# Copyright: (c) 2020, Andrew Klychkov (@Andersson007) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - vars: task_parameters: &task_parameters become_user: '{{ pg_user }}' become: yes register: result pg_parameters: &pg_parameters login_user: '{{ pg_user }}' login_db: '{{ db_default }}' block: - name: Create test subscription <<: *task_parameters postgresql_subscription: <<: *pg_parameters login_port: '{{ replica_port }}' name: '{{ test_subscription }}' login_db: '{{ test_db }}' state: present publications: '{{ test_pub }}' connparams: host: 127.0.0.1 port: '{{ master_port }}' user: '{{ replication_role }}' password: '{{ replication_pass }}' dbname: '{{ test_db }}' - name: Create test subscription <<: *task_parameters postgresql_subscription: <<: *pg_parameters login_port: '{{ replica_port }}' name: '{{ test_subscription2 }}' login_db: '{{ test_db }}' state: present publications: '{{ test_pub2 }}' connparams: host: 127.0.0.1 port: '{{ master_port }}' user: '{{ replication_role }}' password: '{{ replication_pass }}' dbname: '{{ test_db }}' - name: postgresql_info - create role to check session_role <<: *task_parameters postgresql_user: <<: *pg_parameters login_port: '{{ replica_port }}' login_user: "{{ pg_user }}" name: session_superuser role_attr_flags: SUPERUSER - name: postgresql_info - test return values and session_role param <<: *task_parameters postgresql_info: <<: *pg_parameters login_port: '{{ replica_port }}' session_role: session_superuser - assert: that: - result.version != {} - result.databases.{{ db_default }}.collate - result.databases.{{ db_default }}.languages - result.databases.{{ db_default }}.namespaces - result.databases.{{ db_default }}.extensions - result.databases.{{ test_db }}.subscriptions.{{ test_subscription }} - result.databases.{{ test_db }}.subscriptions.{{ test_subscription2 }} - result.settings - result.tablespaces - result.roles - name: postgresql_info - check filter param passed by list <<: *task_parameters postgresql_info: <<: *pg_parameters login_port: '{{ replica_port }}' filter: - ver* - rol* - assert: that: - result.version != {} - result.roles - result.databases == {} - result.repl_slots == {} - result.replications == {} - result.settings == {} - result.tablespaces == {} - name: postgresql_info - check filter param passed by string <<: *task_parameters postgresql_info: <<: *pg_parameters filter: ver*,role* - assert: that: - result.version != {} - result.roles - result.databases == {} - result.repl_slots == {} - result.replications == {} - result.settings == {} - result.tablespaces == {} - name: postgresql_info - check filter param passed by string <<: *task_parameters postgresql_info: <<: *pg_parameters filter: ver* - assert: that: - result.version - result.roles == {} - name: postgresql_info - check excluding filter param passed by list <<: *task_parameters postgresql_info: <<: *pg_parameters filter: - "!ver*" - "!rol*" - assert: that: - result.version == {} - result.roles == {} - result.databases - name: postgresql_info - test return publication info <<: *task_parameters postgresql_info: <<: *pg_parameters login_db: '{{ test_db }}' login_port: '{{ master_port }}' trust_input: yes - assert: that: - result.version != {} - result.databases.{{ db_default }}.collate - result.databases.{{ db_default }}.languages - result.databases.{{ db_default }}.namespaces - result.databases.{{ db_default }}.extensions - result.databases.{{ test_db }}.publications.{{ test_pub }}.ownername == '{{ pg_user }}' - result.databases.{{ test_db }}.publications.{{ test_pub2 }}.puballtables == true - result.settings - result.tablespaces - result.roles - name: postgresql_info - test trust_input parameter <<: *task_parameters postgresql_info: <<: *pg_parameters login_db: '{{ test_db }}' login_port: '{{ master_port }}' trust_input: no session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --' register: result ignore_errors: yes - assert: that: - result is failed - result.msg is search('is potentially dangerous')