From 30e84111f09f68683e234994679bd3131f4321b5 Mon Sep 17 00:00:00 2001
From: Andrew Klychkov <aaklychkov@mail.ru>
Date: Tue, 5 May 2020 16:35:34 +0300
Subject: [PATCH] postgresql_subscription: add trust_input and session_role
 parameters (#280)

* postgresql_subscription: add trust_input and session_role parameters

* add changelog fragment
---
 ...scription_add_trust_input_session_role.yml |  3 ++
 .../postgresql/postgresql_subscription.py     | 32 +++++++++++++++++++
 .../tasks/postgresql_subscription_initial.yml | 29 +++++++++++++++++
 3 files changed, 64 insertions(+)
 create mode 100644 changelogs/fragments/280-postgresql_subscription_add_trust_input_session_role.yml

diff --git a/changelogs/fragments/280-postgresql_subscription_add_trust_input_session_role.yml b/changelogs/fragments/280-postgresql_subscription_add_trust_input_session_role.yml
new file mode 100644
index 0000000000..6ac5161966
--- /dev/null
+++ b/changelogs/fragments/280-postgresql_subscription_add_trust_input_session_role.yml
@@ -0,0 +1,3 @@
+minor_changes:
+- postgresql_subscription - add the ``trust_input`` parameter (https://github.com/ansible-collections/community.general/pull/280).
+- postgresql_subscription - add the ``session_role`` parameter (https://github.com/ansible-collections/community.general/pull/280).
diff --git a/plugins/modules/database/postgresql/postgresql_subscription.py b/plugins/modules/database/postgresql/postgresql_subscription.py
index 8623561a93..d2b0e5a35c 100644
--- a/plugins/modules/database/postgresql/postgresql_subscription.py
+++ b/plugins/modules/database/postgresql/postgresql_subscription.py
@@ -80,6 +80,18 @@ options:
       on U(https://www.postgresql.org/docs/current/sql-createsubscription.html).
     - Ignored when I(state) is not C(present).
     type: dict
+  session_role:
+    description:
+    - Switch to session_role after connecting. The specified session_role must
+      be a role that the current login_user is a member of.
+    - Permissions checking for SQL commands is carried out as though
+      the session_role were the one that had logged in originally.
+    type: str
+  trust_input:
+    description:
+    - If C(no), check whether values of some parameters are potentially dangerous.
+    type: bool
+    default: yes
 
 notes:
 - PostgreSQL version must be 10 or greater.
@@ -196,6 +208,7 @@ except ImportError:
     pass
 
 from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.community.general.plugins.module_utils.database import check_input
 from ansible_collections.community.general.plugins.module_utils.postgres import (
     connect_to_db,
     exec_sql,
@@ -581,6 +594,8 @@ def main():
         cascade=dict(type='bool', default=False),
         owner=dict(type='str'),
         subsparams=dict(type='dict'),
+        session_role=dict(type='str'),
+        trust_input=dict(type='bool', default=True),
     )
     module = AnsibleModule(
         argument_spec=argument_spec,
@@ -596,6 +611,23 @@ def main():
     owner = module.params['owner']
     subsparams = module.params['subsparams']
     connparams = module.params['connparams']
+    session_role = module.params['session_role']
+    trust_input = module.params['trust_input']
+
+    if not trust_input:
+        # Check input for potentially dangerous elements:
+        if not subsparams:
+            subsparams_str = None
+        else:
+            subsparams_str = convert_subscr_params(subsparams)
+
+        if not connparams:
+            connparams_str = None
+        else:
+            connparams_str = convert_conn_params(connparams)
+
+        check_input(module, name, publications, owner, session_role,
+                    connparams_str, subsparams_str)
 
     if state == 'present' and cascade:
         module.warn('parameter "cascade" is ignored when state is not absent')
diff --git a/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml b/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml
index 6dda6fc1ab..d7414f8ebb 100644
--- a/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml
+++ b/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml
@@ -2,6 +2,7 @@
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
 - vars:
+    dangerous_name: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
     task_parameters: &task_parameters
       become_user: '{{ pg_user }}'
       become: yes
@@ -243,6 +244,34 @@
       that:
       - result.rowcount == 1
 
+  ##########################
+  # Test trust_input param #
+  ##########################
+
+  - name: Test trust_input parameter
+    <<: *task_parameters
+    postgresql_subscription:
+      <<: *pg_parameters
+      login_port: '{{ replica_port }}'
+      name: '{{ test_subscription }}'
+      state: present
+      publications: '{{ test_pub }}'
+      session_role: '{{ dangerous_name }}'
+      owner: '{{ test_role1 }}'
+      trust_input: no
+      connparams:
+        host: 127.0.0.1
+        port: '{{ master_port }}'
+        user: '{{ replication_role }}'
+        password: '{{ replication_pass }}'
+        dbname: '{{ test_db }}'
+    ignore_errors: yes
+
+  - assert:
+      that:
+      - result is failed
+      - result.msg is search('is potentially dangerous')
+
   ##############
   # Test cascade
   ##############