1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

postgresql_lang: add trust_input parameter (#272)

* postgresql_lan: add trust_input parameter

* add changelog fragment
This commit is contained in:
Andrew Klychkov 2020-05-05 16:37:08 +03:00 committed by GitHub
parent e6b6c05bf7
commit 19cad71f25
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 4 deletions

View file

@ -0,0 +1,2 @@
minor_changes:
- postgresql_lang - add the ``trust_input`` parameter (https://github.com/ansible-collections/community.general/pull/272).

View file

@ -104,6 +104,11 @@ options:
- Set an owner for the language. - Set an owner for the language.
- Ignored when I(state=absent). - Ignored when I(state=absent).
type: str type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
type: bool
default: yes
seealso: seealso:
- name: PostgreSQL languages - name: PostgreSQL languages
description: General information about PostgreSQL languages. description: General information about PostgreSQL languages.
@ -176,6 +181,7 @@ queries:
''' '''
from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.general.plugins.module_utils.database import check_input
from ansible_collections.community.general.plugins.module_utils.postgres import ( from ansible_collections.community.general.plugins.module_utils.postgres import (
connect_to_db, connect_to_db,
get_conn_params, get_conn_params,
@ -258,7 +264,7 @@ def set_lang_owner(cursor, lang, owner):
lang (str): language name. lang (str): language name.
owner (str): name of new owner. owner (str): name of new owner.
""" """
query = "ALTER LANGUAGE \"%s\" OWNER TO %s" % (lang, owner) query = "ALTER LANGUAGE \"%s\" OWNER TO \"%s\"" % (lang, owner)
executed_queries.append(query) executed_queries.append(query)
cursor.execute(query) cursor.execute(query)
return True return True
@ -276,6 +282,7 @@ def main():
fail_on_drop=dict(type="bool", default="yes"), fail_on_drop=dict(type="bool", default="yes"),
session_role=dict(type="str"), session_role=dict(type="str"),
owner=dict(type="str"), owner=dict(type="str"),
trust_input=dict(type="bool", default="yes")
) )
module = AnsibleModule( module = AnsibleModule(
@ -291,6 +298,12 @@ def main():
cascade = module.params["cascade"] cascade = module.params["cascade"]
fail_on_drop = module.params["fail_on_drop"] fail_on_drop = module.params["fail_on_drop"]
owner = module.params["owner"] owner = module.params["owner"]
session_role = module.params["session_role"]
trust_input = module.params["trust_input"]
if not trust_input:
# Check input for potentially dangerous elements:
check_input(module, lang, session_role, owner)
conn_params = get_conn_params(module, module.params) conn_params = get_conn_params(module, module.params)
db_connection = connect_to_db(module, conn_params, autocommit=False) db_connection = connect_to_db(module, conn_params, autocommit=False)

View file

@ -30,6 +30,7 @@
<<: *pg_parameters <<: *pg_parameters
name: '{{ test_lang }}' name: '{{ test_lang }}'
owner: '{{ test_user1 }}' owner: '{{ test_user1 }}'
trust_input: no
check_mode: yes check_mode: yes
- assert: - assert:
@ -57,11 +58,12 @@
<<: *pg_parameters <<: *pg_parameters
name: '{{ test_lang }}' name: '{{ test_lang }}'
owner: '{{ test_user1 }}' owner: '{{ test_user1 }}'
trust_input: no
- assert: - assert:
that: that:
- result is changed - result is changed
- result.queries == ['CREATE LANGUAGE "{{ test_lang }}"', 'ALTER LANGUAGE "{{ test_lang }}" OWNER TO {{ test_user1 }}'] - result.queries == ['CREATE LANGUAGE "{{ test_lang }}"', 'ALTER LANGUAGE "{{ test_lang }}" OWNER TO "{{ test_user1 }}"']
- name: Check - name: Check
<<: *task_parameters <<: *task_parameters
@ -83,12 +85,13 @@
<<: *pg_parameters <<: *pg_parameters
name: '{{ test_lang }}' name: '{{ test_lang }}'
owner: '{{ test_user2 }}' owner: '{{ test_user2 }}'
trust_input: yes
check_mode: yes check_mode: yes
- assert: - assert:
that: that:
- result is changed - result is changed
- result.queries == ['ALTER LANGUAGE "{{ test_lang }}" OWNER TO {{ test_user2 }}'] - result.queries == ['ALTER LANGUAGE "{{ test_lang }}" OWNER TO "{{ test_user2 }}"']
- name: Check that nothing was actually changed - name: Check that nothing was actually changed
<<: *task_parameters <<: *task_parameters
@ -116,7 +119,7 @@
- result is changed - result is changed
# TODO: the first elem of the returned list below # TODO: the first elem of the returned list below
# looks like a bug, not related with the option owner, needs to be checked # looks like a bug, not related with the option owner, needs to be checked
- result.queries == ["UPDATE pg_language SET lanpltrusted = false WHERE lanname = '{{ test_lang }}'", 'ALTER LANGUAGE "{{ test_lang }}" OWNER TO {{ test_user2 }}'] - result.queries == ["UPDATE pg_language SET lanpltrusted = false WHERE lanname = '{{ test_lang }}'", 'ALTER LANGUAGE "{{ test_lang }}" OWNER TO "{{ test_user2 }}"']
- name: Check - name: Check
<<: *task_parameters <<: *task_parameters