cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Usage is not a valid database or table privilege

Browse source 
Remove `USAGE` from the `VALID_PRIVS` dict for both database and
table because it is not a valid privilege for either (and
breaks the implementation of `has_table_privilege` and
`has_database_privilege`

See http://www.postgresql.org/docs/9.0/static/sql-grant.html
This commit is contained in:
Will Thames 2015-04-08 13:00:50 +10:00 committed by Matt Clay
parent 43bad27948
commit 9aff204f63
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/ansible/modules/database/postgresql/postgresql_user.py
View file

@ -174,8 +174,8 @@ else:
_flags = ('SUPERUSER', 'CREATEROLE', 'CREATEUSER', 'CREATEDB', 'INHERIT', 'LOGIN', 'REPLICATION') _flags = ('SUPERUSER', 'CREATEROLE', 'CREATEUSER', 'CREATEDB', 'INHERIT', 'LOGIN', 'REPLICATION')
VALID_FLAGS = frozenset(itertools.chain(_flags, ('NO%s' % f for f in _flags))) VALID_FLAGS = frozenset(itertools.chain(_flags, ('NO%s' % f for f in _flags)))
VALID_PRIVS = dict(table=frozenset(('SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'ALL', 'USAGE')), VALID_PRIVS = dict(table=frozenset(('SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'ALL')),
database=frozenset(('CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'ALL', 'USAGE')), database=frozenset(('CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'ALL')),
) )
# map to cope with idiosyncracies of SUPERUSER and LOGIN # map to cope with idiosyncracies of SUPERUSER and LOGIN
@ -325,6 +325,8 @@ def user_delete(cursor, user):
return True return True
def has_table_privilege(cursor, user, table, priv): def has_table_privilege(cursor, user, table, priv):
if priv == 'ALL':
priv = ','.join([ p for p in VALID_PRIVS['table'] if p != 'ALL' ])
query = 'SELECT has_table_privilege(%s, %s, %s)' query = 'SELECT has_table_privilege(%s, %s, %s)'
cursor.execute(query, (user, table, priv)) cursor.execute(query, (user, table, priv))
return cursor.fetchone()[0] return cursor.fetchone()[0]
@ -378,6 +380,8 @@ def get_database_privileges(cursor, user, db):
return o return o
def has_database_privilege(cursor, user, db, priv): def has_database_privilege(cursor, user, db, priv):
if priv == 'ALL':
priv = ','.join([ p for p in VALID_PRIVS['database'] if p != 'ALL' ])
query = 'SELECT has_database_privilege(%s, %s, %s)' query = 'SELECT has_database_privilege(%s, %s, %s)'
cursor.execute(query, (user, db, priv)) cursor.execute(query, (user, db, priv))
return cursor.fetchone()[0] return cursor.fetchone()[0]