postgresql_user module: Gracefully handle ALTER ROLE on read-only postgres servers.
This commit is contained in:
parent
99616d0c80
commit
aebae13c9b
1 changed files with 13 additions and 3 deletions
|
@ -173,7 +173,7 @@ def user_add(cursor, user, password, role_attr_flags, encrypted, expires):
|
||||||
cursor.execute(query)
|
cursor.execute(query)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def user_alter(cursor, user, password, role_attr_flags, encrypted, expires):
|
def user_alter(cursor, module, user, password, role_attr_flags, encrypted, expires):
|
||||||
"""Change user password and/or attributes. Return True if changed, False otherwise."""
|
"""Change user password and/or attributes. Return True if changed, False otherwise."""
|
||||||
changed = False
|
changed = False
|
||||||
|
|
||||||
|
@ -203,7 +203,17 @@ def user_alter(cursor, user, password, role_attr_flags, encrypted, expires):
|
||||||
if expires is not None:
|
if expires is not None:
|
||||||
alter = alter + " VALID UNTIL '%(expires)s'" % { "exipres": expires }
|
alter = alter + " VALID UNTIL '%(expires)s'" % { "exipres": expires }
|
||||||
|
|
||||||
|
try:
|
||||||
cursor.execute(alter)
|
cursor.execute(alter)
|
||||||
|
except psycopg2.InternalError, e:
|
||||||
|
if e.pgcode == '25006':
|
||||||
|
# Handle errors due to read-only transactions indicated by pgcode 25006
|
||||||
|
# ERROR: cannot execute ALTER ROLE in a read-only transaction
|
||||||
|
changed = False
|
||||||
|
module.fail_json(msg=e.pgerror)
|
||||||
|
return changed
|
||||||
|
else:
|
||||||
|
raise psycopg2.InternalError, e
|
||||||
|
|
||||||
# Grab new role attributes.
|
# Grab new role attributes.
|
||||||
cursor.execute(select, {"user": user})
|
cursor.execute(select, {"user": user})
|
||||||
|
@ -455,7 +465,7 @@ def main():
|
||||||
|
|
||||||
if state == "present":
|
if state == "present":
|
||||||
if user_exists(cursor, user):
|
if user_exists(cursor, user):
|
||||||
changed = user_alter(cursor, user, password, role_attr_flags, encrypted, expires)
|
changed = user_alter(cursor, module, user, password, role_attr_flags, encrypted, expires)
|
||||||
else:
|
else:
|
||||||
changed = user_add(cursor, user, password, role_attr_flags, encrypted, expires)
|
changed = user_add(cursor, user, password, role_attr_flags, encrypted, expires)
|
||||||
changed = grant_privileges(cursor, user, privs) or changed
|
changed = grant_privileges(cursor, user, privs) or changed
|
||||||
|
|
Loading…
Reference in a new issue