mapping in the target database: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '4422', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a foregin server and user mapping in the source database: + +```sql +CREATE SERVER src_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER src_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Clone the schema from source to target database using `remotecopyschema` function: + +```sql +select edb_util.remotecopyschema('src_postgres_server','local_postgres_server','src','src','src_log',true,true,true,4); +__OUTPUT__ + remotecopyschema +------------------ + t +(1 row) +``` diff --git a/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx b/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx index b4726993910..d0571fb3769 100644 --- a/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx +++ b/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx @@ -32,6 +32,8 @@ Modify the `postgresql.conf` file by adding `$libdir/parallel_clone` and `$libdi shared_preload_libraries = '$libdir/dbms_pipe,$libdir/dbms_aq,$libdir/parallel_clone,$libdir/edb_job_scheduler' ``` +Restart the database server to reflect the changes. + ## Installing PL/Perl 1. Install the Perl procedural language (PL/Perl) on the database, and run the `CREATE TRUSTED LANGUAGE plperl` command. For Linux, install PL/Perl using the `edb-as-server-plperl` RPM package, where `` is the EDB Postgres Advanced Server version number. For Windows, use the EDB Postgres Language Pack. For information on EDB Language Pack, see the [EDB Postgres Language Pack](/language_pack/latest). From 8126db6eccf77bd496d5beb2eb2d371faa3baeee Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Mon, 6 Jan 2025 15:03:24 +0530 Subject: [PATCH 04/11] Made edits as per feedback from Abbas --- .../13/epas_guide/14_edb_clone_schema.mdx | 45 ++++++------------- 1 file changed, 14 insertions(+), 31 deletions(-) diff --git a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx index d295d2cf075..2b019ca38d1 100644 --- a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx @@ -1114,7 +1114,7 @@ tgtdb=# SELECT edb_util.remove_log_file_and_job ('clone_rmt_src_tgt',2); ## Cloning schema as a non-super user -You can now clone the schema as a non-super user. This two functions are created while creating the extension: +You can now clone the schema as a non-super user. These two functions are created while creating the extension: - GRANT_CLONE_SCHEMA_PRIVILEGES - Grants the privileges to a non-super user to clone the schema. - REVOKE_CLONE_SCHEMA_PRIVILEGES - Revokes the privileges from a non-super user for cloning the schema. @@ -1225,27 +1225,16 @@ This example shows how to clone a local schema as a non-super user: Create a non-super user named `forcs` for this example: -``` -createuser -h 127.0.0.1 -p 6543 -U enterprisedb forcs - -edb-psql -p 6543 -U enterprisedb edb -__OUTPUT__ -edb-psql (13.17.23) -Type "help" for help. -``` - -Set the password of user `forcs`: - ```sql -ALTER USER forcs WITH PASSWORD 'abc123'; +CREATE USER forcs PASSWORD `abc123`; __OUTPUT__ -ALTER ROLE +CREATE ROLE ``` Give CREATE privileges to `forcs` on `edb` database: ```sql -edb=# GRANT CREATE on DATABASE edb to forcs; +GRANT CREATE on DATABASE edb to forcs; __OUTPUT__ GRANT ``` @@ -1254,12 +1243,12 @@ Create the `postgres_fdw` extension: ```sql CREATE EXTENSION postgres_fdw; -__OUTPUT__ CREATE EXTENSION dblink; CREATE EXTENSION adminpack; CREATE EXTENSION pgAgent; CREATE EXTENSION parallel_clone; CREATE EXTENSION edb_cloneschema; +__OUTPUT__ CREATE EXTENSION CREATE EXTENSION CREATE EXTENSION @@ -1283,7 +1272,7 @@ Give clone schema privilege to `forcs` user: ```sql SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); -__OUPUT__ +__OUTPUT__ INFO: Granted USAGE on schema edb_util to forcs. INFO: Granted CREATE on schema edb_util to forcs. INFO: Granted pg_read_all_settings to forcs. @@ -1316,12 +1305,14 @@ Create the foreign server: ```sql CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); -__OUTPUT__ CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ CREATE SERVER CREATE USER MAPPING ``` +Create a sample schema and tables: + ```sql CREATE SCHEMA src; SET search_path=src, public, "$user$"; @@ -1355,13 +1346,10 @@ This example shows how to clone a schema remotely as a non-super user. Create a non-super user named `forcs` for this example: -``` -createuser -p 4422 -U enterprisedb forcs - -edb-psql -p 4422 -U enterprisedb edb +```sql +CREATE USER forcs password `abc123`; __OUTPUT__ -edb-psql (13.17.23) -Type "help" for help. +CREATE ROLE ``` Create the following extensions: @@ -1381,6 +1369,7 @@ CREATE EXTENSION CREATE EXTENSION CREATE EXTENSION ``` + Create the log directory for cloning: ```sql @@ -1415,13 +1404,7 @@ INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. (1 row) ``` -Set the password of the non-super user `forcs`: - -```sql -ALTER USER forcs WITH PASSWORD 'abc123'; -__OUTPUT__ -ALTER ROLE -``` +Connect to the `edb` database as `forcs` user: ``` edb-psql -h 127.0.0.1 -p 4422 -U forcs edb From a6ecc3abad3fd6ea747aaded503cdcbc4645773a Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Mon, 6 Jan 2025 15:18:42 +0530 Subject: [PATCH 05/11] minor edits --- product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx index 2b019ca38d1..3f5c2b74818 100644 --- a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx @@ -1239,7 +1239,7 @@ __OUTPUT__ GRANT ``` -Create the `postgres_fdw` extension: +Create the following extensions: ```sql CREATE EXTENSION postgres_fdw; @@ -1301,7 +1301,7 @@ edb-psql (13.17.23) Type "help" for help. ``` -Create the foreign server: +Create a foreign server and a user mapping: ```sql CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); From 19c1eb8e50e151abd4636aaa354577ab1a4f1d28 Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Tue, 7 Jan 2025 14:05:40 +0530 Subject: [PATCH 06/11] Made changes to v15 --- .../13/epas_guide/14_edb_clone_schema.mdx | 14 +- .../cloning_with_a_non_super_user.mdx | 334 ++++++++++++++++++ .../copying_a_remote_schema.mdx | 4 +- .../14_edb_clone_schema/copying_a_schema.mdx | 2 +- .../edb_clone_schema_overview.mdx | 3 + .../setting_up_edb_clone_schema.mdx | 23 ++ 6 files changed, 367 insertions(+), 13 deletions(-) create mode 100644 product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx diff --git a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx index 3f5c2b74818..03a73eb599a 100644 --- a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx @@ -105,9 +105,7 @@ CREATE EXTENSION adminpack; CREATE EXTENSION pgagent; ``` -For more information about using the `CREATE EXTENSION` command, see the PostgreSQL core documentation at: - - +For more information, see [CREATE EXTENSION command documentation](https://www.postgresql.org/docs/current/static/sql-createextension.html). **Step 3:** Modify the `postgresql.conf` file. @@ -117,11 +115,9 @@ Modify the `postgresql.conf` file by adding `$libdir/parallel_clone` to the `sha shared_preload_libraries = '$libdir/dbms_pipe,$libdir/dbms_aq,$libdir/parallel_clone' ``` -Restart the database server to reflect the changes. - -**Step 4:** The Perl Procedural Language (PL/Perl) must be installed on the database and the `CREATE TRUSTED LANGUAGE plperl` command must be run. For Linux, install PL/Perl using the `edb-asxx-server-plperl` RPM package where `xx` is the Advanced Server version number. For Windows, use the EDB Postgres Language Pack. For information on EDB Language Pack, see the *EDB Postgres Language Pack Guide* available at: +Restart the database server to load the libraries with clone schema support. -[https://www.enterprisedb.com/docs](/language_pack/latest/) +**Step 4:** The Perl Procedural Language (PL/Perl) must be installed on the database and the `CREATE TRUSTED LANGUAGE plperl` command must be run. For Linux, install PL/Perl using the `edb-asxx-server-plperl` RPM package where `xx` is the Advanced Server version number. For Windows, use the EDB Postgres Language Pack. For information, see [EDB Language Pack documentation](/language_pack/latest/). **Step 5:** Connect to the database as a superuser and run the following command: @@ -129,9 +125,7 @@ Restart the database server to reflect the changes. CREATE TRUSTED LANGUAGE plperl; ``` -For more information about using the `CREATE LANGUAGE` command, see the PostgreSQL core documentation at: - - +For more information on EDB Language Pack, see [EDB Postgres Language Pack](https://www.postgresql.org/docs/current/static/sql-createlanguage.html). diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx new file mode 100644 index 00000000000..923f7afd67b --- /dev/null +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx @@ -0,0 +1,334 @@ +--- +title: Cloning schema as a non-super user +--- + +You can now clone the schema as a non-super user. These two functions are created while creating the extension: + +- GRANT_CLONE_SCHEMA_PRIVILEGES - Grants the privileges to a non-super user to clone the schema. +- REVOKE_CLONE_SCHEMA_PRIVILEGES - Revokes the privileges from a non-super user for cloning the schema. + +## GRANT_CLONE_SCHEMA_PRIVILEGES + +You can grant the clone schema privileges to a non-super user using this function. + +Syntax: + +```sql +GRANT_CLONE_SCHEMA_PRIVILEGES( TEXT, [ BOOLEAN], [ BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user to whom privileges are to be granted to do local cloning. + +`allow_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value grants user the privileges to do remote cloning. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to grant a non-super user ec2-user the privileges for local and remote cloning: + +```sql +SELECT edb_util.grant_clone_schema(user_name => 'ec2-user', + allow_remote_schema => true, + print_commands => true); +__OUTPUT__ +INFO: Executed command: GRANT USAGE ON SCHEMA edb_util TO "ec2-user" +INFO: Executed command: GRANT pg_read_all_settings TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON PACKAGE SYS.UTL_FILE TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_stat_file(text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_read_file(text, bigint, bigint) TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_authid TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_user_mapping TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink_connect_u(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_file_write(text, text, boolean) TO "ec2-user" +INFO: Executed command: GRANT USAGE ON FOREIGN DATA WRAPPER postgres_fdw TO "ec2-user" +┌───────────────────────────────┐ +│ grant_clone_schema_privileges │ +├───────────────────────────────┤ +│ t │ +└───────────────────────────────┘ +(1 row) +``` + +## REVOKE_CLONE_SCHEMA_PRIVILEGES + +You can revoke the clone schema privileges from a non-super user using this function. + +Syntax: + +```sql +revoke_clone_schema_privileges( TEXT[, BOOLEAN][, BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user from whom we want to revoke the cloning privileges. + +`revoke_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value revokes the remote cloning privileges from the user. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to revoke cloning privileges from the ec2-user user. + +```sql +SELECT edb_util.revoke_clone_schema_privileges(user_name => 'ec2-user', + revoke_remote_schema_clone => true, + print_commands => true); +__OUTPUT__ +INFO: Revoked USAGE on schema edb_util from ec2-user. +INFO: Revoked pg_read_all_settings from ec2-user. +INFO: Revoked EXECUTE on package SYS.UTL_FILE from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_stat_file(text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) from ec2-user. +INFO: Revoked SELECT on pg_authid from ec2-user. +INFO: Revoked SELECT on pg_user_mapping from ec2-user. +INFO: Revoked EXECUTE on function dblink_connect_u(text, text) from ec2-user. +INFO: Revoked EXECUTE on function dblink(text, text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) from ec2-user. +INFO: Revoked USAGE on foreign data wrapper postgres_fdw from ec2-user. +┌────────────────────────────────┐ +│ revoke_clone_schema_privileges │ +├────────────────────────────────┤ +│ t │ +└────────────────────────────────┘ +(1 row) +``` + +## Example - clone a schema locally as a non-super user + +This example shows how to clone a local schema as a non-super user: + +Create a non-super user named `forcs` for this example: + +```sql +CREATE USER forcs PASSWORD `abc123`; +__OUTPUT__ +CREATE ROLE +``` + +Give CREATE privileges to `forcs` on `edb` database: + +```sql +GRANT CREATE on DATABASE edb to forcs; +__OUTPUT__ +GRANT +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give clone schema privilege to `forcs` user: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to `edb` datbase as `forcs` user: + +``` +edb-psql -h 127.0.0.1 -p 6543 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create a foreign server and a user mapping: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a sample schema and tables: + +```sql +CREATE SCHEMA src; +SET search_path=src, public, "$user$"; +CREATE TABLE t1 AS (SELECT generate_series(1,100000)); +CREATE TABLE t2 AS (SELECT generate_series(1,100000)); +CREATE TABLE t3 AS (SELECT generate_series(1,100000)); +CREATE TABLE t4 AS (SELECT generate_series(1,100000)); +__OUTPUT__ +CREATE SCHEMA +SET +SELECT 100000 +SELECT 100000 +SELECT 100000 +SELECT 100000 +``` + +Clone the schema locally: + +```sql +select edb_util.localcopyschema('local_postgres_server','src','src2','src2_log',true,true,true,4); +__OUTPUT__ + localcopyschema +----------------- + t +(1 row) +``` + +## Example - clone a schema remotely as a non-super user + +This example shows how to clone a schema remotely as a non-super user. + +Create a non-super user named `forcs` for this example: + +```sql +CREATE USER forcs password `abc123`; +__OUTPUT__ +CREATE ROLE +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give the clone schema privileges to the non-super user `forcs`: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to the `edb` database as `forcs` user: + +``` +edb-psql -h 127.0.0.1 -p 4422 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create a foreign server and user mapping in the target database: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '4422', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a foregin server and user mapping in the source database: + +```sql +CREATE SERVER src_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER src_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Clone the schema from source to target database using `remotecopyschema` function: + +```sql +select edb_util.remotecopyschema('src_postgres_server','local_postgres_server','src','src','src_log',true,true,true,4); +__OUTPUT__ + remotecopyschema +------------------ + t +(1 row) +``` \ No newline at end of file diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx index 36110b453dd..e30d7d13061 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx @@ -1,5 +1,5 @@ --- -title: "Copying database objcts from a remote source" +title: "Copying database objects from a remote source" navTitle: "Copying a remote database" description: "Describes how to copy a database when the source schema and the copy will reside in separate databases" --- @@ -96,7 +96,7 @@ The target server environment: - Database target of the clone: `tgtdb` - Foreign server (`tgt_server`) and user mapping with the information of the preceding bullet points - Target schema: `tgtschema` -- Database superuser to invoke `remotecopyschema: enterprisedb` +- Database user to invoke `remotecopyschema: enterprisedb` Before invoking the function, the connection database user `enterprisedb` connects to database `tgtdb`. A `worker_count` of `4` is specified for this function. diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_schema.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_schema.mdx index 427ae7ffed0..fdd8973a416 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_schema.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/copying_a_schema.mdx @@ -78,7 +78,7 @@ The example is for the following environment: - Foreign server (`local_server`) and user mapping with the information of the preceding bullet points - Source schema: `edb` - Target schema: `edbcopy` -- Database superuser to invoke `localcopyschema: enterprisedb` +- Database user to invoke `localcopyschema: enterprisedb` Before invoking the function, database user `enterprisedb` connects to to database `edb`: diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx index d293972d470..b4d1a42fe95 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx @@ -31,6 +31,9 @@ Use the following functions with EDB Clone Schema: - `remotecopyschema_nb`. This function performs the same purpose as `remotecopyschema` but as a background job, which frees up the terminal from which the function was initiated. This function is a non-blocking function. See [remotecopyschema_nb](copying_a_remote_schema) for more information. - `process_status_from_log`. This function displays the status of the cloning functions. The information is obtained from a log file you specify when invoking a cloning function. See [process_status_from_log](checking_the_status) for more information. - `remove_log_file_and_job`. This function deletes the log file created by a cloning function. You can also use this function to delete a job created by the non-blocking form of the function. See [remove_log_file_and_job](performing_cleanup_tasks) for more information. +- `create_clone_log_dir`. This function creates a directory to store all the log files created by a cloning function. +- `grant_clone_schema_privileges`. This function grants the privileges to a non-super user to clone the schema. +- `revoke_clone_schema_privileges`. This function revokes the privileges from a non-super user for cloning the schema. ## List of supported database objects diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx index 13926d47c36..0df7e43e126 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx @@ -6,6 +6,15 @@ description: "Describes how to install and configure the EDB Clone Schema extens To use EDB Clone Schema, you must first install several extensions along with the PL/Perl language on any database used as the source or target database by an EDB Clone Schema function. In addition, it might help to modify some configuration parameters in the `postgresql.conf` file of the database servers. +## Create the log directory + +The log directory is required to store all the log files. Create the log directory as a superuser: + +```sql +SELECT edb_util.create_clone_log_dir(); +``` + +It returns the value true on successful execution. ## Installing extensions @@ -33,6 +42,8 @@ Modify the `postgresql.conf` file by adding `$libdir/parallel_clone` to the `sha shared_preload_libraries = '$libdir/dbms_pipe,$libdir/dbms_aq,$libdir/parallel_clone' ``` +Restart the database server to load the libraries with clone schema support. + ## Installing PL/Perl 1. Install the Perl procedural language (PL/Perl) on the database, and run the `CREATE TRUSTED LANGUAGE plperl` command. For Linux, install PL/Perl using the `edb-as-server-plperl` RPM package, where `` is the EDB Postgres Advanced Server version number. For Windows, use the EDB Postgres Language Pack. For information on EDB Language Pack, see the [EDB Postgres Language Pack](/language_pack/latest). @@ -87,6 +98,18 @@ To display the status from a log file, use the `process_status_from_log` functio To delete a log file, use the `remove_log_file_and_job` function, or delete it manually from the log directory. +## Creating Log directory + +The Log directory is required to store all the log files. + +After creating the extensions the following statement must be executed, as a superuser, to create the log directory: + + ```sql + SELECT edb_util.create_clone_log_dir(); + ``` + +It will return the value true on successful execution. + ## Installing EDB Clone Schema Install the EDB Clone Schema on any database to be used as the source or target database by an EDB Clone Schema function. From b3d86df90f2e1488f1826e26dac6d11c2e80dc4d Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Tue, 7 Jan 2025 14:06:20 +0530 Subject: [PATCH 07/11] Update setting_up_edb_clone_schema.mdx --- .../setting_up_edb_clone_schema.mdx | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx index 0df7e43e126..b37d8de06cc 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx @@ -98,18 +98,6 @@ To display the status from a log file, use the `process_status_from_log` functio To delete a log file, use the `remove_log_file_and_job` function, or delete it manually from the log directory. -## Creating Log directory - -The Log directory is required to store all the log files. - -After creating the extensions the following statement must be executed, as a superuser, to create the log directory: - - ```sql - SELECT edb_util.create_clone_log_dir(); - ``` - -It will return the value true on successful execution. - ## Installing EDB Clone Schema Install the EDB Clone Schema on any database to be used as the source or target database by an EDB Clone Schema function. @@ -224,7 +212,7 @@ The foreign server defining the originating database server and its database con The foreign server defining the database server and its database to receive the schema to clone is referred to as the *target server* or the *local server*. The target server is also referred to as the local server because this server is the one to which you must be connected when invoking the `remotecopyschema` or `remotecopyschema_nb` function. -The user mappings define the connection and authentication information for the foreign servers. You must create all of these foreign servers and user mappings in the target database of the target/local server. The database user for whom the user mappings are defined must be a superuser and the user connected to the local server when invoking an EDB Clone Schema function. +The user mappings define the connection and authentication information for the foreign servers. You must create all of these foreign servers and user mappings in the target database of the target/local server. The database user for whom the user mappings are defined must have required privileges and the user must be connected to the local server when invoking an EDB Clone Schema function. This example creates the foreign server for the local, target database that receives the cloned schema: @@ -305,7 +293,7 @@ __OUTPUT__ (2 rows) ``` -When database superuser `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. +When database user `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. In addition, database user `srcuser` with password `srcpassword` connects to `src_server` on host `192.168.2.28` with port `5444` to database `srcdb`. From 97ab7fcd4d7d4873fd3904c39c50c2b80b46fafa Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Wed, 8 Jan 2025 12:43:12 +0530 Subject: [PATCH 08/11] made changes for v14 --- .../14/epas_guide/14_edb_clone_schema.mdx | 353 +++++++++++++++++- 1 file changed, 345 insertions(+), 8 deletions(-) diff --git a/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx index c72cfe402f9..7d4e6a98a08 100644 --- a/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx @@ -20,6 +20,9 @@ Use the following functions with EDB Clone Schema: - `remotecopyschema_nb`. This function performs the same purpose as `remotecopyschema` but as a background job, which frees up the terminal from which the function was initiated. This function is a non-blocking function. See [remotecopyschema_nb](#remotecopyschema_nb) for more information. - `process_status_from_log`. This function displays the status of the cloning functions. The information is obtained from a log file you specify when invoking a cloning function. See [process_status_from_log](#process_status_from_log) for more information. - `remove_log_file_and_job`. This function deletes the log file created by a cloning function. You can also use this function to delete a job created by the non-blocking form of the function. See [remove_log_file_and_job](#remove_log_file_and_job) for more information. +- `create_clone_log_dir`. This function creates a directory to store all the log files created by a cloning function. +- `grant_clone_schema_privileges`. This function grants the privileges to a non-super user for cloning the schema. +- `revoke_clone_schema_privileges`. This function revokes the privileges from a non-super user for cloning the schema. You can clone these database objects from one schema to another: @@ -186,7 +189,7 @@ When using one of the local cloning functions `localcopyschema` or `localcopysch When using one of the remote cloning functions `remotecopyschema` or `remotecopyschema_nb`, two of the required parameters include two foreign servers. The foreign server specified as the first parameter identifies the source database server and its database that's the provider of the cloned schema. The foreign server specified as the second parameter identifies the target database server and its database that's the receiver of the cloned schema. -For each foreign server, you must create a user mapping. When a selected database superuser invokes a cloning function, that superuser must be mapped to a database user name and password that has access to the foreign server that's specified as a parameter in the cloning function. +For each foreign server, you must create a user mapping. When a selected database user invokes a cloning function, that user must be mapped to a database user name and password that has access to the foreign server that's specified as a parameter in the cloning function. For general information about foreign data, foreign servers, and user mappings, see the [PostgreSQL core documentation](https://www.postgresql.org/docs/current/static/ddl-foreign-data.html). @@ -196,7 +199,7 @@ For the `localcopyschema` and `localcopyschema_nb` functions, the source and tar The user mapping defines the connection and authentication information for the foreign server. You must create this foreign server and user mapping in the database of the local server in which the cloning occurs. -The database user for whom the user mapping is defined must be a superuser and connected to the local server when invoking an EDB Clone Schema function. +The database user for whom the user mapping is defined must have required privileges and the user must be connected to the local server when invoking an EDB Clone Schema function. This example creates the foreign server for the database containing the schema to clone and to receive the cloned schema: @@ -246,7 +249,7 @@ edb=# \deu+ (1 row) ``` -When database superuser `enterprisedb` invokes a cloning function, the database user `enterprisedb` with its password is used to connect to `local_server` on the `localhost` with port `5444` to database `edb`. +When database user `enterprisedb` invokes a cloning function, the database user `enterprisedb` with its password is used to connect to `local_server` on the `localhost` with port `5444` to database `edb`. In this case, the mapped database user, `enterprisedb`, and the database user, `enterprisedb`, used to connect to the local `edb` database are the same database user. However, that's not required. @@ -266,7 +269,7 @@ The user mappings define the connection and authentication information for the f You must create all of these foreign servers and user mappings in the target database of the target/local server. -The database user for whom the user mappings are defined must be a superuser and the user connected to the local server when invoking an EDB Clone Schema function. +The database user for whom the user mappings are defined must have required privileges and the user must be connected to the local server when invoking an EDB Clone Schema function. This example creates the foreign server for the local, target database that receives the cloned schema: @@ -343,7 +346,7 @@ tgtdb=# \deu+ (2 rows) ``` -When database superuser `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. +When database user `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. In addition, database user `srcuser` with password `srcpassword` connects to `src_server` on host `192.168.2.28` with port `5444` to database `srcdb`. @@ -367,7 +370,7 @@ The EDB Clone Schema functions are created in the `edb_util` schema when the `pa Verify the following conditions before using an EDB Clone Schema function: -- You're connected to the target or local database as the database superuser defined in the `CREATE USER MAPPING` command for the foreign server of the target or local database. +- You're connected to the target or local database as the database user defined in the `CREATE USER MAPPING` command for the foreign server of the target or local database. - The `edb_util` schema is in the search path, or invoke the cloning function with the `edb_util` prefix. - The target schema doesn't exist in the target database. - When using the remote copy functions, if the `on_tblspace` parameter is set to `true`, then the target database cluster contains all tablespaces that are referenced by objects in the source schema. Otherwise, creating the DDL statements for those database objects fails in the target schema, which causes a failure of the cloning process. @@ -445,7 +448,7 @@ The example is for the following environment: - Foreign server (`local_server`) and user mapping with the information of the preceding bullet points - Source schema: `edb` - Target schema: `edbcopy` -- Database superuser to invoke `localcopyschema: enterprisedb` +- Database user to invoke `localcopyschema: enterprisedb` Before invoking the function, database user `enterprisedb` connects to to database `edb`: @@ -743,7 +746,7 @@ The target server environment: - Database target of the clone: `tgtdb` - Foreign server (`tgt_server`) and user mapping with the information of the preceding bullet points - Target schema: `tgtschema` -- Database superuser to invoke `remotecopyschema: enterprisedb` +- Database user to invoke `remotecopyschema: enterprisedb` Before invoking the function, the connection database user `enterprisedb` connects to database `tgtdb`. A `worker_count` of `4` is specified for this function. @@ -1060,3 +1063,337 @@ tgtdb=# SELECT edb_util.remove_log_file_and_job ('clone_rmt_src_tgt',2); t (1 row) ``` + +## Cloning schema as a non-super user + +You can now clone the schema as a non-super user. These two functions are created while creating the extension: + +- GRANT_CLONE_SCHEMA_PRIVILEGES - Grants the privileges to a non-super user to clone the schema. +- REVOKE_CLONE_SCHEMA_PRIVILEGES - Revokes the privileges from a non-super user for cloning the schema. + +### GRANT_CLONE_SCHEMA_PRIVILEGES + +You can grant the clone schema privileges to a non-super user using this function. + +Syntax: + +```sql +GRANT_CLONE_SCHEMA_PRIVILEGES( TEXT, [ BOOLEAN], [ BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user to whom privileges are to be granted to do local cloning. + +`allow_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value grants user the privileges to do remote cloning. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to grant a non-super user ec2-user the privileges for local and remote cloning: + +```sql +SELECT edb_util.grant_clone_schema(user_name => 'ec2-user', + allow_remote_schema => true, + print_commands => true); +__OUTPUT__ +INFO: Executed command: GRANT USAGE ON SCHEMA edb_util TO "ec2-user" +INFO: Executed command: GRANT pg_read_all_settings TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON PACKAGE SYS.UTL_FILE TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_stat_file(text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_read_file(text, bigint, bigint) TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_authid TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_user_mapping TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink_connect_u(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_file_write(text, text, boolean) TO "ec2-user" +INFO: Executed command: GRANT USAGE ON FOREIGN DATA WRAPPER postgres_fdw TO "ec2-user" +┌───────────────────────────────┐ +│ grant_clone_schema_privileges │ +├───────────────────────────────┤ +│ t │ +└───────────────────────────────┘ +(1 row) +``` + +### REVOKE_CLONE_SCHEMA_PRIVILEGES + +You can revoke the clone schema privileges from a non-super user using this function. + +Syntax: + +```sql +revoke_clone_schema_privileges( TEXT[, BOOLEAN][, BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user from whom we want to revoke the cloning privileges. + +`revoke_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value revokes the remote cloning privileges from the user. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to revoke cloning privileges from the ec2-user user. + +```sql +SELECT edb_util.revoke_clone_schema_privileges(user_name => 'ec2-user', + revoke_remote_schema_clone => true, + print_commands => true); +__OUTPUT__ +INFO: Revoked USAGE on schema edb_util from ec2-user. +INFO: Revoked pg_read_all_settings from ec2-user. +INFO: Revoked EXECUTE on package SYS.UTL_FILE from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_stat_file(text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) from ec2-user. +INFO: Revoked SELECT on pg_authid from ec2-user. +INFO: Revoked SELECT on pg_user_mapping from ec2-user. +INFO: Revoked EXECUTE on function dblink_connect_u(text, text) from ec2-user. +INFO: Revoked EXECUTE on function dblink(text, text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) from ec2-user. +INFO: Revoked USAGE on foreign data wrapper postgres_fdw from ec2-user. +┌────────────────────────────────┐ +│ revoke_clone_schema_privileges │ +├────────────────────────────────┤ +│ t │ +└────────────────────────────────┘ +(1 row) +``` + +### Example - clone a schema locally as a non-super user + +This example shows how to clone a local schema as a non-super user: + +Create a non-super user named `forcs` for this example: + +```sql +CREATE USER forcs PASSWORD `abc123`; +__OUTPUT__ +CREATE ROLE +``` + +Give CREATE privileges to `forcs` on `edb` database: + +```sql +GRANT CREATE on DATABASE edb to forcs; +__OUTPUT__ +GRANT +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give clone schema privilege to `forcs` user: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to `edb` datbase as `forcs` user: + +``` +edb-psql -h 127.0.0.1 -p 6543 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create a foreign server and a user mapping: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a sample schema and tables: + +```sql +CREATE SCHEMA src; +SET search_path=src, public, "$user$"; +CREATE TABLE t1 AS (SELECT generate_series(1,100000)); +CREATE TABLE t2 AS (SELECT generate_series(1,100000)); +CREATE TABLE t3 AS (SELECT generate_series(1,100000)); +CREATE TABLE t4 AS (SELECT generate_series(1,100000)); +__OUTPUT__ +CREATE SCHEMA +SET +SELECT 100000 +SELECT 100000 +SELECT 100000 +SELECT 100000 +``` + +Clone the schema locally: + +```sql +select edb_util.localcopyschema('local_postgres_server','src','src2','src2_log',true,true,true,4); +__OUTPUT__ + localcopyschema +----------------- + t +(1 row) +``` + +### Example - clone a schema remotely as a non-super user + +This example shows how to clone a schema remotely as a non-super user. + +Create a non-super user named `forcs` for this example: + +```sql +CREATE USER forcs password `abc123`; +__OUTPUT__ +CREATE ROLE +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give the clone schema privileges to the non-super user `forcs`: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to the `edb` database as `forcs` user: + +``` +edb-psql -h 127.0.0.1 -p 4422 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create a foreign server and user mapping in the target database: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '4422', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a foregin server and user mapping in the source database: + +```sql +CREATE SERVER src_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER src_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Clone the schema from source to target database using `remotecopyschema` function: + +```sql +select edb_util.remotecopyschema('src_postgres_server','local_postgres_server','src','src','src_log',true,true,true,4); +__OUTPUT__ + remotecopyschema +------------------ + t +(1 row) +``` + From 23695e952d55320a09ca547cc4fd718bad3fc555 Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Wed, 8 Jan 2025 12:52:56 +0530 Subject: [PATCH 09/11] made changes for v16 --- .../14_edb_clone_schema/index.mdx | 1 + .../setting_up_edb_clone_schema.mdx | 9 - .../cloning_with_a_non_super_user.mdx | 334 ++++++++++++++++++ .../edb_clone_schema_overview.mdx | 3 + .../14_edb_clone_schema/index.mdx | 1 + .../setting_up_edb_clone_schema.mdx | 11 +- 6 files changed, 345 insertions(+), 14 deletions(-) create mode 100644 product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/index.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/index.mdx index a5755f91ddf..8e0c743e4c4 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/index.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/index.mdx @@ -10,6 +10,7 @@ navigation: - copying_a_remote_schema - checking_the_status - performing_cleanup_tasks + - cloning_with_a_non_super_user --- diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx index b37d8de06cc..b2127d77d11 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx @@ -6,15 +6,6 @@ description: "Describes how to install and configure the EDB Clone Schema extens To use EDB Clone Schema, you must first install several extensions along with the PL/Perl language on any database used as the source or target database by an EDB Clone Schema function. In addition, it might help to modify some configuration parameters in the `postgresql.conf` file of the database servers. -## Create the log directory - -The log directory is required to store all the log files. Create the log directory as a superuser: - -```sql -SELECT edb_util.create_clone_log_dir(); -``` - -It returns the value true on successful execution. ## Installing extensions diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx new file mode 100644 index 00000000000..923f7afd67b --- /dev/null +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx @@ -0,0 +1,334 @@ +--- +title: Cloning schema as a non-super user +--- + +You can now clone the schema as a non-super user. These two functions are created while creating the extension: + +- GRANT_CLONE_SCHEMA_PRIVILEGES - Grants the privileges to a non-super user to clone the schema. +- REVOKE_CLONE_SCHEMA_PRIVILEGES - Revokes the privileges from a non-super user for cloning the schema. + +## GRANT_CLONE_SCHEMA_PRIVILEGES + +You can grant the clone schema privileges to a non-super user using this function. + +Syntax: + +```sql +GRANT_CLONE_SCHEMA_PRIVILEGES( TEXT, [ BOOLEAN], [ BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user to whom privileges are to be granted to do local cloning. + +`allow_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value grants user the privileges to do remote cloning. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to grant a non-super user ec2-user the privileges for local and remote cloning: + +```sql +SELECT edb_util.grant_clone_schema(user_name => 'ec2-user', + allow_remote_schema => true, + print_commands => true); +__OUTPUT__ +INFO: Executed command: GRANT USAGE ON SCHEMA edb_util TO "ec2-user" +INFO: Executed command: GRANT pg_read_all_settings TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON PACKAGE SYS.UTL_FILE TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_stat_file(text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_read_file(text, bigint, bigint) TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_authid TO "ec2-user" +INFO: Executed command: GRANT SELECT ON pg_user_mapping TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink_connect_u(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION dblink(text, text) TO "ec2-user" +INFO: Executed command: GRANT EXECUTE ON FUNCTION pg_catalog.pg_file_write(text, text, boolean) TO "ec2-user" +INFO: Executed command: GRANT USAGE ON FOREIGN DATA WRAPPER postgres_fdw TO "ec2-user" +┌───────────────────────────────┐ +│ grant_clone_schema_privileges │ +├───────────────────────────────┤ +│ t │ +└───────────────────────────────┘ +(1 row) +``` + +## REVOKE_CLONE_SCHEMA_PRIVILEGES + +You can revoke the clone schema privileges from a non-super user using this function. + +Syntax: + +```sql +revoke_clone_schema_privileges( TEXT[, BOOLEAN][, BOOLEAN]) +``` + +Where, + +`user_name` + +Name of the user from whom we want to revoke the cloning privileges. + +`revoke_remote_schema_clone` + +Optionally provide a boolean value to this parameter to control the remote cloning by the user. By default the value is set to False. The true value revokes the remote cloning privileges from the user. + +`print_commands` + +Optionally provide a boolean value to this parameter to control printing of the executed commands. By default the value is set to false. The true value prints the executed commands on the terminal. + +This example shows how to revoke cloning privileges from the ec2-user user. + +```sql +SELECT edb_util.revoke_clone_schema_privileges(user_name => 'ec2-user', + revoke_remote_schema_clone => true, + print_commands => true); +__OUTPUT__ +INFO: Revoked USAGE on schema edb_util from ec2-user. +INFO: Revoked pg_read_all_settings from ec2-user. +INFO: Revoked EXECUTE on package SYS.UTL_FILE from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_stat_file(text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) from ec2-user. +INFO: Revoked SELECT on pg_authid from ec2-user. +INFO: Revoked SELECT on pg_user_mapping from ec2-user. +INFO: Revoked EXECUTE on function dblink_connect_u(text, text) from ec2-user. +INFO: Revoked EXECUTE on function dblink(text, text) from ec2-user. +INFO: Revoked EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) from ec2-user. +INFO: Revoked USAGE on foreign data wrapper postgres_fdw from ec2-user. +┌────────────────────────────────┐ +│ revoke_clone_schema_privileges │ +├────────────────────────────────┤ +│ t │ +└────────────────────────────────┘ +(1 row) +``` + +## Example - clone a schema locally as a non-super user + +This example shows how to clone a local schema as a non-super user: + +Create a non-super user named `forcs` for this example: + +```sql +CREATE USER forcs PASSWORD `abc123`; +__OUTPUT__ +CREATE ROLE +``` + +Give CREATE privileges to `forcs` on `edb` database: + +```sql +GRANT CREATE on DATABASE edb to forcs; +__OUTPUT__ +GRANT +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give clone schema privilege to `forcs` user: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to `edb` datbase as `forcs` user: + +``` +edb-psql -h 127.0.0.1 -p 6543 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create a foreign server and a user mapping: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a sample schema and tables: + +```sql +CREATE SCHEMA src; +SET search_path=src, public, "$user$"; +CREATE TABLE t1 AS (SELECT generate_series(1,100000)); +CREATE TABLE t2 AS (SELECT generate_series(1,100000)); +CREATE TABLE t3 AS (SELECT generate_series(1,100000)); +CREATE TABLE t4 AS (SELECT generate_series(1,100000)); +__OUTPUT__ +CREATE SCHEMA +SET +SELECT 100000 +SELECT 100000 +SELECT 100000 +SELECT 100000 +``` + +Clone the schema locally: + +```sql +select edb_util.localcopyschema('local_postgres_server','src','src2','src2_log',true,true,true,4); +__OUTPUT__ + localcopyschema +----------------- + t +(1 row) +``` + +## Example - clone a schema remotely as a non-super user + +This example shows how to clone a schema remotely as a non-super user. + +Create a non-super user named `forcs` for this example: + +```sql +CREATE USER forcs password `abc123`; +__OUTPUT__ +CREATE ROLE +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION adminpack; +CREATE EXTENSION pgAgent; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give the clone schema privileges to the non-super user `forcs`: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect_u(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_file_write(text, text, boolean) to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to the `edb` database as `forcs` user: + +``` +edb-psql -h 127.0.0.1 -p 4422 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (13.17.23) +Type "help" for help. +``` + +Create a foreign server and user mapping in the target database: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '4422', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a foregin server and user mapping in the source database: + +```sql +CREATE SERVER src_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER src_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Clone the schema from source to target database using `remotecopyschema` function: + +```sql +select edb_util.remotecopyschema('src_postgres_server','local_postgres_server','src','src','src_log',true,true,true,4); +__OUTPUT__ + remotecopyschema +------------------ + t +(1 row) +``` \ No newline at end of file diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx index d293972d470..b4d1a42fe95 100644 --- a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/edb_clone_schema_overview.mdx @@ -31,6 +31,9 @@ Use the following functions with EDB Clone Schema: - `remotecopyschema_nb`. This function performs the same purpose as `remotecopyschema` but as a background job, which frees up the terminal from which the function was initiated. This function is a non-blocking function. See [remotecopyschema_nb](copying_a_remote_schema) for more information. - `process_status_from_log`. This function displays the status of the cloning functions. The information is obtained from a log file you specify when invoking a cloning function. See [process_status_from_log](checking_the_status) for more information. - `remove_log_file_and_job`. This function deletes the log file created by a cloning function. You can also use this function to delete a job created by the non-blocking form of the function. See [remove_log_file_and_job](performing_cleanup_tasks) for more information. +- `create_clone_log_dir`. This function creates a directory to store all the log files created by a cloning function. +- `grant_clone_schema_privileges`. This function grants the privileges to a non-super user to clone the schema. +- `revoke_clone_schema_privileges`. This function revokes the privileges from a non-super user for cloning the schema. ## List of supported database objects diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/index.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/index.mdx index a5755f91ddf..8e0c743e4c4 100644 --- a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/index.mdx +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/index.mdx @@ -10,6 +10,7 @@ navigation: - copying_a_remote_schema - checking_the_status - performing_cleanup_tasks + - cloning_with_a_non_super_user --- diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx index 161c004ae2b..7196c2914b7 100644 --- a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/setting_up_edb_clone_schema.mdx @@ -32,6 +32,7 @@ Modify the `postgresql.conf` file by adding `$libdir/parallel_clone` to the `sha ```ini shared_preload_libraries = '$libdir/dbms_pipe,$libdir/dbms_aq,$libdir/parallel_clone' ``` +Restart the database server to load the libraries with clone schema support. ## Installing PL/Perl @@ -125,7 +126,7 @@ When using one of the local cloning functions `localcopyschema` or `localcopysch When using one of the remote cloning functions `remotecopyschema` or `remotecopyschema_nb`, two of the required parameters include two foreign servers. The foreign server specified as the first parameter identifies the source database server and its database that's the provider of the cloned schema. The foreign server specified as the second parameter identifies the target database server and its database that's the receiver of the cloned schema. -For each foreign server, you must create a user mapping. When a selected database superuser invokes a cloning function, that superuser must be mapped to a database user name and password that has access to the foreign server that's specified as a parameter in the cloning function. +For each foreign server, you must create a user mapping. When a selected database user invokes a cloning function, that user must be mapped to a database user name and password that has access to the foreign server that's specified as a parameter in the cloning function. For general information about foreign data, foreign servers, and user mappings, see the [PostgreSQL core documentation](https://www.postgresql.org/docs/current/static/ddl-foreign-data.html). @@ -135,7 +136,7 @@ For the `localcopyschema` and `localcopyschema_nb` functions, the source and tar The user mapping defines the connection and authentication information for the foreign server. You must create this foreign server and user mapping in the database of the local server in which the cloning occurs. -The database user for whom the user mapping is defined must be a superuser and connected to the local server when invoking an EDB Clone Schema function. +The database user for whom the user mapping is defined must have required privileges and the user must be connected to the local server when invoking an EDB Clone Schema function. This example creates the foreign server for the database containing the schema to clone and to receive the cloned schema: @@ -188,7 +189,7 @@ __OUTPUT__ (1 row) ``` -When database superuser `enterprisedb` invokes a cloning function, the database user `enterprisedb` with its password is used to connect to `local_server` on the `localhost` with port `5444` to database `edb`. +When database user `enterprisedb` invokes a cloning function, the database user `enterprisedb` with its password is used to connect to `local_server` on the `localhost` with port `5444` to database `edb`. In this case, the mapped database user, `enterprisedb`, and the database user, `enterprisedb`, used to connect to the local `edb` database are the same database user. However, that's not required. @@ -202,7 +203,7 @@ The foreign server defining the originating database server and its database con The foreign server defining the database server and its database to receive the schema to clone is referred to as the *target server* or the *local server*. The target server is also referred to as the local server because this server is the one to which you must be connected when invoking the `remotecopyschema` or `remotecopyschema_nb` function. -The user mappings define the connection and authentication information for the foreign servers. You must create all of these foreign servers and user mappings in the target database of the target/local server. The database user for whom the user mappings are defined must be a superuser and the user connected to the local server when invoking an EDB Clone Schema function. +The user mappings define the connection and authentication information for the foreign servers. You must create all of these foreign servers and user mappings in the target database of the target/local server. The database user for whom the user mappings are defined must have required privileges and the user must be connected to the local server when invoking an EDB Clone Schema function. This example creates the foreign server for the local, target database that receives the cloned schema: @@ -283,7 +284,7 @@ __OUTPUT__ (2 rows) ``` -When database superuser `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. +When database user `enterprisedb` invokes a cloning function, the database user `tgtuser` with password `tgtpassword` is used to connect to `tgt_server` on the `localhost` with port `5444` to database `tgtdb`. In addition, database user `srcuser` with password `srcpassword` connects to `src_server` on host `192.168.2.28` with port `5444` to database `srcdb`. From a91b11f0da7a1128852706827911cc3c584ccc1e Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Wed, 8 Jan 2025 12:59:18 +0530 Subject: [PATCH 10/11] minor edit --- product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx | 2 +- product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx | 2 +- .../14_edb_clone_schema/cloning_with_a_non_super_user.mdx | 2 +- .../14_edb_clone_schema/cloning_with_a_non_super_user.mdx | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx index 03a73eb599a..838840686b9 100644 --- a/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/13/epas_guide/14_edb_clone_schema.mdx @@ -1225,7 +1225,7 @@ __OUTPUT__ CREATE ROLE ``` -Give CREATE privileges to `forcs` on `edb` database: +Give CREATE privileges to `forcs` user on `edb` database: ```sql GRANT CREATE on DATABASE edb to forcs; diff --git a/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx b/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx index 7d4e6a98a08..a654df1a90f 100644 --- a/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx +++ b/product_docs/docs/epas/14/epas_guide/14_edb_clone_schema.mdx @@ -1183,7 +1183,7 @@ __OUTPUT__ CREATE ROLE ``` -Give CREATE privileges to `forcs` on `edb` database: +Give CREATE privileges to `forcs` user on `edb` database: ```sql GRANT CREATE on DATABASE edb to forcs; diff --git a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx index 923f7afd67b..f57ea082cb5 100644 --- a/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx +++ b/product_docs/docs/epas/15/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx @@ -119,7 +119,7 @@ __OUTPUT__ CREATE ROLE ``` -Give CREATE privileges to `forcs` on `edb` database: +Give CREATE privileges to `forcs` user on `edb` database: ```sql GRANT CREATE on DATABASE edb to forcs; diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx index 923f7afd67b..f57ea082cb5 100644 --- a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx @@ -119,7 +119,7 @@ __OUTPUT__ CREATE ROLE ``` -Give CREATE privileges to `forcs` on `edb` database: +Give CREATE privileges to `forcs` user on `edb` database: ```sql GRANT CREATE on DATABASE edb to forcs; From 80accf45f89ef4f65b0dba3097e0de7fa9059931 Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Fri, 17 Jan 2025 15:27:32 +0530 Subject: [PATCH 11/11] Added examples for v17 --- .../cloning_with_a_non_super_user.mdx | 2 +- .../copying_a_remote_schema.mdx | 2 +- .../cloning_with_non_super_user.mdx | 231 ++++++++++++++++++ 3 files changed, 233 insertions(+), 2 deletions(-) diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx index f57ea082cb5..f559c2230da 100644 --- a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/cloning_with_a_non_super_user.mdx @@ -312,7 +312,7 @@ CREATE SERVER CREATE USER MAPPING ``` -Create a foregin server and user mapping in the source database: +Create a foreign server and user mapping in the source database: ```sql CREATE SERVER src_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); diff --git a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx index 36110b453dd..62b50a9100b 100644 --- a/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx +++ b/product_docs/docs/epas/16/database_administration/14_edb_clone_schema/copying_a_remote_schema.mdx @@ -1,5 +1,5 @@ --- -title: "Copying database objcts from a remote source" +title: "Copying database objects from a remote source" navTitle: "Copying a remote database" description: "Describes how to copy a database when the source schema and the copy will reside in separate databases" --- diff --git a/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/cloning_with_non_super_user.mdx b/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/cloning_with_non_super_user.mdx index 47f4c6443f8..6104dd6f6cb 100644 --- a/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/cloning_with_non_super_user.mdx +++ b/product_docs/docs/epas/17/database_administration/14_edb_clone_schema/cloning_with_non_super_user.mdx @@ -105,4 +105,235 @@ INFO: Revoked USAGE on foreign data wrapper postgres_fdw from ec2-user. │ t │ └────────────────────────────────┘ (1 row) +``` + +## Examples + +This example shows how to clone a schema locally as a non-super user: + +Create a non-super user named `forcs` for this example: + +```sql +edb-psql -p 6543 -U enterprisedb edb +CREATE USER forcs password 'abc123'; +__OUTPUT__ +CREATE ROLE +``` + +Give CREATE privileges to `forcs` user on `edb` database: + +```sql +GRANT CREATE on DATABASE edb to forcs; +__OUTPUT__ +GRANT +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +CREATE EXTENSION edb_job_scheduler; +CREATE EXTENSION DBMS_JOB; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give clone schema privilege to `forcs` user: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted ALL on directory edb_cs_lfp to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to `edb` database as `forcs` user: + +```sql +edb-psql -h 127.0.0.1 -p 6543 -U forcs edb +__OUTPUT__ +Password for user forcs: +edb-psql (17.1.0) +Type "help" for help. +``` + +Create a foreign server and a user mapping: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +``` + +Create a sample schema and tables: + +```sql +CREATE SCHEMA src; +SET search_path=src, public, "$user$"; +create table t1 as (select generate_series(1,100000)); +create table t2 as (select generate_series(1,100000)); +create table t3 as (select generate_series(1,100000)); +create table t4 as (select generate_series(1,100000)); +__OUTPUT__ +CREATE SCHEMA +SET +SELECT 100000 +SELECT 100000 +SELECT 100000 +SELECT 100000 +``` + +Clone the schema locally: + +```sql +SELECT edb_util.localcopyschema('local_postgres_server','src','src2','src2_log',true,true,true,4); +__OUTPUT__ + localcopyschema +----------------- + t +(1 row) +``` + +This example shows how to clone a schema remotely as a non-super user: + +Create a non-super user named `forcs` for this example: + +```sql +edb-psql -p 4422 -U enterprisedb edb +CREATE USER forcs PASSWORD 'abc123'; +__OUTPUT__ +CREATE ROLE +``` + +Give CREATE privileges on `edb` database to `forcs` user: + +```sql +GRANT CREATE on DATABASE edb to forcs; +__OUTPUT__ +GRANT +``` + +Create the following extensions: + +```sql +CREATE EXTENSION postgres_fdw; +CREATE EXTENSION dblink; +CREATE EXTENSION parallel_clone; +CREATE EXTENSION edb_cloneschema; +CREATE EXTENSION edb_job_scheduler; +CREATE EXTENSION DBMS_JOB; +__OUTPUT__ +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +CREATE EXTENSION +``` + +Create the log directory for cloning: + +```sql +SELECT edb_util.create_clone_log_dir(); +__OUTPUT__ + create_clone_log_dir +---------------------- + t +(1 row) +``` + +Give the clone schema privileges to the non-super user `forcs`: + +```sql +SELECT edb_util.grant_clone_schema_privileges('forcs', true, true); +__OUTPUT__ +INFO: Granted USAGE on schema edb_util to forcs. +INFO: Granted CREATE on schema edb_util to forcs. +INFO: Granted pg_read_all_settings to forcs. +INFO: Granted EXECUTE on package SYS.UTL_FILE to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_stat_file(text) to forcs. +INFO: Granted EXECUTE on function pg_catalog.pg_read_file(text, bigint, bigint) to forcs. +INFO: Granted SELECT on pg_authid to forcs. +INFO: Granted SELECT on pg_user_mapping to forcs. +INFO: Granted EXECUTE on function dblink_connect(text, text) to forcs. +INFO: Granted EXECUTE on function dblink(text, text) to forcs. +INFO: Granted ALL on directory edb_cs_lfp to forcs. +INFO: Granted USAGE on foreign data wrapper postgres_fdw to forcs. + grant_clone_schema_privileges +------------------------------- + t +(1 row) +``` + +Connect to the `edb` database as `forcs` user: + + +```sql +edb-psql -h 127.0.0.1 -p 4422 -U forcs edb +__OUPUT__ +Password for user forcs: +edb-psql (17.1.0) +Type "help" for help. +``` + +Create a foreign server and user mapping in source and target database: + +```sql +CREATE SERVER local_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '4422', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER local_postgres_server OPTIONS (user 'forcs', password 'abc123'); + +CREATE SERVER src_postgres_server FOREIGN DATA WRAPPER postgres_fdw OPTIONS (host '127.0.0.1', port '6543', dbname 'edb'); +CREATE USER MAPPING FOR forcs SERVER src_postgres_server OPTIONS (user 'forcs', password 'abc123'); +__OUTPUT__ +CREATE SERVER +CREATE USER MAPPING +CREATE SERVER +CREATE USER MAPPING +``` + +Clone the schema from source to target database using `remotecopyschema` function: + + +```sql +SELECT edb_util.remotecopyschema('src_postgres_server','local_postgres_server','src','src','src_log',true,true,true,4); +__OUTPUT__ + remotecopyschema +------------------ + t +(1 row) ``` \ No newline at end of file