From 34e0e1709027482587ed60d5c2bc8db3c432139c Mon Sep 17 00:00:00 2001 From: Will Thames Date: Wed, 8 Apr 2015 12:44:01 +1000 Subject: [PATCH] Perform privilege grants/revokes only when required Use `has_table_privileges` and `has_database_privileges` to test whether a user already has a privilege before granting it, or whether a user doesn't have a privilege before revoking it. --- lib/ansible/modules/database/postgresql/postgresql_user.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/ansible/modules/database/postgresql/postgresql_user.py b/lib/ansible/modules/database/postgresql/postgresql_user.py index 3240e92181..dfd4f93062 100644 --- a/lib/ansible/modules/database/postgresql/postgresql_user.py +++ b/lib/ansible/modules/database/postgresql/postgresql_user.py @@ -419,6 +419,8 @@ def revoke_privileges(cursor, user, privs): return False changed = False + revoke_funcs = dict(table=revoke_table_privilege, database=revoke_database_privilege) + check_funcs = dict(table=has_table_privilege, database=has_database_privilege) for type_ in privs: revoke_func = { 'table':revoke_table_privilege, @@ -434,6 +436,8 @@ def revoke_privileges(cursor, user, privs): def grant_privileges(cursor, user, privs): if privs is None: return False + grant_funcs = dict(table=grant_table_privilege, database=grant_database_privilege) + check_funcs = dict(table=has_table_privilege, database=has_database_privilege) changed = False for type_ in privs: