Thus, file accessibility and access rights depend on the client rather than the server when \copy is used. \copy invokes COPY FROM STDIN or COPY TO STDOUT, and then fetches/stores the data in a file accessible to the psql client.
Note that there is no terminating, because meta-commands are terminated by newline, unlike SQL commands.ĭo not confuse COPY with the psql instruction \copy. The psql command-line client has a special "meta-command" called \copy, which takes all the same options as the "real" COPY, but is run inside the client: \ copy ( Select * From foo) To '/tmp/test.csv' With CSV The underlying syntax for this is the COPY TO STDOUT command, and graphical tools like pgAdmin will wrap it for you in a nice dialog. The Postgres server doesn't need to know what file you're copying to, it just spits out the data and the client puts it somewhere. The other approach is to do the file handling on the client side, i.e. I've written a blog post expanding on this approach, including some examples of functions that export (or import) files and tables meeting strict conditions. You probably don’t want to let someone invoke your function and add rows on the end of your “users” table… Which tables should the user be able to read/write in the database? This would normally be defined by GRANTs in the database, but the function is now running as a superuser, so tables which would normally be "out of bounds" will be fully accessible.Which files should the user be allowed to read/write on disk? This might be a particular directory, for instance, and the filename might have to have a suitable prefix or extension.The crucial part is that your function is there to perform additional checks, not just by-pass the security - so you could write a function which exports the exact data you need, or you could write something which can accept various options as long as they meet a strict whitelist. That doesn't actually mean you have to be connected as a superuser (automating that would be a security risk of a different kind), because you can use the SECURITY DEFINER option to CREATE FUNCTION to make a function which runs as though you were a superuser. It also needs to be run as a Postgres "superuser" (normally called "root") because Postgres can't stop it doing nasty things with that machine's local filesystem. This approach runs entirely on the remote server - it can't write to your local PC. Copy ( Select * From foo) To '/tmp/test.csv' With CSV DELIMITER ',' HEADER
If you want something easy to re-use or automate, you can use Postgresql's built in COPY command. Do you want the resulting file on the server, or on the client? Server side
0 kommentar(er)
