Merge pull request #1771 from willthames/postgresql_empty_role_attr_flags

postgresql_user: improve checks to reduce work done
reviewable/pr18780/r1
Brian Coca 9 years ago
commit 06ad5c9b91

@ -92,7 +92,7 @@ options:
description: description:
- "PostgreSQL role attributes string in the format: CREATEDB,CREATEROLE,SUPERUSER" - "PostgreSQL role attributes string in the format: CREATEDB,CREATEROLE,SUPERUSER"
required: false required: false
default: null default: ""
choices: [ "[NO]SUPERUSER","[NO]CREATEROLE", "[NO]CREATEUSER", "[NO]CREATEDB", choices: [ "[NO]SUPERUSER","[NO]CREATEROLE", "[NO]CREATEUSER", "[NO]CREATEDB",
"[NO]INHERIT", "[NO]LOGIN", "[NO]REPLICATION" ] "[NO]INHERIT", "[NO]LOGIN", "[NO]REPLICATION" ]
state: state:
@ -233,7 +233,7 @@ def user_alter(cursor, module, user, password, role_attr_flags, encrypted, expir
return False return False
# Handle passwords. # Handle passwords.
if not no_password_changes and (password is not None or role_attr_flags is not None): if not no_password_changes and (password is not None or role_attr_flags != ''):
# Select password and all flag-like columns in order to verify changes. # Select password and all flag-like columns in order to verify changes.
query_password_data = dict(password=password, expires=expires) query_password_data = dict(password=password, expires=expires)
select = "SELECT * FROM pg_authid where rolname=%(user)s" select = "SELECT * FROM pg_authid where rolname=%(user)s"
@ -490,10 +490,10 @@ def parse_role_attrs(role_attr_flags):
def normalize_privileges(privs, type_): def normalize_privileges(privs, type_):
new_privs = set(privs) new_privs = set(privs)
if 'ALL' in privs: if 'ALL' in new_privs:
new_privs.update(VALID_PRIVS[type_]) new_privs.update(VALID_PRIVS[type_])
new_privs.remove('ALL') new_privs.remove('ALL')
if 'TEMP' in privs: if 'TEMP' in new_privs:
new_privs.add('TEMPORARY') new_privs.add('TEMPORARY')
new_privs.remove('TEMP') new_privs.remove('TEMP')

Loading…
Cancel
Save