@ -677,9 +677,271 @@
login_password : password
ignore_errors : yes
when : postgres_version_resp.stdout is version('10', '>=')
###########################################
# Test for 'type' value of type parameter #
###########################################
# Test
- name : Grant type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_privs:
state : present
type : type
roles : "{{ db_user2 }}"
privs : ALL
objs : numeric
schema : pg_catalog
db : "{{ db_name }}"
login_user : "{{ pg_user }}"
register : result
when : postgres_version_resp.stdout is version('10', '>=')
# Checks
- assert:
that:
- result is changed
when : postgres_version_resp.stdout is version('10', '>=')
- name : Get type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_query:
login_user : "{{ pg_user }}"
login_db : "{{ db_name }}"
query : SELECT typacl FROM pg_catalog.pg_type WHERE typname = 'numeric';
register : typ_result
when : postgres_version_resp.stdout is version('10', '>=')
- assert:
that:
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
when : postgres_version_resp.stdout is version('10', '>=')
- name : Grant type privileges again using check_mode
become : yes
become_user : "{{ pg_user }}"
postgresql_privs:
state : present
type : type
roles : "{{ db_user2 }}"
privs : ALL
objs : numeric
schema : pg_catalog
db : "{{ db_name }}"
login_user : "{{ pg_user }}"
register : result
check_mode : yes
when : postgres_version_resp.stdout is version('10', '>=')
# Checks
- assert:
that:
- result is not changed
when : postgres_version_resp.stdout is version('10', '>=')
- name : Get type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_query:
login_user : "{{ pg_user }}"
login_db : "{{ db_name }}"
query : SELECT typacl FROM pg_catalog.pg_type WHERE typname = 'numeric';
register : typ_result
when : postgres_version_resp.stdout is version('10', '>=')
- assert:
that:
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
when : postgres_version_resp.stdout is version('10', '>=')
- name : Grant type privileges again
become : yes
become_user : "{{ pg_user }}"
postgresql_privs:
state : present
type : type
roles : "{{ db_user2 }}"
privs : ALL
objs : numeric
schema : pg_catalog
db : "{{ db_name }}"
login_user : "{{ pg_user }}"
register : result
when : postgres_version_resp.stdout is version('10', '>=')
# Checks
- assert:
that:
- result is not changed
when : postgres_version_resp.stdout is version('10', '>=')
- name : Get type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_query:
login_user : "{{ pg_user }}"
login_db : "{{ db_name }}"
query : SELECT typacl FROM pg_catalog.pg_type WHERE typname = 'numeric';
register : typ_result
when : postgres_version_resp.stdout is version('10', '>=')
- assert:
that:
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
when : postgres_version_resp.stdout is version('10', '>=')
- name : Revoke type privileges in check_mode
become : yes
become_user : "{{ pg_user }}"
postgresql_privs:
state : absent
type : type
roles : "{{ db_user2 }}"
privs : ALL
objs : numeric
schema : pg_catalog
db : "{{ db_name }}"
login_user : "{{ pg_user }}"
register : result
check_mode : yes
when : postgres_version_resp.stdout is version('10', '>=')
# Checks
- assert:
that:
- result is changed
when : postgres_version_resp.stdout is version('10', '>=')
- name : Get type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_query:
login_user : "{{ pg_user }}"
login_db : "{{ db_name }}"
query : SELECT typacl FROM pg_catalog.pg_type WHERE typname = 'numeric';
register : typ_result
when : postgres_version_resp.stdout is version('10', '>=')
- assert:
that:
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
when : postgres_version_resp.stdout is version('10', '>=')
- name : Revoke type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_privs:
state : absent
type : type
roles : "{{ db_user2 }}"
privs : ALL
objs : numeric
schema : pg_catalog
db : "{{ db_name }}"
login_user : "{{ pg_user }}"
register : result
when : postgres_version_resp.stdout is version('10', '>=')
# Checks
- assert:
that:
- result is changed
when : postgres_version_resp.stdout is version('10', '>=')
- name : Get type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_query:
login_user : "{{ pg_user }}"
login_db : "{{ db_name }}"
query : SELECT typacl FROM pg_catalog.pg_type WHERE typname = 'numeric';
register : typ_result
when : postgres_version_resp.stdout is version('10', '>=')
- assert:
that:
- "'{{ db_user2 }}' not in typ_result.query_result[0].typacl"
when : postgres_version_resp.stdout is version('10', '>=')
# type with default schema (public):
- name : Create custom type in schema public
become : yes
become_user : "{{ pg_user }}"
postgresql_query:
login_user : "{{ pg_user }}"
login_db : "{{ db_name }}"
query : "CREATE TYPE compfoo AS (f1 int, f2 text)"
when : postgres_version_resp.stdout is version('10', '>=')
# Test
- name : Grant type privileges with default schema
become : yes
become_user : "{{ pg_user }}"
postgresql_privs:
state : present
type : type
roles : "{{ db_user2 }}"
privs : ALL
objs : compfoo
db : "{{ db_name }}"
login_user : "{{ pg_user }}"
register : result
when : postgres_version_resp.stdout is version('10', '>=')
# Checks
- assert:
that:
- result is changed
when : postgres_version_resp.stdout is version('10', '>=')
- name : Get type privileges
become : yes
become_user : "{{ pg_user }}"
postgresql_query:
login_user : "{{ pg_user }}"
login_db : "{{ db_name }}"
query : >
SELECT t.typacl FROM pg_catalog.pg_type t JOIN pg_catalog.pg_namespace n
ON n .oid = t.typnamespace WHERE t.typname = 'compfoo' AND n.nspname = 'public';
register : typ_result
when : postgres_version_resp.stdout is version('10', '>=')
- assert:
that:
- "'{{ db_user2 }}' in typ_result.query_result[0].typacl"
when : postgres_version_resp.stdout is version('10', '>=')
# Cleanup
- name : Remove privs
become : yes
become_user : "{{ pg_user }}"
postgresql_privs:
state : absent
type : type
roles : "{{ db_user2 }}"
privs : ALL
objs : compfoo
db : "{{ db_name }}"
login_user : "{{ pg_user }}"
when : postgres_version_resp.stdout is version('10', '>=')
- name : Reassign ownership
become_user : "{{ pg_user }}"
become : yes
postgresql_owner:
login_user : "{{ pg_user }}"
db : "{{ db_name }}"
new_owner : "{{ pg_user }}"
reassign_owned_by : "{{ item }}"
loop:
- "{{ db_user2 }}"
- "{{ db_user3 }}"
- name : Remove user given permissions
become : yes
become_user : "{{ pg_user }}"
postgresql_user:
name : "{{ db_user2 }}"
state : absent
@ -687,6 +949,8 @@
login_user : "{{ pg_user }}"
- name : Remove user owner of objects
become : yes
become_user : "{{ pg_user }}"
postgresql_user:
name : "{{ db_user3 }}"
state : absent