From 0cadb952f9b69b7b53bf3d0fe3aef95eae01651c Mon Sep 17 00:00:00 2001
From: Andrey Klychkov <aaklychkov@mail.ru>
Date: Mon, 2 Dec 2019 16:32:25 +0300
Subject: [PATCH] postgresql_ext: use query_params (#64994)

* postgresql_ext: use query_params

* added changelog
---
 .../64994-postgresql_ext_use_query_params.yml |  2 ++
 .../database/postgresql/postgresql_ext.py     | 27 ++++++++++++-------
 .../targets/postgresql_ext/aliases            |  4 +++
 3 files changed, 23 insertions(+), 10 deletions(-)
 create mode 100644 changelogs/fragments/64994-postgresql_ext_use_query_params.yml

diff --git a/changelogs/fragments/64994-postgresql_ext_use_query_params.yml b/changelogs/fragments/64994-postgresql_ext_use_query_params.yml
new file mode 100644
index 00000000000..4fb781e8a1a
--- /dev/null
+++ b/changelogs/fragments/64994-postgresql_ext_use_query_params.yml
@@ -0,0 +1,2 @@
+minor_changes:
+- postgresql_ext - use query parameters with cursor object (https://github.com/ansible/ansible/pull/64994).
diff --git a/lib/ansible/modules/database/postgresql/postgresql_ext.py b/lib/ansible/modules/database/postgresql/postgresql_ext.py
index c5160d67056..a092d5fc4f2 100644
--- a/lib/ansible/modules/database/postgresql/postgresql_ext.py
+++ b/lib/ansible/modules/database/postgresql/postgresql_ext.py
@@ -228,11 +228,13 @@ def ext_update_version(cursor, ext, version):
       version (str) -- extension version
     """
     if version != 'latest':
-        query = ("ALTER EXTENSION \"%s\" UPDATE TO '%s'" % (ext, version))
+        query = ("ALTER EXTENSION \"%s\"" % ext)
+        cursor.execute(query + " UPDATE TO %(ver)s", {'ver': version})
+        executed_queries.append(cursor.mogrify(query + " UPDATE TO %(ver)s", {'ver': version}))
     else:
         query = ("ALTER EXTENSION \"%s\" UPDATE" % ext)
-    cursor.execute(query)
-    executed_queries.append(query)
+        cursor.execute(query)
+        executed_queries.append(query)
     return True
 
 
@@ -241,11 +243,16 @@ def ext_create(cursor, ext, schema, cascade, version):
     if schema:
         query += " WITH SCHEMA \"%s\"" % schema
     if version:
-        query += " VERSION '%s'" % version
+        query += " VERSION %(ver)s"
     if cascade:
         query += " CASCADE"
-    cursor.execute(query)
-    executed_queries.append(query)
+
+    if version:
+        cursor.execute(query, {'ver': version})
+        executed_queries.append(cursor.mogrify(query, {'ver': version}))
+    else:
+        cursor.execute(query)
+        executed_queries.append(query)
     return True
 
 
@@ -267,18 +274,18 @@ def ext_get_versions(cursor, ext):
 
     # 1. Get the current extension version:
     query = ("SELECT extversion FROM pg_catalog.pg_extension "
-             "WHERE extname = '%s'" % ext)
+             "WHERE extname = %(ext)s")
 
     current_version = '0'
-    cursor.execute(query)
+    cursor.execute(query, {'ext': ext})
     res = cursor.fetchone()
     if res:
         current_version = res[0]
 
     # 2. Get available versions:
     query = ("SELECT version FROM pg_available_extension_versions "
-             "WHERE name = '%s'" % ext)
-    cursor.execute(query)
+             "WHERE name = %(ext)s")
+    cursor.execute(query, {'ext': ext})
     res = cursor.fetchall()
 
     available_versions = []
diff --git a/test/integration/targets/postgresql_ext/aliases b/test/integration/targets/postgresql_ext/aliases
index fe75653cadc..09fc98daee3 100644
--- a/test/integration/targets/postgresql_ext/aliases
+++ b/test/integration/targets/postgresql_ext/aliases
@@ -1,3 +1,7 @@
 destructive
 shippable/posix/group4
 skip/osx
+skip/centos
+skip/redhat
+skip/freebsd
+skip/opensuse