ansible/test/integration/targets/postgresql/tasks/test_password.yml

- vars:
    task_parameters: &task_parameters
      become_user: "{{ pg_user }}"
      become: True
      register: result
    postgresql_parameters: &parameters
      db: postgres
      name: "{{ db_user1 }}"
      login_user: "{{ pg_user }}"

  block:
  - name: 'Check that PGOPTIONS environment variable is effective (1/2)'
    <<: *task_parameters
    postgresql_user:
      <<: *parameters
      password: '{{ db_password1 }}'
    ignore_errors: true
    environment:
      PGCLIENTENCODING: 'UTF8'
      PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

  - name: 'Check that PGOPTIONS environment variable is effective (2/2)'
    assert:
      that:
          - "{{ result is failed }}"

  - name: 'Create a user (password encrypted: {{ encrypted }})'
    <<: *task_parameters
    postgresql_user:
      <<: *parameters
      password: '{{ db_password1 }}'
      encrypted: '{{ encrypted }}'
    environment:
      PGCLIENTENCODING: 'UTF8'

  - block: &changed # block is only used here in order to be able to define YAML anchor
    - name: Check that ansible reports it was created
      assert:
        that:
          - "{{ result is changed }}"

  - name: Check that it was created
    <<: *task_parameters
    shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres

  - assert:
      that:
        - "result.stdout_lines[-1] == '(1 row)'"

  - name: Check that creating user a second time does nothing
    <<: *task_parameters
    postgresql_user:
      <<: *parameters
      password: '{{ db_password1 }}'
      encrypted: '{{ encrypted }}'
    environment:
      PGCLIENTENCODING: 'UTF8'
      PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

  - block: &not_changed # block is only used here in order to be able to define YAML anchor
    - name: Check that ansible reports no change
      assert:
        that:
          - "{{ result is not changed }}"

  - name: 'Define an expiration time'
    <<: *task_parameters
    postgresql_user:
      <<: *parameters
      expires: '2025-01-01'
    environment:
      PGCLIENTENCODING: 'UTF8'

  - <<: *changed

  - name: 'Redefine the same expiration time'
    <<: *task_parameters
    postgresql_user:
      expires: '2025-01-01'
      <<: *parameters
    environment:
      PGCLIENTENCODING: 'UTF8'
      PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

  - <<: *not_changed

  - block:

    - name: 'Using MD5-hashed password: check that password not changed when using cleartext password'
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: '{{ db_password1 }}'
        encrypted: 'yes'
      environment:
        PGCLIENTENCODING: 'UTF8'
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

    - <<: *not_changed

    - name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'ENCRYPTED'"
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
        encrypted: 'yes'
      environment:
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

    - <<: *not_changed

    - name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'UNENCRYPTED'"
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
        encrypted: 'no'
      environment:
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

    - <<: *not_changed

    - name: 'Redefine the same expiration time and password (encrypted)'
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        encrypted: 'yes'
        password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
        expires: '2025-01-01'
      environment:
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

    - <<: *not_changed

    - name: 'Using MD5-hashed password: check that password changed when using another cleartext password'
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: 'prefix{{ db_password1 }}'
        encrypted: 'yes'
      environment:
        PGCLIENTENCODING: 'UTF8'

    - <<: *changed

    - name: "Using MD5-hashed password: check that password changed when using another md5 hash with 'ENCRYPTED'"
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: "md5{{ ('prefix1' ~ db_password1 ~ db_user1) | hash('md5')}}"
        encrypted: 'yes'

    - <<: *changed

    - name: "Using MD5-hashed password: check that password changed when using md5 hash with 'UNENCRYPTED'"
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: "md5{{ ('prefix2' ~ db_password1 ~ db_user1) | hash('md5')}}"
        encrypted: 'no'

    - <<: *changed

    when: encrypted == 'yes'

  - block:

    - name: 'Using cleartext password: check that password not changed when using cleartext password'
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: "{{ db_password1 }}"
        encrypted: 'no'
      environment:
        PGCLIENTENCODING: 'UTF8'
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

    - <<: *not_changed

    - name: 'Redefine the same expiration time and password (not encrypted)'
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: "{{ db_password1 }}"
        encrypted: 'no'
        expires: '2025-01-01'
      environment:
        PGCLIENTENCODING: 'UTF8'
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

    - <<: *not_changed

    - name: 'Using cleartext password: check that password changed when using another cleartext password'
      <<: *task_parameters
      postgresql_user:
        <<: *parameters
        password: "changed{{ db_password1 }}"
        encrypted: 'no'
      environment:
        PGCLIENTENCODING: 'UTF8'

    - <<: *changed

    when: encrypted == 'no'

  - name: Remove user
    <<: *task_parameters
    postgresql_user:
      state: 'absent'
      <<: *parameters

  - <<: *changed

  - name: Check that they were removed
    <<: *task_parameters
    shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres
    environment:
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

  - assert:
      that:
        - "result.stdout_lines[-1] == '(0 rows)'"

  - name: Check that removing user a second time does nothing
    <<: *task_parameters
    postgresql_user:
      state: 'absent'
      <<: *parameters
    environment:
        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed

  - <<: *not_changed

  always:
  - name: Remove user
    <<: *task_parameters
    postgresql_user:
      state: 'absent'
      <<: *parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								- vars:
 								    task_parameters: &task_parameters
 								      become_user: "{{ pg_user }}"
 								      become: True
 								      register: result
 								    postgresql_parameters: &parameters
 								      db: postgres
 								      name: "{{ db_user1 }}"
 								      login_user: "{{ pg_user }}"
-												postgresql_user: fix bugs related to 'expires' option (#23862)

* Factorize tests related to no_password_change using an include task

* Refactor: deduplicate tasks

* postgresql_user: test 'expires' parameter

* Change 'valid until' even it's the only updated field

* value is changed when another value is provided

* value isn't returned when unset

* Remove unused variable

* psycopg2.extras.DictRow is able to handle comparison

* postgresql_user: simplify helper method

* postgresql_user: define variable just before using it

* Fix comparison between user input and applied configuration

* new test: adding an invalid attribute

* Refactor, add cleaning task

* Check that using same attribute a 2nd time does nothing

* Always try to remove created user

* postgresql_user: fix pep8

											
										
										
											7 years ago
+								  block:
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								  - name: 'Check that PGOPTIONS environment variable is effective (1/2)'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								    postgresql_user:
 								      <<: *parameters
 								      password: '{{ db_password1 }}'
 								    ignore_errors: true
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    environment:
 								      PGCLIENTENCODING: 'UTF8'
 								      PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								  - name: 'Check that PGOPTIONS environment variable is effective (2/2)'
 								    assert:
 								      that:
-												Deprecate tests used as filters (#32361)

* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc

											
										
										
											7 years ago
+								          - "{{ result is failed }}"
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								  - name: 'Create a user (password encrypted: {{ encrypted }})'
 								    <<: *task_parameters
 								    postgresql_user:
 								      <<: *parameters
 								      password: '{{ db_password1 }}'
 								      encrypted: '{{ encrypted }}'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    environment:
 								      PGCLIENTENCODING: 'UTF8'
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								  - block: &changed # block is only used here in order to be able to define YAML anchor
 								    - name: Check that ansible reports it was created
 								      assert:
 								        that:
-												Deprecate tests used as filters (#32361)

* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc

											
										
										
											7 years ago
+								          - "{{ result is changed }}"
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								  - name: Check that it was created
 								    <<: *task_parameters
 								    shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres
 								  - assert:
 								      that:
 								        - "result.stdout_lines[-1] == '(1 row)'"
 								  - name: Check that creating user a second time does nothing
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								    postgresql_user:
 								      <<: *parameters
 								      password: '{{ db_password1 }}'
 								      encrypted: '{{ encrypted }}'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    environment:
 								      PGCLIENTENCODING: 'UTF8'
 								      PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								  - block: &not_changed # block is only used here in order to be able to define YAML anchor
 								    - name: Check that ansible reports no change
 								      assert:
 								        that:
-												Deprecate tests used as filters (#32361)

* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc

											
										
										
											7 years ago
+								          - "{{ result is not changed }}"
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
-												postgresql_user: fix bugs related to 'expires' option (#23862)

* Factorize tests related to no_password_change using an include task

* Refactor: deduplicate tasks

* postgresql_user: test 'expires' parameter

* Change 'valid until' even it's the only updated field

* value is changed when another value is provided

* value isn't returned when unset

* Remove unused variable

* psycopg2.extras.DictRow is able to handle comparison

* postgresql_user: simplify helper method

* postgresql_user: define variable just before using it

* Fix comparison between user input and applied configuration

* new test: adding an invalid attribute

* Refactor, add cleaning task

* Check that using same attribute a 2nd time does nothing

* Always try to remove created user

* postgresql_user: fix pep8

											
										
										
											7 years ago
+								  - name: 'Define an expiration time'
 								    <<: *task_parameters
 								    postgresql_user:
 								      <<: *parameters
 								      expires: '2025-01-01'
 								    environment:
 								      PGCLIENTENCODING: 'UTF8'
 								  - <<: *changed
 								  - name: 'Redefine the same expiration time'
 								    <<: *task_parameters
 								    postgresql_user:
 								      expires: '2025-01-01'
 								      <<: *parameters
 								    environment:
 								      PGCLIENTENCODING: 'UTF8'
 								      PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
 								  - <<: *not_changed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								  - block:
 								    - name: 'Using MD5-hashed password: check that password not changed when using cleartext password'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								      postgresql_user:
 								        <<: *parameters
 								        password: '{{ db_password1 }}'
 								        encrypted: 'yes'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      environment:
-												postgresql_user: fix bugs related to 'expires' option (#23862)

* Factorize tests related to no_password_change using an include task

* Refactor: deduplicate tasks

* postgresql_user: test 'expires' parameter

* Change 'valid until' even it's the only updated field

* value is changed when another value is provided

* value isn't returned when unset

* Remove unused variable

* psycopg2.extras.DictRow is able to handle comparison

* postgresql_user: simplify helper method

* postgresql_user: define variable just before using it

* Fix comparison between user input and applied configuration

* new test: adding an invalid attribute

* Refactor, add cleaning task

* Check that using same attribute a 2nd time does nothing

* Always try to remove created user

* postgresql_user: fix pep8

											
										
										
											7 years ago
+								        PGCLIENTENCODING: 'UTF8'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								    - <<: *not_changed
 								    - name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'ENCRYPTED'"
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								      postgresql_user:
 								        <<: *parameters
 								        password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
 								        encrypted: 'yes'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      environment:
 								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								    - <<: *not_changed
 								    - name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'UNENCRYPTED'"
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								      postgresql_user:
 								        <<: *parameters
 								        password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
 								        encrypted: 'no'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      environment:
 								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								    - <<: *not_changed
-												postgresql_user: fix bugs related to 'expires' option (#23862)

* Factorize tests related to no_password_change using an include task

* Refactor: deduplicate tasks

* postgresql_user: test 'expires' parameter

* Change 'valid until' even it's the only updated field

* value is changed when another value is provided

* value isn't returned when unset

* Remove unused variable

* psycopg2.extras.DictRow is able to handle comparison

* postgresql_user: simplify helper method

* postgresql_user: define variable just before using it

* Fix comparison between user input and applied configuration

* new test: adding an invalid attribute

* Refactor, add cleaning task

* Check that using same attribute a 2nd time does nothing

* Always try to remove created user

* postgresql_user: fix pep8

											
										
										
											7 years ago
+								    - name: 'Redefine the same expiration time and password (encrypted)'
 								      <<: *task_parameters
 								      postgresql_user:
 								        <<: *parameters
 								        encrypted: 'yes'
 								        password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
 								        expires: '2025-01-01'
 								      environment:
 								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
 								    - <<: *not_changed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								    - name: 'Using MD5-hashed password: check that password changed when using another cleartext password'
 								      <<: *task_parameters
 								      postgresql_user:
 								        <<: *parameters
 								        password: 'prefix{{ db_password1 }}'
 								        encrypted: 'yes'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      environment:
 								        PGCLIENTENCODING: 'UTF8'
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								    - <<: *changed
 								    - name: "Using MD5-hashed password: check that password changed when using another md5 hash with 'ENCRYPTED'"
 								      <<: *task_parameters
 								      postgresql_user:
 								        <<: *parameters
 								        password: "md5{{ ('prefix1' ~ db_password1 ~ db_user1) | hash('md5')}}"
 								        encrypted: 'yes'
 								    - <<: *changed
 								    - name: "Using MD5-hashed password: check that password changed when using md5 hash with 'UNENCRYPTED'"
 								      <<: *task_parameters
 								      postgresql_user:
 								        <<: *parameters
 								        password: "md5{{ ('prefix2' ~ db_password1 ~ db_user1) | hash('md5')}}"
 								        encrypted: 'no'
 								    - <<: *changed
 								    when: encrypted == 'yes'
 								  - block:
 								    - name: 'Using cleartext password: check that password not changed when using cleartext password'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								      postgresql_user:
 								        <<: *parameters
 								        password: "{{ db_password1 }}"
 								        encrypted: 'no'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      environment:
 								        PGCLIENTENCODING: 'UTF8'
 								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								    - <<: *not_changed
-												postgresql_user: fix bugs related to 'expires' option (#23862)

* Factorize tests related to no_password_change using an include task

* Refactor: deduplicate tasks

* postgresql_user: test 'expires' parameter

* Change 'valid until' even it's the only updated field

* value is changed when another value is provided

* value isn't returned when unset

* Remove unused variable

* psycopg2.extras.DictRow is able to handle comparison

* postgresql_user: simplify helper method

* postgresql_user: define variable just before using it

* Fix comparison between user input and applied configuration

* new test: adding an invalid attribute

* Refactor, add cleaning task

* Check that using same attribute a 2nd time does nothing

* Always try to remove created user

* postgresql_user: fix pep8

											
										
										
											7 years ago
+								    - name: 'Redefine the same expiration time and password (not encrypted)'
 								      <<: *task_parameters
 								      postgresql_user:
 								        <<: *parameters
 								        password: "{{ db_password1 }}"
 								        encrypted: 'no'
 								        expires: '2025-01-01'
 								      environment:
 								        PGCLIENTENCODING: 'UTF8'
 								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
 								    - <<: *not_changed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								    - name: 'Using cleartext password: check that password changed when using another cleartext password'
 								      <<: *task_parameters
 								      postgresql_user:
 								        <<: *parameters
 								        password: "changed{{ db_password1 }}"
 								        encrypted: 'no'
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								      environment:
 								        PGCLIENTENCODING: 'UTF8'
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								    - <<: *changed
 								    when: encrypted == 'no'
 								  - name: Remove user
 								    <<: *task_parameters
 								    postgresql_user:
 								      state: 'absent'
 								      <<: *parameters
 								  - <<: *changed
 								  - name: Check that they were removed
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								    shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    environment:
 								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								  - assert:
 								      that:
 								        - "result.stdout_lines[-1] == '(0 rows)'"
 								  - name: Check that removing user a second time does nothing
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    <<: *task_parameters
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
+								    postgresql_user:
 								      state: 'absent'
 								      <<: *parameters
-												PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.

											
										
										
											7 years ago
+								    environment:
 								        PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
-												postgresql_user: add tests with hashed password

											
										
										
											8 years ago
 								  - <<: *not_changed
-												postgresql_user: fix bugs related to 'expires' option (#23862)

* Factorize tests related to no_password_change using an include task

* Refactor: deduplicate tasks

* postgresql_user: test 'expires' parameter

* Change 'valid until' even it's the only updated field

* value is changed when another value is provided

* value isn't returned when unset

* Remove unused variable

* psycopg2.extras.DictRow is able to handle comparison

* postgresql_user: simplify helper method

* postgresql_user: define variable just before using it

* Fix comparison between user input and applied configuration

* new test: adding an invalid attribute

* Refactor, add cleaning task

* Check that using same attribute a 2nd time does nothing

* Always try to remove created user

* postgresql_user: fix pep8

											
										
										
											7 years ago
 								  always:
 								  - name: Remove user
 								    <<: *task_parameters
 								    postgresql_user:
 								      state: 'absent'
 								      <<: *parameters