mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
postgresql_privs: fix module fails when passing roles containing hyphens (#1059)
* postgresql_privs: fix module fails when passing roles containing hyphens * fix * Improve testing * Improve testing * Add changelog fragment * Improve testing * fix CI Free BSD
This commit is contained in:
parent
e3e66a57ec
commit
434b83170a
3 changed files with 99 additions and 3 deletions
|
@ -0,0 +1,2 @@
|
||||||
|
bugfixes:
|
||||||
|
- postgresql_privs - fix module fails when ``type`` group and passing ``objs`` value containing hyphens (https://github.com/ansible-collections/community.general/issues/1058).
|
|
@ -772,7 +772,7 @@ class Connection(object):
|
||||||
# set_what: SQL-fragment specifying what to set for the target roles:
|
# set_what: SQL-fragment specifying what to set for the target roles:
|
||||||
# Either group membership or privileges on objects of a certain type
|
# Either group membership or privileges on objects of a certain type
|
||||||
if obj_type == 'group':
|
if obj_type == 'group':
|
||||||
set_what = ','.join('"%s"' % i for i in obj_ids)
|
set_what = ','.join(obj_ids)
|
||||||
elif obj_type == 'default_privs':
|
elif obj_type == 'default_privs':
|
||||||
# We don't want privs to be quoted here
|
# We don't want privs to be quoted here
|
||||||
set_what = ','.join(privs)
|
set_what = ','.join(privs)
|
||||||
|
@ -1154,7 +1154,7 @@ def main():
|
||||||
|
|
||||||
except Error as e:
|
except Error as e:
|
||||||
conn.rollback()
|
conn.rollback()
|
||||||
module.fail_json(msg=e.message, exception=traceback.format_exc())
|
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
|
||||||
|
|
||||||
except psycopg2.Error as e:
|
except psycopg2.Error as e:
|
||||||
conn.rollback()
|
conn.rollback()
|
||||||
|
|
|
@ -1385,6 +1385,97 @@
|
||||||
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
|
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
|
||||||
when: postgres_version_resp.stdout is version('10', '>=')
|
when: postgres_version_resp.stdout is version('10', '>=')
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
# https://github.com/ansible-collections/community.general/issues/1058
|
||||||
|
- name: Create user for test
|
||||||
|
become: yes
|
||||||
|
become_user: "{{ pg_user }}"
|
||||||
|
postgresql_user:
|
||||||
|
login_user: "{{ pg_user }}"
|
||||||
|
login_db: "{{ db_name }}"
|
||||||
|
name: "test-role"
|
||||||
|
role_attr_flags: "NOLOGIN,NOSUPERUSER,INHERIT,NOCREATEDB,NOCREATEROLE,NOREPLICATION"
|
||||||
|
|
||||||
|
- name: Test community.general/issue/1058 GRANT with hyphen
|
||||||
|
become: yes
|
||||||
|
become_user: "{{ pg_user }}"
|
||||||
|
postgresql_privs:
|
||||||
|
login_user: "{{ pg_user }}"
|
||||||
|
login_db: "{{ db_name }}"
|
||||||
|
roles: "test-role"
|
||||||
|
objs: "{{ pg_user }}"
|
||||||
|
type: "group"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- result is changed
|
||||||
|
- result.queries == ["GRANT \"{{ pg_user }}\" TO \"test-role\";"]
|
||||||
|
|
||||||
|
- name: Test community.general/issue/1058 REVOKE
|
||||||
|
become: yes
|
||||||
|
become_user: "{{ pg_user }}"
|
||||||
|
postgresql_privs:
|
||||||
|
login_user: "{{ pg_user }}"
|
||||||
|
login_db: "{{ db_name }}"
|
||||||
|
roles: "test-role"
|
||||||
|
objs: "{{ pg_user }}"
|
||||||
|
type: "group"
|
||||||
|
state: absent
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- result is changed
|
||||||
|
- result.queries == ["REVOKE \"{{ pg_user }}\" FROM \"test-role\";"]
|
||||||
|
|
||||||
|
- name: Test community.general/issue/1058 GRANT without hyphen
|
||||||
|
become: yes
|
||||||
|
become_user: "{{ pg_user }}"
|
||||||
|
postgresql_privs:
|
||||||
|
login_user: "{{ pg_user }}"
|
||||||
|
login_db: "{{ db_name }}"
|
||||||
|
roles: "{{ db_user3 }}"
|
||||||
|
objs: "{{ pg_user }}"
|
||||||
|
type: "group"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- result is changed
|
||||||
|
- result.queries == ["GRANT \"{{ pg_user }}\" TO \"{{ db_user3 }}\";"]
|
||||||
|
|
||||||
|
- name: Test community.general/issue/1058 GRANT with hyphen as an object
|
||||||
|
become: yes
|
||||||
|
become_user: "{{ pg_user }}"
|
||||||
|
postgresql_privs:
|
||||||
|
login_user: "{{ pg_user }}"
|
||||||
|
login_db: "{{ db_name }}"
|
||||||
|
roles: "{{ db_user3 }}"
|
||||||
|
objs: "test-role,{{ db_user2 }}"
|
||||||
|
type: "group"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- result is changed
|
||||||
|
- result.queries == ["GRANT \"test-role\",\"{{ db_user2 }}\" TO \"{{ db_user3 }}\";"]
|
||||||
|
|
||||||
|
- name: Test community.general/issue/1058 GRANT with hyphen as an object
|
||||||
|
become: yes
|
||||||
|
become_user: "{{ pg_user }}"
|
||||||
|
postgresql_privs:
|
||||||
|
login_user: "{{ pg_user }}"
|
||||||
|
login_db: "{{ db_name }}"
|
||||||
|
roles: "{{ db_user3 }}"
|
||||||
|
objs: "test-role"
|
||||||
|
type: "group"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- result is not changed
|
||||||
|
|
||||||
# Cleanup
|
# Cleanup
|
||||||
- name: Remove privs
|
- name: Remove privs
|
||||||
become: yes
|
become: yes
|
||||||
|
@ -1425,10 +1516,13 @@
|
||||||
become: yes
|
become: yes
|
||||||
become_user: "{{ pg_user }}"
|
become_user: "{{ pg_user }}"
|
||||||
postgresql_user:
|
postgresql_user:
|
||||||
name: "{{ db_user3 }}"
|
name: "{{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
db: "{{ db_name }}"
|
db: "{{ db_name }}"
|
||||||
login_user: "{{ pg_user }}"
|
login_user: "{{ pg_user }}"
|
||||||
|
loop:
|
||||||
|
- '{{ db_user3 }}'
|
||||||
|
- 'test-role'
|
||||||
|
|
||||||
- name: Destroy DB
|
- name: Destroy DB
|
||||||
become_user: "{{ pg_user }}"
|
become_user: "{{ pg_user }}"
|
||||||
|
|
Loading…
Reference in a new issue