PostgreSQL modules: move params mapping from main to connect_to_db() function (#55799)

* PostgreSQL modules: move params mapping from main to connect_to_db() function

* PostgreSQL modules: fix postgresql_db

* PostgreSQL modules: fixes

lib/ansible/module_utils/postgres.py

@@ -29,12 +29,15 @@
 
 try:
     import psycopg2
-    import psycopg2.extras
+    from psycopg2.extras import DictCursor
     HAS_PSYCOPG2 = True
 except ImportError:
     HAS_PSYCOPG2 = False
 
+from ansible.module_utils.basic import missing_required_lib
 from ansible.module_utils._text import to_native
+from ansible.module_utils.six import iteritems
+from distutils.version import LooseVersion
 
 
 class LibraryError(Exception):
@@ -63,7 +66,50 @@ def postgres_common_argument_spec():
     )
 
 
-def connect_to_db(module, kw, autocommit=False):
+def ensure_required_libs(module):
+    if not HAS_PSYCOPG2:
+        module.fail_json(msg=missing_required_lib('psycopg2'))
+
+    if module.params.get('ca_cert') and LooseVersion(psycopg2.__version__) < LooseVersion('2.4.3'):
+        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order to use the ca_cert parameter')
+
+
+def connect_to_db(module, autocommit=False, fail_on_conn=True, warn_db_default=True):
+
+    ensure_required_libs(module)
+
+    # To use defaults values, keyword arguments must be absent, so
+    # check which values are empty and don't include in the **kw
+    # dictionary
+    params_map = {
+        "login_host": "host",
+        "login_user": "user",
+        "login_password": "password",
+        "port": "port",
+        "ssl_mode": "sslmode",
+        "ca_cert": "sslrootcert"
+    }
+
+    # Might be different in the modules:
+    if module.params.get('db'):
+        params_map['db'] = 'database'
+    elif module.params.get('database'):
+        params_map['database'] = 'database'
+    elif module.params.get('login_db'):
+        params_map['login_db'] = 'database'
+    else:
+        if warn_db_default:
+            module.warn('Database name has not been passed, '
+                        'used default database to connect to.')
+
+    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
+              if k in params_map and v != '' and v is not None)
+
+    # If a login_unix_socket is specified, incorporate it here.
+    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
+    if is_localhost and module.params["login_unix_socket"] != "":
+        kw["host"] = module.params["login_unix_socket"]
+
     try:
         db_connection = psycopg2.connect(**kw)
         if autocommit:
@@ -72,19 +118,31 @@ def connect_to_db(module, kw, autocommit=False):
             else:
                 db_connection.set_isolation_level(psycopg2.extensions.ISOLATION_LEVEL_AUTOCOMMIT)
 
+        # Switch role, if specified:
+        cursor = db_connection.cursor(cursor_factory=DictCursor)
+        if module.params.get('session_role'):
+            try:
+                cursor.execute('SET ROLE %s' % module.params['session_role'])
+            except Exception as e:
+                module.fail_json(msg="Could not switch role: %s" % to_native(e))
+        cursor.close()
+
     except TypeError as e:
         if 'sslrootcert' in e.args[0]:
             module.fail_json(msg='Postgresql server must be at least '
                                  'version 8.4 to support sslrootcert')
 
-        module.fail_json(msg="unable to connect to database: %s" % to_native(e))
+        if fail_on_conn:
+            module.fail_json(msg="unable to connect to database: %s" % to_native(e))
+        else:
+            module.warn("PostgreSQL server is unavailable: %s" % to_native(e))
+            db_connection = None
 
     except Exception as e:
-        module.fail_json(msg="unable to connect to database: %s" % to_native(e))
+        if fail_on_conn:
+            module.fail_json(msg="unable to connect to database: %s" % to_native(e))
+        else:
+            module.warn("PostgreSQL server is unavailable: %s" % to_native(e))
+            db_connection = None
 
     return db_connection
-
-
-def get_pg_version(cursor):
-    cursor.execute("select current_setting('server_version_num')")
-    return int(cursor.fetchone()[0])

lib/ansible/modules/database/postgresql/postgresql_ext.py

@@ -135,18 +135,15 @@ query:
 
 import traceback
 
-PSYCOPG2_IMP_ERR = None
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    import psycopg2.extras
-    HAS_PSYCOPG2 = True
 except ImportError:
-    PSYCOPG2_IMP_ERR = traceback.format_exc()
+    # psycopg2 is checked by connect_to_db()
-    HAS_PSYCOPG2 = False
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
-from ansible.module_utils.six import iteritems
 from ansible.module_utils._text import to_native
 from ansible.module_utils.database import pg_quote_identifier
 
@@ -213,49 +210,14 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'), exception=PSYCOPG2_IMP_ERR)
-
-    db = module.params["db"]
     ext = module.params["ext"]
     schema = module.params["schema"]
     state = module.params["state"]
     cascade = module.params["cascade"]
-    sslrootcert = module.params["ca_cert"]
-    session_role = module.params["session_role"]
     changed = False
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=True)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] == "" or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert is not None:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=True)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % pg_quote_identifier(session_role, 'role'))
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e), exception=traceback.format_exc())
 
     try:
         if module.check_mode:
@@ -269,12 +231,13 @@ def main():
 
             elif state == "present":
                 changed = ext_create(cursor, ext, schema, cascade)
-    except NotSupportedError as e:
+
-        module.fail_json(msg=to_native(e), exception=traceback.format_exc())
     except Exception as e:
+        db_connection.close()
         module.fail_json(msg="Database query failed: %s" % to_native(e), exception=traceback.format_exc())
 
-    module.exit_json(changed=changed, db=db, ext=ext, queries=executed_queries)
+    db_connection.close()
+    module.exit_json(changed=changed, db=module.params["db"], ext=ext, queries=executed_queries)
 
 
 if __name__ == '__main__':

lib/ansible/modules/database/postgresql/postgresql_idx.py

@@ -229,21 +229,17 @@ valid:
   sample: true
 '''
 
-import traceback
-
-PSYCOPG2_IMP_ERR = None
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
-    PSYCOPG2_IMP_ERR = traceback.format_exc()
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import SQLParseError
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
-from ansible.module_utils.six import iteritems
 
 
 VALID_IDX_TYPES = ('BTREE', 'HASH', 'GIST', 'SPGIST', 'GIN', 'BRIN')
@@ -428,9 +424,6 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'), exception=PSYCOPG2_IMP_ERR)
-
     idxname = module.params["idxname"]
     state = module.params["state"]
     concurrent = module.params["concurrent"]
@@ -438,8 +431,6 @@ def main():
     idxtype = module.params["idxtype"]
     columns = module.params["columns"]
     cond = module.params["cond"]
-    sslrootcert = module.params["ca_cert"]
-    session_role = module.params["session_role"]
     tablespace = module.params["tablespace"]
     storage_params = module.params["storage_params"]
     cascade = module.params["cascade"]
@@ -462,37 +453,8 @@ def main():
     if cascade and state != 'absent':
         module.fail_json(msg="cascade parameter used only with state=absent")
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=True)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert is not None:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=True)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
 
     # Set defaults:
     changed = False
@@ -554,6 +516,7 @@ def main():
         db_connection.commit()
 
     kw['changed'] = changed
+    db_connection.close()
     module.exit_json(**kw)
 
 

lib/ansible/modules/database/postgresql/postgresql_info.py

@@ -468,14 +468,15 @@ settings:
 from fnmatch import fnmatch
 
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
 from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 from ansible.module_utils.database import SQLParseError
-from ansible.module_utils.postgres import postgres_common_argument_spec
+from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
 from ansible.module_utils.six import iteritems
 
@@ -485,17 +486,16 @@ from ansible.module_utils.six import iteritems
 #
 
 class PgDbConn(object):
-    def __init__(self, module, params_dict, session_role):
+    def __init__(self, module):
-        self.params_dict = params_dict
         self.module = module
         self.db_conn = None
-        self.session_role = session_role
         self.cursor = None
+        self.session_role = self.module.params.get('session_role')
 
     def connect(self):
         try:
-            self.db_conn = psycopg2.connect(**self.params_dict)
+            self.db_conn = connect_to_db(self.module, warn_db_default=False)
-            self.cursor = self.db_conn.cursor(cursor_factory=psycopg2.extras.DictCursor)
+            self.cursor = self.db_conn.cursor(cursor_factory=DictCursor)
 
             # Switch role, if specified:
             if self.session_role:
@@ -518,7 +518,7 @@ class PgDbConn(object):
     def reconnect(self, dbname):
         self.db_conn.close()
 
-        self.params_dict['database'] = dbname
+        self.module.params['database'] = dbname
         return self.connect()
 
 
@@ -905,10 +905,7 @@ class PgClusterInfo(object):
             res = self.cursor.fetchall()
             if res:
                 return res
-        except SQLParseError as e:
+        except Exception as e:
-            self.module.fail_json(msg=to_native(e))
-            self.cursor.close()
-        except psycopg2.ProgrammingError as e:
             self.module.fail_json(msg="Cannot execute SQL '%s': %s" % (query, to_native(e)))
             self.cursor.close()
         return False
@@ -930,38 +927,9 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
     filter_ = module.params["filter"]
-    sslrootcert = module.params["ca_cert"]
+
-    session_role = module.params["session_role"]
+    db_conn_obj = PgDbConn(module)
-
-    # To use defaults values, keyword arguments must be absent, so
-    # check which values are empty and don't include in the **kw
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] == "" or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order '
-                             'to user the ca_cert parameter')
-
-    db_conn_obj = PgDbConn(module, kw, session_role)
 
     # Do job:
     pg_info = PgClusterInfo(module, db_conn_obj)

lib/ansible/modules/database/postgresql/postgresql_lang.py

@@ -169,19 +169,8 @@ queries:
   version_added: '2.8'
 '''
 
-import traceback
+from ansible.module_utils.basic import AnsibleModule
-
-PSYCOPG2_IMP_ERR = None
-try:
-    import psycopg2
-    HAS_PSYCOPG2 = True
-except ImportError:
-    PSYCOPG2_IMP_ERR = traceback.format_exc()
-    HAS_PSYCOPG2 = False
-
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
-from ansible.module_utils.six import iteritems
 from ansible.module_utils._text import to_native
 from ansible.module_utils.database import pg_quote_identifier
 
@@ -264,43 +253,9 @@ def main():
     force_trust = module.params["force_trust"]
     cascade = module.params["cascade"]
     fail_on_drop = module.params["fail_on_drop"]
-    sslrootcert = module.params["ca_cert"]
-    session_role = module.params["session_role"]
-
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'), exception=PSYCOPG2_IMP_ERR)
-
-    # To use defaults values, keyword arguments must be absent, so
-    # check which values are empty and don't include in the **kw
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] == "" or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert is not None:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=False)
-    cursor = db_connection.cursor()
 
-    if session_role:
+    db_connection = connect_to_db(module, autocommit=False)
-        try:
+    cursor = db_connection.cursor()
-            cursor.execute('SET ROLE %s' % pg_quote_identifier(session_role, 'role'))
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e), exception=traceback.format_exc())
 
     changed = False
     kw = {'db': db, 'lang': lang, 'trust': trust}
@@ -341,6 +296,7 @@ def main():
 
     kw['changed'] = changed
     kw['queries'] = executed_queries
+    db_connection.close()
     module.exit_json(**kw)
 
 

lib/ansible/modules/database/postgresql/postgresql_membership.py

@@ -136,16 +136,16 @@ state:
 '''
 
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import SQLParseError, pg_quote_identifier
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
-from ansible.module_utils.six import iteritems
 
 
 class PgMembership(object):
@@ -265,9 +265,7 @@ class PgMembership(object):
                 res = self.cursor.fetchall()
                 return res
             return True
-        except SQLParseError as e:
+        except Exception as e:
-            self.module.fail_json(msg=to_native(e))
-        except psycopg2.ProgrammingError as e:
             self.module.fail_json(msg="Cannot execute SQL '%s': %s" % (query, to_native(e)))
         return False
 
@@ -293,49 +291,13 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
     groups = module.params['groups']
     target_roles = module.params['target_roles']
     fail_on_role = module.params['fail_on_role']
     state = module.params['state']
-    sslrootcert = module.params['ca_cert']
+
-    session_role = module.params['session_role']
+    db_connection = connect_to_db(module, autocommit=False)
-
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # To use defaults values, keyword arguments must be absent, so
-    # check which values are empty and don't include in the **kw
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != '' and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 '
-                             'in order to user the ssl_rootcert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=False)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    # Switch role, if specified:
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
 
     ##############
     # Create the object and do main job:

lib/ansible/modules/database/postgresql/postgresql_owner.py

@@ -150,19 +150,27 @@ queries:
 '''
 
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import SQLParseError, pg_quote_identifier
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
-from ansible.module_utils.six import iteritems
 
 
 class PgOwnership(object):
+    """
+    If you want to add handling of a new type of database objects:
+    1. Add a specific method for this like self.__set_db_owner(), etc.
+    2. Add a condition with a check of ownership for new type objects to self.__is_owner()
+    3. Add a condition with invocation of the specific method to self.set_owner()
+    4. Add the information to the module documentation
+    That's all.
+    """
     def __init__(self, module, cursor, role):
         self.module = module
         self.cursor = cursor
@@ -337,9 +345,7 @@ class PgOwnership(object):
                 res = self.cursor.fetchall()
                 return res
             return True
-        except SQLParseError as e:
+        except Exception as e:
-            self.module.fail_json(msg=to_native(e))
-        except psycopg2.ProgrammingError as e:
             self.module.fail_json(msg="Cannot execute SQL '%s': %s" % (query, to_native(e)))
         return False
 
@@ -372,50 +378,14 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
     new_owner = module.params['new_owner']
     obj_name = module.params['obj_name']
     obj_type = module.params['obj_type']
     reassign_owned_by = module.params['reassign_owned_by']
     fail_on_role = module.params['fail_on_role']
-    sslrootcert = module.params['ca_cert']
+
-    session_role = module.params['session_role']
+    db_connection = connect_to_db(module, autocommit=False)
-
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # To use defaults values, keyword arguments must be absent, so
-    # check which values are empty and don't include in the **kw
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != '' and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 '
-                             'in order to user the ssl_rootcert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=False)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    # Switch role, if specified:
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
 
     ##############
     # Create the object and do main job:

lib/ansible/modules/database/postgresql/postgresql_ping.py

@@ -71,16 +71,16 @@ server_version:
   sample: { major: 10, minor: 1 }
 '''
 
-
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
 from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 from ansible.module_utils.database import SQLParseError
-from ansible.module_utils.postgres import postgres_common_argument_spec
+from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
 from ansible.module_utils.six import iteritems
 
@@ -118,11 +118,8 @@ class PgPing(object):
             res = self.cursor.fetchall()
             if res:
                 return res
-        except SQLParseError as e:
-            self.module.fail_json(msg=to_native(e))
-            self.cursor.close()
         except Exception as e:
-            self.module.warn("PostgreSQL server is unavailable: %s" % to_native(e))
+            self.module.fail_json("Unable to execute '%s': %s" % (query, to_native(e)))
 
         return False
 
@@ -141,35 +138,6 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
-    sslrootcert = module.params["ca_cert"]
-
-    # To use defaults values, keyword arguments must be absent, so
-    # check which values are empty and don't include in the **kw
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert is not None:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order '
-                             'to user the ca_cert parameter')
-
     # Set some default values:
     cursor = False
     db_connection = False
@@ -179,16 +147,10 @@ def main():
         server_version=dict(),
     )
 
-    try:
+    db_connection = connect_to_db(module, fail_on_conn=False)
-        db_connection = psycopg2.connect(**kw)
+
-        cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
+    if db_connection is not None:
-    except TypeError as e:
+        cursor = db_connection.cursor(cursor_factory=DictCursor)
-        if 'sslrootcert' in e.args[0]:
-            module.fail_json(msg='Postgresql server must be at least '
-                                 'version 8.4 to support sslrootcert')
-        module.fail_json(msg="unable to connect to database: %s" % to_native(e))
-    except Exception as e:
-        module.warn("PostgreSQL server is unavailable: %s" % to_native(e))
 
     # Do job:
     pg_ping = PgPing(module, cursor)

lib/ansible/modules/database/postgresql/postgresql_query.py

@@ -136,20 +136,20 @@ rowcount:
     sample: 5
 '''
 
-import os
-
 try:
-    import psycopg2
+    from psycopg2 import ProgrammingError as Psycopg2ProgrammingError
-    HAS_PSYCOPG2 = True
+    from psycopg2.extras import DictCursor
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # it is needed for checking 'no result to fetch' in main(),
+    # psycopg2 availability will be checked by connect_to_db() into
+    # ansible.module_utils.postgres
+    pass
 
 import ansible.module_utils.postgres as pgutils
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import SQLParseError
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
-from ansible.module_utils.six import iteritems
 
 
 # ===========================================
@@ -174,14 +174,9 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
     query = module.params["query"]
     positional_args = module.params["positional_args"]
     named_args = module.params["named_args"]
-    sslrootcert = module.params["ca_cert"]
-    session_role = module.params["session_role"]
     path_to_script = module.params["path_to_script"]
 
     if positional_args and named_args:
@@ -196,44 +191,13 @@ def main():
         except Exception as e:
             module.fail_json(msg="Cannot read file '%s' : %s" % (path_to_script, to_native(e)))
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=False)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != '' and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 '
-                             'in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    # Switch role, if specified:
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
 
     # Prepare args:
-    if module.params["positional_args"]:
+    if module.params.get("positional_args"):
         arguments = module.params["positional_args"]
-    elif module.params["named_args"]:
+    elif module.params.get("named_args"):
         arguments = module.params["named_args"]
     else:
         arguments = None
@@ -254,7 +218,7 @@ def main():
 
     try:
         query_result = [dict(row) for row in cursor.fetchall()]
-    except psycopg2.ProgrammingError as e:
+    except Psycopg2ProgrammingError as e:
         if to_native(e) == 'no results to fetch':
             query_result = {}
 

lib/ansible/modules/database/postgresql/postgresql_schema.py

@@ -121,19 +121,16 @@ queries:
 
 import traceback
 
-PSYCOPG2_IMP_ERR = None
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    import psycopg2.extras
-    HAS_PSYCOPG2 = True
 except ImportError:
-    PSYCOPG2_IMP_ERR = traceback.format_exc()
+    # psycopg2 is checked by connect_to_db()
-    HAS_PSYCOPG2 = False
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils.database import SQLParseError, pg_quote_identifier
-from ansible.module_utils.six import iteritems
 from ansible.module_utils._text import to_native
 
 executed_queries = []
@@ -231,49 +228,14 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'), exception=PSYCOPG2_IMP_ERR)
-
     schema = module.params["schema"]
     owner = module.params["owner"]
     state = module.params["state"]
-    sslrootcert = module.params["ca_cert"]
     cascade_drop = module.params["cascade_drop"]
-    session_role = module.params["session_role"]
     changed = False
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=True)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "database": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] == "" or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert is not None:
-        module.fail_json(
-            msg='psycopg2 must be at least 2.4.3 in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=True)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % pg_quote_identifier(session_role, 'role'))
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e), exception=traceback.format_exc())
 
     try:
         if module.check_mode:
@@ -302,6 +264,7 @@ def main():
     except Exception as e:
         module.fail_json(msg="Database query failed: %s" % to_native(e), exception=traceback.format_exc())
 
+    db_connection.close()
     module.exit_json(changed=changed, schema=schema, queries=executed_queries)
 
 

lib/ansible/modules/database/postgresql/postgresql_set.py

@@ -155,22 +155,21 @@ context:
   sample: user
 '''
 
-PG_REQ_VER = 90400
+try:
+    from psycopg2.extras import DictCursor
+except Exception:
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
 from copy import deepcopy
 
-try:
+from ansible.module_utils.basic import AnsibleModule
-    import psycopg2
-    HAS_PSYCOPG2 = True
-except ImportError:
-    HAS_PSYCOPG2 = False
-
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 from ansible.module_utils.database import SQLParseError
-from ansible.module_utils.postgres import connect_to_db, get_pg_version, postgres_common_argument_spec
+from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
-from ansible.module_utils.six import iteritems
 from ansible.module_utils._text import to_native
 
+PG_REQ_VER = 90400
 
 # To allow to set value like 1mb instead of 1MB, etc:
 POSSIBLE_SIZE_UNITS = ("mb", "gb", "tb")
@@ -290,14 +289,9 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
     name = module.params["name"]
     value = module.params["value"]
     reset = module.params["reset"]
-    sslrootcert = module.params["ca_cert"]
-    session_role = module.params["session_role"]
 
     # Allow to pass values like 1mb instead of 1MB, etc:
     if value:
@@ -311,38 +305,12 @@ def main():
     if not value and not reset:
         module.fail_json(msg="%s: at least one of value or reset param must be specified" % name)
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=True, warn_db_default=False)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != '' and v is not None)
-
-    # Store connection parameters for the final check:
-    con_params = deepcopy(kw)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 '
-                             'in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=True)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
 
+    kw = {}
     # Check server version (needs 9.4 or later):
-    ver = get_pg_version(cursor)
+    ver = db_connection.server_version
     if ver < PG_REQ_VER:
         module.warn("PostgreSQL is %s version but %s or later is required" % (ver, PG_REQ_VER))
         kw = dict(
@@ -356,13 +324,6 @@ def main():
         db_connection.close()
         module.exit_json(**kw)
 
-    # Switch role, if specified:
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
-
     # Set default returned values:
     restart_required = False
     changed = False
@@ -437,8 +398,8 @@ def main():
 
     # Reconnect and recheck current value:
     if context in ('sighup', 'superuser-backend', 'backend', 'superuser', 'user'):
-        db_connection = connect_to_db(module, con_params, autocommit=True)
+        db_connection = connect_to_db(module, autocommit=True)
-        cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
+        cursor = db_connection.cursor(cursor_factory=DictCursor)
 
         res = param_get(cursor, module, name)
         # f_ means 'final'

lib/ansible/modules/database/postgresql/postgresql_slot.py

@@ -142,14 +142,15 @@ queries:
 '''
 
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import SQLParseError
-from ansible.module_utils.postgres import connect_to_db, get_pg_version, postgres_common_argument_spec
+from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
 
 
@@ -182,8 +183,7 @@ class PgSlot(object):
 
         if kind == 'physical':
             # Check server version (needs for immedately_reserverd needs 9.6+):
-            ver = get_pg_version(self.cursor)
+            if self.cursor.connection.server_version < 96000:
-            if ver < 96000:
                 query = "SELECT pg_create_physical_replication_slot('%s')" % self.name
 
             else:
@@ -219,9 +219,7 @@ class PgSlot(object):
                 res = self.cursor.fetchall()
                 return res
             return True
-        except SQLParseError as e:
+        except Exception as e:
-            self.module.fail_json(msg=to_native(e))
-        except psycopg2.ProgrammingError as e:
             self.module.fail_json(msg="Cannot execute SQL '%s': %s" % (query, to_native(e)))
         return False
 
@@ -248,53 +246,17 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
-    db = module.params["db"]
     name = module.params["name"]
     slot_type = module.params["slot_type"]
     immediately_reserve = module.params["immediately_reserve"]
     state = module.params["state"]
-    ssl_rootcert = module.params["ca_cert"]
     output_plugin = module.params["output_plugin"]
-    session_role = module.params["session_role"]
 
     if immediately_reserve and slot_type == 'logical':
         module.fail_json(msg="Module parameters immediately_reserve and slot_type=logical are mutually exclusive")
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=True)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "db": "database",
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "sslmode": "ssl_mode",
-        "ca_cert": "ssl_rootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in module.params.items()
-              if k in params_map and v != '')
-
-    # if a login_unix_socket is specified, incorporate it here
-    is_localhost = "host" not in kw or kw["host"] == "" or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and ssl_rootcert is not None:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order to use the ssl_rootcert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=True)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    # Switch role, if specified:
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
 
     ##################################
     # Create an object and do main job
@@ -321,6 +283,7 @@ def main():
 
         changed = pg_slot.changed
 
+    db_connection.close()
     module.exit_json(changed=changed, name=name, queries=pg_slot.executed_queries)
 
 

lib/ansible/modules/database/postgresql/postgresql_table.py

@@ -209,18 +209,17 @@ storage_params:
   sample: [ "fillfactor=100", "autovacuum_analyze_threshold=1" ]
 '''
 
-
 try:
-    import psycopg2
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import SQLParseError, pg_quote_identifier
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
-from ansible.module_utils.six import iteritems
 
 
 # ===========================================
@@ -426,9 +425,7 @@ class Table(object):
                 res = self.cursor.fetchall()
                 return res
             return True
-        except SQLParseError as e:
+        except Exception as e:
-            self.module.fail_json(msg=to_native(e))
-        except psycopg2.ProgrammingError as e:
             self.module.fail_json(msg="Cannot execute SQL '%s': %s" % (query, to_native(e)))
         return False
 
@@ -471,8 +468,6 @@ def main():
     storage_params = module.params["storage_params"]
     truncate = module.params["truncate"]
     columns = module.params["columns"]
-    sslrootcert = module.params["ca_cert"]
-    session_role = module.params["session_role"]
 
     # Check mutual exclusive parameters:
     if state == 'absent' and (truncate or newname or columns or tablespace or
@@ -499,40 +494,8 @@ def main():
     if including and not like:
         module.fail_json(msg="%s: including param needs like param specified" % table)
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=False)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib("psycopg2"))
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert is not None:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=False)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
 
     if storage_params:
         storage_params = ','.join(storage_params)
@@ -546,6 +509,7 @@ def main():
 
     # Set default returned values:
     changed = False
+    kw = {}
     kw['table'] = table
     kw['state'] = ''
     if table_obj.exists:

lib/ansible/modules/database/postgresql/postgresql_tablespace.py

@@ -170,16 +170,19 @@ state:
 '''
 
 try:
-    import psycopg2
+    from psycopg2 import __version__ as PSYCOPG2_VERSION
-    HAS_PSYCOPG2 = True
+    from psycopg2.extras import DictCursor
+    from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT as AUTOCOMMIT
+    from psycopg2.extensions import ISOLATION_LEVEL_READ_COMMITTED as READ_COMMITTED
 except ImportError:
-    HAS_PSYCOPG2 = False
+    # psycopg2 is checked by connect_to_db()
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import SQLParseError, pg_quote_identifier
 from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_native
-from ansible.module_utils.six import iteritems
 
 
 class PgTablespace(object):
@@ -303,9 +306,7 @@ class PgTablespace(object):
                 res = self.cursor.fetchall()
                 return res
             return True
-        except SQLParseError as e:
+        except Exception as e:
-            self.module.fail_json(msg=to_native(e))
-        except psycopg2.ProgrammingError as e:
             self.module.fail_json(msg="Cannot execute SQL '%s': %s" % (query, to_native(e)))
         return False
 
@@ -334,62 +335,26 @@ def main():
         supports_check_mode=True,
     )
 
-    if not HAS_PSYCOPG2:
-        module.fail_json(msg=missing_required_lib('psycopg2'))
-
     tablespace = module.params["tablespace"]
     state = module.params["state"]
     location = module.params["location"]
     owner = module.params["owner"]
     rename_to = module.params["rename_to"]
     settings = module.params["set"]
-    sslrootcert = module.params["ca_cert"]
-    session_role = module.params["session_role"]
 
     if state == 'absent' and (location or owner or rename_to or settings):
         module.fail_json(msg="state=absent is mutually exclusive location, "
                              "owner, rename_to, and set")
 
-    # To use defaults values, keyword arguments must be absent, so
+    db_connection = connect_to_db(module, autocommit=True)
-    # check which values are empty and don't include in the **kw
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != '' and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] is None or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert:
-        module.fail_json(msg='psycopg2 must be at least 2.4.3 '
-                             'in order to user the ca_cert parameter')
-
-    db_connection = connect_to_db(module, kw, autocommit=True)
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
-
-    # Switch role, if specified:
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % session_role)
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e))
 
     # Change autocommit to False if check_mode:
     if module.check_mode:
-        if psycopg2.__version__ >= '2.4.2':
+        if PSYCOPG2_VERSION >= '2.4.2':
             db_connection.set_session(autocommit=False)
         else:
-            db_connection.set_isolation_level(psycopg2.extensions.ISOLATION_LEVEL_READ_COMMITTED)
+            db_connection.set_isolation_level(READ_COMMITTED)
 
     # Set defaults:
     autocommit = False
@@ -414,10 +379,10 @@ def main():
 
         # Because CREATE TABLESPACE can not be run inside the transaction block:
         autocommit = True
-        if psycopg2.__version__ >= '2.4.2':
+        if PSYCOPG2_VERSION >= '2.4.2':
             db_connection.set_session(autocommit=True)
         else:
-            db_connection.set_isolation_level(psycopg2.extensions.ISOLATION_LEVEL_AUTOCOMMIT)
+            db_connection.set_isolation_level(AUTOCOMMIT)
 
         changed = tblspace.create(location)
 
@@ -430,10 +395,10 @@ def main():
     elif tblspace.exists and state == 'absent':
         # Because DROP TABLESPACE can not be run inside the transaction block:
         autocommit = True
-        if psycopg2.__version__ >= '2.4.2':
+        if PSYCOPG2_VERSION >= '2.4.2':
             db_connection.set_session(autocommit=True)
         else:
-            db_connection.set_isolation_level(psycopg2.extensions.ISOLATION_LEVEL_AUTOCOMMIT)
+            db_connection.set_isolation_level(AUTOCOMMIT)
 
         changed = tblspace.drop()
 

lib/ansible/modules/database/postgresql/postgresql_user.py

@@ -234,18 +234,17 @@ import re
 import traceback
 from hashlib import md5
 
-PSYCOPG2_IMP_ERR = None
 try:
     import psycopg2
-    import psycopg2.extras
+    from psycopg2.extras import DictCursor
-    HAS_PSYCOPG2 = True
 except ImportError:
-    PSYCOPG2_IMP_ERR = traceback.format_exc()
+    # psycopg2 is checked by connect_to_db()
-    HAS_PSYCOPG2 = False
+    # from ansible.module_utils.postgres
+    pass
 
-from ansible.module_utils.basic import AnsibleModule, missing_required_lib
+from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.database import pg_quote_identifier, SQLParseError
-from ansible.module_utils.postgres import postgres_common_argument_spec
+from ansible.module_utils.postgres import connect_to_db, postgres_common_argument_spec
 from ansible.module_utils._text import to_bytes, to_native
 from ansible.module_utils.six import iteritems
 
@@ -348,7 +347,7 @@ def user_alter(db_connection, module, user, password, role_attr_flags, encrypted
     """Change user password and/or attributes. Return True if changed, False otherwise."""
     changed = False
 
-    cursor = db_connection.cursor(cursor_factory=psycopg2.extras.DictCursor)
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
     # Note: role_attr_flags escaped by parse_role_attrs and encrypted is a
     # literal
     if user == 'PUBLIC':
@@ -790,67 +789,20 @@ def main():
     password = module.params["password"]
     state = module.params["state"]
     fail_on_user = module.params["fail_on_user"]
-    db = module.params["db"]
+    if module.params['db'] == '' and module.params["priv"] is not None:
-    session_role = module.params["session_role"]
-    if db == '' and module.params["priv"] is not None:
         module.fail_json(msg="privileges require a database to be specified")
-    privs = parse_privs(module.params["priv"], db)
+    privs = parse_privs(module.params["priv"], module.params["db"])
     no_password_changes = module.params["no_password_changes"]
     if module.params["encrypted"]:
         encrypted = "ENCRYPTED"
     else:
         encrypted = "UNENCRYPTED"
     expires = module.params["expires"]
-    sslrootcert = module.params["ca_cert"]
     conn_limit = module.params["conn_limit"]
     role_attr_flags = module.params["role_attr_flags"]
 
-    if not HAS_PSYCOPG2:
+    db_connection = connect_to_db(module, warn_db_default=False)
-        module.fail_json(msg=missing_required_lib('psycopg2'), exception=PSYCOPG2_IMP_ERR)
+    cursor = db_connection.cursor(cursor_factory=DictCursor)
-
-    # To use defaults values, keyword arguments must be absent, so
-    # check which values are empty and don't include in the **kw
-    # dictionary
-    params_map = {
-        "login_host": "host",
-        "login_user": "user",
-        "login_password": "password",
-        "port": "port",
-        "db": "database",
-        "ssl_mode": "sslmode",
-        "ca_cert": "sslrootcert"
-    }
-    kw = dict((params_map[k], v) for (k, v) in iteritems(module.params)
-              if k in params_map and v != "" and v is not None)
-
-    # If a login_unix_socket is specified, incorporate it here.
-    is_localhost = "host" not in kw or kw["host"] == "" or kw["host"] == "localhost"
-    if is_localhost and module.params["login_unix_socket"] != "":
-        kw["host"] = module.params["login_unix_socket"]
-
-    if psycopg2.__version__ < '2.4.3' and sslrootcert is not None:
-        module.fail_json(
-            msg='psycopg2 must be at least 2.4.3 in order to user the ca_cert parameter')
-
-    try:
-        db_connection = psycopg2.connect(**kw)
-        cursor = db_connection.cursor(
-            cursor_factory=psycopg2.extras.DictCursor)
-
-    except TypeError as e:
-        if 'sslrootcert' in e.args[0]:
-            module.fail_json(
-                msg='Postgresql server must be at least version 8.4 to support sslrootcert')
-        module.fail_json(msg="Unable to connect to database: %s" % to_native(e), exception=traceback.format_exc())
-
-    except Exception as e:
-        module.fail_json(msg="Unable to connect to database: %s" % to_native(e), exception=traceback.format_exc())
-
-    if session_role:
-        try:
-            cursor.execute('SET ROLE %s' % pg_quote_identifier(session_role, 'role'))
-        except Exception as e:
-            module.fail_json(msg="Could not switch role: %s" % to_native(e), exception=traceback.format_exc())
 
     try:
         role_attr_flags = parse_role_attrs(cursor, role_attr_flags)