cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ansible/test/integration/targets/postgresql/tasks/pg_authid_not_readable.yml
Sam Doran 18feeb51a8
Change integration tests in order to pass on Fedora 30 (#58081) 
* Use different package for DNF tests
    Ninja caused errors in Fedora 30. This works in both Fedora 29 and 30.

* Fix git integration tests
    Git >= 2.21.0 has either a bug or change in behavior where it errors when fetching a
    repository containing submodules that are behind the upstream submodule commits.
    It's weird and I don't fully understand it.

    Get around this my checking out specific commits from a repository rather than
    switch the origin URL.

* Fix PostgreSQL tests
    The error message is slightly different
2019-06-19 12:38:05 -04:00

50 lines
1.8 KiB
YAML
Raw Blame History

- name: "Admin user is allowed to access pg_authid relation: password comparison will succeed, password won't be updated"
become_user: "{{ pg_user }}"
become: True
postgresql_user:
name: "{{ db_user1 }}"
encrypted: 'yes'
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
login_user: "{{ pg_user }}"
register: redo_as_admin
- name: "Check that task succeeded without any change"
assert:
that:
- 'redo_as_admin is not failed'
- 'redo_as_admin is not changed'
- 'redo_as_admin is successful'
- name: "Check that normal user isn't allowed to access pg_authid"
shell: 'psql -c "select * from pg_authid;" {{ db_name }} {{ db_user1 }}'
environment:
PGPASSWORD: '{{ db_password }}'
ignore_errors: True
register: pg_authid
- assert:
that:
- 'pg_authid is failed'
- pg_authid.stderr is search('permission denied for (relation|table) pg_authid')
- name: "Normal user isn't allowed to access pg_authid relation: password comparison will fail, password will be updated"
become_user: "{{ pg_user }}"
become: True
postgresql_user:
name: "{{ db_user1 }}"
encrypted: 'yes'
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
login_user: "{{ db_user1 }}"
login_password: "{{ db_password }}"
register: redo_as_normal_user
- name: "Check that task succeeded and that result is changed"
assert:
that:
- 'redo_as_normal_user is not failed'
- 'redo_as_normal_user is changed'
- 'redo_as_normal_user is successful'
Reference in a new issue View git blame Copy permalink