1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

postgresql_privs: fix module fails when passing roles containing hyphens (#1059) (#1073)

* postgresql_privs: fix module fails when passing roles containing hyphens

* fix

* Improve testing

* Improve testing

* Add changelog fragment

* Improve testing

* fix CI Free BSD

(cherry picked from commit 434b83170a)

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
This commit is contained in:
patchback[bot] 2020-10-11 15:37:52 +03:00 committed by GitHub
parent 06678d4ce3
commit dd47c3a548
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 99 additions and 3 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- postgresql_privs - fix module fails when ``type`` group and passing ``objs`` value containing hyphens (https://github.com/ansible-collections/community.general/issues/1058).

View file

@ -772,7 +772,7 @@ class Connection(object):
# set_what: SQL-fragment specifying what to set for the target roles:
# Either group membership or privileges on objects of a certain type
if obj_type == 'group':
set_what = ','.join('"%s"' % i for i in obj_ids)
set_what = ','.join(obj_ids)
elif obj_type == 'default_privs':
# We don't want privs to be quoted here
set_what = ','.join(privs)
@ -1154,7 +1154,7 @@ def main():
except Error as e:
conn.rollback()
module.fail_json(msg=e.message, exception=traceback.format_exc())
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
except psycopg2.Error as e:
conn.rollback()

View file

@ -1385,6 +1385,97 @@
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
when: postgres_version_resp.stdout is version('10', '>=')
######################################################################
# https://github.com/ansible-collections/community.general/issues/1058
- name: Create user for test
become: yes
become_user: "{{ pg_user }}"
postgresql_user:
login_user: "{{ pg_user }}"
login_db: "{{ db_name }}"
name: "test-role"
role_attr_flags: "NOLOGIN,NOSUPERUSER,INHERIT,NOCREATEDB,NOCREATEROLE,NOREPLICATION"
- name: Test community.general/issue/1058 GRANT with hyphen
become: yes
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
login_db: "{{ db_name }}"
roles: "test-role"
objs: "{{ pg_user }}"
type: "group"
register: result
- assert:
that:
- result is changed
- result.queries == ["GRANT \"{{ pg_user }}\" TO \"test-role\";"]
- name: Test community.general/issue/1058 REVOKE
become: yes
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
login_db: "{{ db_name }}"
roles: "test-role"
objs: "{{ pg_user }}"
type: "group"
state: absent
register: result
- assert:
that:
- result is changed
- result.queries == ["REVOKE \"{{ pg_user }}\" FROM \"test-role\";"]
- name: Test community.general/issue/1058 GRANT without hyphen
become: yes
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
login_db: "{{ db_name }}"
roles: "{{ db_user3 }}"
objs: "{{ pg_user }}"
type: "group"
register: result
- assert:
that:
- result is changed
- result.queries == ["GRANT \"{{ pg_user }}\" TO \"{{ db_user3 }}\";"]
- name: Test community.general/issue/1058 GRANT with hyphen as an object
become: yes
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
login_db: "{{ db_name }}"
roles: "{{ db_user3 }}"
objs: "test-role,{{ db_user2 }}"
type: "group"
register: result
- assert:
that:
- result is changed
- result.queries == ["GRANT \"test-role\",\"{{ db_user2 }}\" TO \"{{ db_user3 }}\";"]
- name: Test community.general/issue/1058 GRANT with hyphen as an object
become: yes
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
login_db: "{{ db_name }}"
roles: "{{ db_user3 }}"
objs: "test-role"
type: "group"
register: result
- assert:
that:
- result is not changed
# Cleanup
- name: Remove privs
become: yes
@ -1425,10 +1516,13 @@
become: yes
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_user3 }}"
name: "{{ item }}"
state: absent
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
loop:
- '{{ db_user3 }}'
- 'test-role'
- name: Destroy DB
become_user: "{{ pg_user }}"