community.general/tests/integration/targets/postgresql_info/tasks/postgresql_info_initial.yml

# Copyright: (c) 2020, Andrew Klychkov (@Andersson007) <aaklychkov@mail.ru>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

- vars:
    task_parameters: &task_parameters
      become_user: '{{ pg_user }}'
      become: yes
      register: result
    pg_parameters: &pg_parameters
      login_user: '{{ pg_user }}'
      login_db: '{{ db_default }}'

  block:

  - name: Create test subscription
    <<: *task_parameters
    postgresql_subscription:
      <<: *pg_parameters
      login_port: '{{ replica_port }}'
      name: '{{ test_subscription }}'
      login_db: '{{ test_db }}'
      state: present
      publications: '{{ test_pub }}'
      connparams:
        host: 127.0.0.1
        port: '{{ master_port }}'
        user: '{{ replication_role }}'
        password: '{{ replication_pass }}'
        dbname: '{{ test_db }}'

  - name: Create test subscription
    <<: *task_parameters
    postgresql_subscription:
      <<: *pg_parameters
      login_port: '{{ replica_port }}'
      name: '{{ test_subscription2 }}'
      login_db: '{{ test_db }}'
      state: present
      publications: '{{ test_pub2 }}'
      connparams:
        host: 127.0.0.1
        port: '{{ master_port }}'
        user: '{{ replication_role }}'
        password: '{{ replication_pass }}'
        dbname: '{{ test_db }}'

  - name: postgresql_info - create role to check session_role
    <<: *task_parameters
    postgresql_user:
      <<: *pg_parameters
      login_port: '{{ replica_port }}'
      login_user: "{{ pg_user }}"
      name: session_superuser
      role_attr_flags: SUPERUSER

  - name: postgresql_info - test return values and session_role param
    <<: *task_parameters
    postgresql_info:
      <<: *pg_parameters
      login_port: '{{ replica_port }}'
      session_role: session_superuser

  - assert:
      that:
      - result.version != {}
      - result.databases.{{ db_default }}.collate
      - result.databases.{{ db_default }}.languages
      - result.databases.{{ db_default }}.namespaces
      - result.databases.{{ db_default }}.extensions
      - result.databases.{{ test_db }}.subscriptions.{{ test_subscription }}
      - result.databases.{{ test_db }}.subscriptions.{{ test_subscription2 }}
      - result.settings
      - result.tablespaces
      - result.roles

  - name: postgresql_info - check filter param passed by list
    <<: *task_parameters
    postgresql_info:
      <<: *pg_parameters
      login_port: '{{ replica_port }}'
      filter:
        - ver*
        - rol*

  - assert:
      that:
      - result.version != {}
      - result.roles
      - result.databases == {}
      - result.repl_slots == {}
      - result.replications == {}
      - result.settings == {}
      - result.tablespaces == {}

  - name: postgresql_info - check filter param passed by string
    <<: *task_parameters
    postgresql_info:
      <<: *pg_parameters
      filter: ver*,role*

  - assert:
      that:
      - result.version != {}
      - result.roles
      - result.databases == {}
      - result.repl_slots == {}
      - result.replications == {}
      - result.settings == {}
      - result.tablespaces == {}

  - name: postgresql_info - check filter param passed by string
    <<: *task_parameters
    postgresql_info:
      <<: *pg_parameters
      filter: ver*

  - assert:
      that:
      - result.version
      - result.roles == {}

  - name: postgresql_info - check excluding filter param passed by list
    <<: *task_parameters
    postgresql_info:
      <<: *pg_parameters
      filter:
      - "!ver*"
      - "!rol*"

  - assert:
      that:
      - result.version == {}
      - result.roles == {}
      - result.databases

  - name: postgresql_info - test return publication info
    <<: *task_parameters
    postgresql_info:
      <<: *pg_parameters
      login_db: '{{ test_db }}'
      login_port: '{{ master_port }}'
      trust_input: yes

  - assert:
      that:
      - result.version != {}
      - result.databases.{{ db_default }}.collate
      - result.databases.{{ db_default }}.languages
      - result.databases.{{ db_default }}.namespaces
      - result.databases.{{ db_default }}.extensions
      - result.databases.{{ test_db }}.publications.{{ test_pub }}.ownername == '{{ pg_user }}'
      - result.databases.{{ test_db }}.publications.{{ test_pub2 }}.puballtables == true
      - result.settings
      - result.tablespaces
      - result.roles

  - name: postgresql_info - test trust_input parameter
    <<: *task_parameters
    postgresql_info:
      <<: *pg_parameters
      login_db: '{{ test_db }}'
      login_port: '{{ master_port }}'
      trust_input: no
      session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
    register: result
    ignore_errors: yes

  - assert:
      that:
      - result is failed
      - result.msg is search('is potentially dangerous')