Re: pg_hba_lookup function to get all matching pg_hba.conf entries

On Wed, Nov 25, 2015 at 7:18 PM, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> wrote:
>
>
> 2015-11-25 8:05 GMT+01:00 Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>:
>>
>>
>> Thanks. Here I attached the poc patch that returns authentication method
>> of the
>> first matched hba entry in pg_hba.conf with the given input values.
>> Currently these
>> functions returns text type. Based on the details required to be
>> printed, it can
>> be changed.
>>
>> postgres=# select pg_hba_lookup('all', 'all');
>> pg_hba_lookup
>> ---------------
>> trust
>> (1 row)
>>
>> comments for the approach?
>
>
> From my perspective, it shows too less informations.
>
> What I am expecting:
>
> 1. line num of choosed rule
> 2. some tracing - via NOTICE, what and why some rules was skipped.

Here I attached the patch with the suggested changes.
Along with line number, I kept the options column also with authentication
options as a jsonb datatype.

Example output:

postgres=# select pg_hba_lookup('test','all','::1');
NOTICE: Skipped 84 Hba line, because of non matching IP.
NOTICE: Skipped 86 Hba line, because of non matching database.
NOTICE: Skipped 87 Hba line, because of non matching role.
pg_hba_lookup
---------------
(89,trust,{})
(1 row)

comments?

Regards,
Hari Babu
Fujitsu Australia