From 34e0e1709027482587ed60d5c2bc8db3c432139c Mon Sep 17 00:00:00 2001
From: Will Thames <will@thames.id.au>
Date: Wed, 8 Apr 2015 12:44:01 +1000
Subject: [PATCH] Perform privilege grants/revokes only when required

Use `has_table_privileges` and `has_database_privileges`
to test whether a user already has a privilege before
granting it, or whether a user doesn't have  a privilege
before revoking it.
---
 lib/ansible/modules/database/postgresql/postgresql_user.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/ansible/modules/database/postgresql/postgresql_user.py b/lib/ansible/modules/database/postgresql/postgresql_user.py
index 3240e92181e..dfd4f93062b 100644
--- a/lib/ansible/modules/database/postgresql/postgresql_user.py
+++ b/lib/ansible/modules/database/postgresql/postgresql_user.py
@@ -419,6 +419,8 @@ def revoke_privileges(cursor, user, privs):
         return False
 
     changed = False
+    revoke_funcs = dict(table=revoke_table_privilege, database=revoke_database_privilege)
+    check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
     for type_ in privs:
         revoke_func = {
             'table':revoke_table_privilege,
@@ -434,6 +436,8 @@ def revoke_privileges(cursor, user, privs):
 def grant_privileges(cursor, user, privs):
     if privs is None:
         return False
+    grant_funcs = dict(table=grant_table_privilege, database=grant_database_privilege)
+    check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
 
     changed = False
     for type_ in privs: