ansible

Commit Graph

Author	SHA1	Message	Date
Greg DeKoenigsberg	2a5f0bde87	Proper author info for all remaining modules	9 years ago
Toshio Kuratomi	c700993dd5	Fix a problem introduced with #1101 and optimize privilege handling * If a db user belonged to a role which had a privilege, the user would not have the privilege added as the role gave the appearance that the user already had it. Fixed to always check the privileges specific to the user. * Make fewer db queries to determine if privileges need to be changed and change them (was four for each privilege. Now two for each object that has a set of privileges changed).	9 years ago
Will Thames	167e7c2b81	Perform privilege grants/revokes only when required Use `has_table_privileges` and `has_database_privileges` to test whether a user already has a privilege before granting it, or whether a user doesn't have a privilege before revoking it.	9 years ago
Toshio Kuratomi	c9b17136e4	Fix a problem introduced with #1101 and optimize privilege handling * If a db user belonged to a role which had a privilege, the user would not have the privilege added as the role gave the appearance that the user already had it. Fixed to always check the privileges specific to the user. * Make fewer db queries to determine if privileges need to be changed and change them (was four for each privilege. Now two for each object that has a set of privileges changed).	9 years ago
Toshio Kuratomi	7dd9f57e16	Fix splitting of role_attrs	9 years ago
Will Thames	c956c65731	Usage is not a valid database or table privilege Remove `USAGE` from the `VALID_PRIVS` dict for both database and table because it is not a valid privilege for either (and breaks the implementation of `has_table_privilege` and `has_database_privilege` See http://www.postgresql.org/docs/9.0/static/sql-grant.html	10 years ago
Will Thames	7d66da35a7	Perform privilege grants/revokes only when required Use `has_table_privileges` and `has_database_privileges` to test whether a user already has a privilege before granting it, or whether a user doesn't have a privilege before revoking it.	10 years ago
Will Thames	b4515c8909	Update postgresql users only when necessary For read-only databases, users should not change when no changes are required. Don't issue ALTER ROLE when role attribute flags, users password or expiry time is not changing. In certain cases (hashed passwords in the DB, but the password argument is not hashed) passlib.hash is required to avoid running ALTER ROLE.	10 years ago
tedder	bffd137edd	code review fixes per #957	10 years ago
tedder	472331a53b	skip password changes so pg_authid isn't needed Some places ([AWS RDS](https://forums.aws.amazon.com/thread.jspa?threadID=151248)) don't have, or don't allow, access to the `pg_authid` table. The only reason that is necessary is to check for a password change. This flag is a workaround so passwords can only be set at creation time. It isn't as elegant as changing the password down the line, but it fixes the longstanding issue #297 that prevented this from being useful on AWS RDS.	10 years ago
Toshio Kuratomi	b766390ae2	Add USAGE as a valid privilege	10 years ago
Toshio Kuratomi	5af4463823	Gixes to doc formatting	10 years ago
Dan	3a3ff1f0e4	Adds a unix_socket/login_unix_socket option to the postgresql_user module.	10 years ago
Toshio Kuratomi	2a794fa776	Fix for single role_attr	10 years ago
Devin Christensen	06f1c1a97e	Fix user_alter in postgresql_user	10 years ago
Devin Christensen	c77ab67274	Fix user_add in postgresql_user	10 years ago
Devin Christensen	4a3d7473fd	Fix syntax error	10 years ago
Toshio Kuratomi	c84ae54294	Normalize privs and flags to uppercase so comparisons against allowed names will work	10 years ago
Toshio Kuratomi	51910a1a33	Audit escaping of identifiers in the postgresql_user module	10 years ago
Michael DeHaan	3ed1378067	Some more module categorization.	10 years ago

20 Commits (e3235a460f7e57a109a9fa66a0b104f767bab959)