mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Allow strings containing single and double quotes to be used as passwords for postgres_user
This commit is contained in:
parent
d355d3c698
commit
31ac3e71df
1 changed files with 11 additions and 6 deletions
|
@ -164,13 +164,16 @@ def user_exists(cursor, user):
|
||||||
|
|
||||||
def user_add(cursor, user, password, role_attr_flags, encrypted, expires):
|
def user_add(cursor, user, password, role_attr_flags, encrypted, expires):
|
||||||
"""Create a new database user (role)."""
|
"""Create a new database user (role)."""
|
||||||
|
query_password_data = dict()
|
||||||
query = 'CREATE USER "%(user)s"' % { "user": user}
|
query = 'CREATE USER "%(user)s"' % { "user": user}
|
||||||
if password is not None:
|
if password is not None:
|
||||||
query = query + " WITH %(crypt)s PASSWORD '%(password)s'" % { "crypt": encrypted, "password": password }
|
query = query + " WITH %(crypt)s" % { "crypt": encrypted }
|
||||||
|
query = query + " PASSWORD %(password)s"
|
||||||
|
query_password_data.update(password=password)
|
||||||
if expires is not None:
|
if expires is not None:
|
||||||
query = query + " VALID UNTIL '%(expires)s'" % { "exipres": expires }
|
query = query + " VALID UNTIL '%(expires)s'" % { "exipres": expires }
|
||||||
query = query + " " + role_attr_flags
|
query = query + " " + role_attr_flags
|
||||||
cursor.execute(query)
|
cursor.execute(query, query_password_data)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def user_alter(cursor, user, password, role_attr_flags, encrypted, expires):
|
def user_alter(cursor, user, password, role_attr_flags, encrypted, expires):
|
||||||
|
@ -188,6 +191,7 @@ def user_alter(cursor, user, password, role_attr_flags, encrypted, expires):
|
||||||
# Handle passwords.
|
# Handle passwords.
|
||||||
if password is not None or role_attr_flags is not None:
|
if password is not None or role_attr_flags is not None:
|
||||||
# Select password and all flag-like columns in order to verify changes.
|
# Select password and all flag-like columns in order to verify changes.
|
||||||
|
query_password_data = dict()
|
||||||
select = "SELECT * FROM pg_authid where rolname=%(user)s"
|
select = "SELECT * FROM pg_authid where rolname=%(user)s"
|
||||||
cursor.execute(select, {"user": user})
|
cursor.execute(select, {"user": user})
|
||||||
# Grab current role attributes.
|
# Grab current role attributes.
|
||||||
|
@ -195,15 +199,16 @@ def user_alter(cursor, user, password, role_attr_flags, encrypted, expires):
|
||||||
|
|
||||||
alter = 'ALTER USER "%(user)s"' % {"user": user}
|
alter = 'ALTER USER "%(user)s"' % {"user": user}
|
||||||
if password is not None:
|
if password is not None:
|
||||||
alter = alter + " WITH %(crypt)s PASSWORD '%(password)s' %(flags)s" % {
|
query_password_data.update(password=password)
|
||||||
"crypt": encrypted, "password": password, "flags": role_attr_flags
|
alter = alter + " WITH %(crypt)s" % {"crypt": encrypted}
|
||||||
}
|
alter = alter + " PASSWORD %(password)s"
|
||||||
|
alter = alter + " %(flags)s" % {'flags': role_attr_flags}
|
||||||
elif role_attr_flags:
|
elif role_attr_flags:
|
||||||
alter = alter + ' WITH ' + role_attr_flags
|
alter = alter + ' WITH ' + role_attr_flags
|
||||||
if expires is not None:
|
if expires is not None:
|
||||||
alter = alter + " VALID UNTIL '%(expires)s'" % { "exipres": expires }
|
alter = alter + " VALID UNTIL '%(expires)s'" % { "exipres": expires }
|
||||||
|
|
||||||
cursor.execute(alter)
|
cursor.execute(alter, query_password_data)
|
||||||
|
|
||||||
# Grab new role attributes.
|
# Grab new role attributes.
|
||||||
cursor.execute(select, {"user": user})
|
cursor.execute(select, {"user": user})
|
||||||
|
|
Loading…
Reference in a new issue