Hi,
Goal is, drop schema should trigger drop role.
It does not work if default privileges are altered.
Function and event trigger:
kvpg2=# CREATE or replace FUNCTION trigger_after_drop_schema() RETURNS event_trigger
LANGUAGE plpgsql AS $$
DECLARE
r RECORD;
BEGIN
FOR r IN SELECT * FROM pg_event_trigger_dropped_objects()
LOOP
execute format ('drop role IF EXISTS r_%I', r.object_name);
END LOOP;
END;
$$;
CREATE FUNCTION
kvpg2=# CREATE EVENT TRIGGER after_drop_schema
ON sql_drop
WHEN TAG IN ('DROP SCHEMA')
EXECUTE PROCEDURE trigger_after_drop_schema();
CREATE EVENT TRIGGER
Example 1 (just user)
kvpg2=# create schema test;
CREATE SCHEMA
kvpg2=# create role r_test;
CREATE ROLE
kvpg2=# drop schema test;
DROP SCHEMA
kvpg2=# \du r_test
List of roles
Role name | Attributes
-----------+------------
It does not work if default privileges are altered.
Function and event trigger:
kvpg2=# CREATE or replace FUNCTION trigger_after_drop_schema() RETURNS event_trigger
LANGUAGE plpgsql AS $$
DECLARE
r RECORD;
BEGIN
FOR r IN SELECT * FROM pg_event_trigger_dropped_objects()
LOOP
execute format ('drop role IF EXISTS r_%I', r.object_name);
END LOOP;
END;
$$;
CREATE FUNCTION
kvpg2=# CREATE EVENT TRIGGER after_drop_schema
ON sql_drop
WHEN TAG IN ('DROP SCHEMA')
EXECUTE PROCEDURE trigger_after_drop_schema();
CREATE EVENT TRIGGER
Example 1 (just user)
kvpg2=# create schema test;
CREATE SCHEMA
kvpg2=# create role r_test;
CREATE ROLE
kvpg2=# drop schema test;
DROP SCHEMA
kvpg2=# \du r_test
List of roles
Role name | Attributes
-----------+------------
Example 2 (user with usage on schema)
kvpg2=# create schema test;
CREATE SCHEMA
kvpg2=# create role r_test;
CREATE ROLE
kvpg2=# grant usage on schema test to r_test ;
GRANT
kvpg2=# drop schema test;
DROP SCHEMA
kvpg2=# \du r_test
List of roles
Role name | Attributes
-----------+------------
kvpg2=# create schema test;
CREATE SCHEMA
kvpg2=# create role r_test;
CREATE ROLE
kvpg2=# grant usage on schema test to r_test ;
GRANT
kvpg2=# drop schema test;
DROP SCHEMA
kvpg2=# \du r_test
List of roles
Role name | Attributes
-----------+------------
Example 3 (user with usage on schema and altered default privileges)
kvpg2=# create schema test;
CREATE SCHEMA
kvpg2=# create role r_test;
CREATE ROLE
kvpg2=# grant usage on schema test to r_test ;
GRANT
kvpg2=# alter default privileges for role postgres in schema test grant select on tables to r_test;
ALTER DEFAULT PRIVILEGES
kvpg2=# drop schema test;
ERROR: null values cannot be formatted as an SQL identifier
CONTEXT: PL/pgSQL function trigger_after_drop_schema() line 7 at EXECUTE
Question, what i do wrong?
br
Kaido
kvpg2=# create schema test;
CREATE SCHEMA
kvpg2=# create role r_test;
CREATE ROLE
kvpg2=# grant usage on schema test to r_test ;
GRANT
kvpg2=# alter default privileges for role postgres in schema test grant select on tables to r_test;
ALTER DEFAULT PRIVILEGES
kvpg2=# drop schema test;
ERROR: null values cannot be formatted as an SQL identifier
CONTEXT: PL/pgSQL function trigger_after_drop_schema() line 7 at EXECUTE
Question, what i do wrong?
br
Kaido
