1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

postgresql_privs: allow lowercased PUBLIC role (#858)

* postgresql_privs: allow lowercased PUBLIC role

* add changelog fragment

* improve CI

* fix changelog fragment
This commit is contained in:
Andrew Klychkov 2020-09-10 16:08:57 +03:00 committed by GitHub
parent eb24b5707e
commit bfdb76e60d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 1 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- postgresql_privs - allow to pass ``PUBLIC`` role written in lowercase letters (https://github.com/ansible-collections/community.general/issues/857).

View file

@ -169,6 +169,7 @@ notes:
C(present) and I(grant_option) to C(no) (see examples).
- Note that when revoking privileges from a role R, this role may still have
access via privileges granted to any role R is a member of including C(PUBLIC).
- Note that when you use C(PUBLIC) role, the module always reports that the state has been changed.
- Note that when revoking privileges from a role R, you do so as the user
specified via I(login). If R has been granted the same privileges by
another user also, R can still access database objects via these privileges.
@ -783,6 +784,9 @@ class Connection(object):
executed_queries.append(query)
self.cursor.execute(query)
if roles == 'PUBLIC':
return True
status_after = get_status(objs)
def nonesorted(e):
@ -1053,7 +1057,7 @@ def main():
objs = [obj.replace(':', ',') for obj in objs]
# roles
if p.roles == 'PUBLIC':
if p.roles.upper() == 'PUBLIC':
roles = 'PUBLIC'
else:
roles = p.roles.split(',')

View file

@ -343,6 +343,23 @@
target_roles: "{{ db_user_with_dots2 }}"
trust_input: no
# Bugfix for https://github.com/ansible-collections/community.general/issues/857
- name: Test passing lowercase PUBLIC role
become_user: "{{ pg_user }}"
become: yes
postgresql_privs:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
type: 'database'
privs: 'connect'
role: 'public'
register: result
- assert:
that:
- result is changed
- result.queries == ["GRANT CONNECT ON database \"{{ db_name }}\" TO PUBLIC;"]
#
# Cleanup
#