On Wed, Nov 21, 2018 at 07:36:59PM +0000, PG Doc comments form wrote: > The current synopsis for CREATE / ALTER ROLE give one of the allowed options > as: > [ ENCRYPTED ] PASSWORD 'password' > and the current documentation for CREATE ROLE says: > "The ENCRYPTED keyword has no effect, but is accepted for backwards > compatibility."
The grammar is still supported, so keeping it documented has no actual problems until it gets removed, if that happens. Keeping it is not a real maintenance burden either. > I think it might be worth explicitly specifying the password-blanking form > for both commands as a new option in their synopses, e.g.: > > " > CREATE ROLE name [ [ WITH ] option [ ... ] ] > > where option can be: > > SUPERUSER | NOSUPERUSER > | CREATEDB | NOCREATEDB > ... > | [ ENCRYPTED ] PASSWORD 'password' | PASSWORD NULL > ... > " Yes, that the set of grammar combination supported, as ENCRYPTED PASSWORD NULL is not possible. > Also, there is inconsistency of quoting of 'password' in the synopsis for > CREATE/ALTER ROLE (has quotes) vs. their respective parameters sections (no > quotes). Agreed, this should have quotes for consistency. Any objections with the attached set of fixes from anybody? -- Michael
diff --git a/doc/src/sgml/ref/alter_role.sgml b/doc/src/sgml/ref/alter_role.sgml
index 573a3e80f7..dbf258ef50 100644
--- a/doc/src/sgml/ref/alter_role.sgml
+++ b/doc/src/sgml/ref/alter_role.sgml
@@ -33,7 +33,7 @@ ALTER ROLE <replaceable class="parameter">role_specification</replaceable> [ WIT
| REPLICATION | NOREPLICATION
| BYPASSRLS | NOBYPASSRLS
| CONNECTION LIMIT <replaceable class="parameter">connlimit</replaceable>
- | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>'
+ | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>' | PASSWORD NULL
| VALID UNTIL '<replaceable class="parameter">timestamp</replaceable>'
ALTER ROLE <replaceable class="parameter">name</replaceable> RENAME TO <replaceable>new_name</replaceable>
@@ -168,7 +168,8 @@ ALTER ROLE { <replaceable class="parameter">role_specification</replaceable> | A
<term><literal>BYPASSRLS</literal></term>
<term><literal>NOBYPASSRLS</literal></term>
<term><literal>CONNECTION LIMIT</literal> <replaceable class="parameter">connlimit</replaceable></term>
- <term>[ <literal>ENCRYPTED</literal> ] <literal>PASSWORD</literal> <replaceable class="parameter">password</replaceable></term>
+ <term>[ <literal>ENCRYPTED</literal> ] <literal>PASSWORD</literal> '<replaceable class="parameter">password</replaceable>'</term>
+ <term><literal>PASSWORD NULL</literal></term>
<term><literal>VALID UNTIL</literal> '<replaceable class="parameter">timestamp</replaceable>'</term>
<listitem>
<para>
diff --git a/doc/src/sgml/ref/alter_user.sgml b/doc/src/sgml/ref/alter_user.sgml
index 8f50f43089..6769c8ecc4 100644
--- a/doc/src/sgml/ref/alter_user.sgml
+++ b/doc/src/sgml/ref/alter_user.sgml
@@ -33,7 +33,7 @@ ALTER USER <replaceable class="parameter">role_specification</replaceable> [ WIT
| REPLICATION | NOREPLICATION
| BYPASSRLS | NOBYPASSRLS
| CONNECTION LIMIT <replaceable class="parameter">connlimit</replaceable>
- | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>'
+ | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>' | PASSWORD NULL
| VALID UNTIL '<replaceable class="parameter">timestamp</replaceable>'
ALTER USER <replaceable class="parameter">name</replaceable> RENAME TO <replaceable>new_name</replaceable>
diff --git a/doc/src/sgml/ref/create_role.sgml b/doc/src/sgml/ref/create_role.sgml
index 9c3b6978af..db842732a8 100644
--- a/doc/src/sgml/ref/create_role.sgml
+++ b/doc/src/sgml/ref/create_role.sgml
@@ -33,7 +33,7 @@ CREATE ROLE <replaceable class="parameter">name</replaceable> [ [ WITH ] <replac
| REPLICATION | NOREPLICATION
| BYPASSRLS | NOBYPASSRLS
| CONNECTION LIMIT <replaceable class="parameter">connlimit</replaceable>
- | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>'
+ | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>' | PASSWORD NULL
| VALID UNTIL '<replaceable class="parameter">timestamp</replaceable>'
| IN ROLE <replaceable class="parameter">role_name</replaceable> [, ...]
| IN GROUP <replaceable class="parameter">role_name</replaceable> [, ...]
@@ -210,7 +210,8 @@ CREATE ROLE <replaceable class="parameter">name</replaceable> [ [ WITH ] <replac
</varlistentry>
<varlistentry>
- <term>[ <literal>ENCRYPTED</literal> ] <literal>PASSWORD</literal> <replaceable class="parameter">password</replaceable></term>
+ <term>[ <literal>ENCRYPTED</literal> ] <literal>PASSWORD</literal> '<replaceable class="parameter">password</replaceable>'</term>
+ <term><literal>PASSWORD NULL</literal></term>
<listitem>
<para>
Sets the role's password. (A password is only of use for
diff --git a/doc/src/sgml/ref/create_user.sgml b/doc/src/sgml/ref/create_user.sgml
index a51dc50c97..198e06e723 100644
--- a/doc/src/sgml/ref/create_user.sgml
+++ b/doc/src/sgml/ref/create_user.sgml
@@ -33,7 +33,7 @@ CREATE USER <replaceable class="parameter">name</replaceable> [ [ WITH ] <replac
| REPLICATION | NOREPLICATION
| BYPASSRLS | NOBYPASSRLS
| CONNECTION LIMIT <replaceable class="parameter">connlimit</replaceable>
- | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>'
+ | [ ENCRYPTED ] PASSWORD '<replaceable class="parameter">password</replaceable>' | PASSWORD NULL
| VALID UNTIL '<replaceable class="parameter">timestamp</replaceable>'
| IN ROLE <replaceable class="parameter">role_name</replaceable> [, ...]
| IN GROUP <replaceable class="parameter">role_name</replaceable> [, ...]
signature.asc
Description: PGP signature
