ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-04-22 18:31:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

postgresql modules: improve trust_input parameter's documentation, improve CI tests (#309)

Browse source 
* postgresql modules: improve trust_input parameter's documentation, improve CI tests

* fix CI
This commit is contained in:
Andrew Klychkov 2020-05-09 09:25:12 +03:00 committed by GitHub
parent 85cbc27427
commit 55c1ece888
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 110 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
plugins/modules/database/postgresql/postgresql_db.py
View file

@ -107,7 +107,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(owner), I(conn_limit), I(encoding),
I(db), I(template), I(tablespace), I(session_role) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
seealso:

4
plugins/modules/database/postgresql/postgresql_ext.py
View file

@ -82,7 +82,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(ext), I(schema),
I(version), I(session_role) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
seealso:

5
plugins/modules/database/postgresql/postgresql_idx.py
View file

@ -116,7 +116,10 @@ options:
default: no
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(idxname), I(session_role),
I(schema), I(table), I(columns), I(tablespace), I(storage_params),
I(cond) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes

7
plugins/modules/database/postgresql/postgresql_lang.py
View file

@ -73,7 +73,8 @@ options:
description:
- Switch to session_role after connecting.
- The specified I(session_role) must be a role that the current I(login_user) is a member of.
- Permissions checking for SQL commands is carried out as though the I(session_role) were the one that had logged in originally.
- Permissions checking for SQL commands is carried out as though the
I(session_role) were the one that had logged in originally.
type: str
state:
description:
@ -106,7 +107,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(lang), I(session_role),
I(owner) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
seealso:

4
plugins/modules/database/postgresql/postgresql_membership.py
View file

@ -74,7 +74,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(groups),
I(target_roles), I(session_role) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
seealso:

4
plugins/modules/database/postgresql/postgresql_owner.py
View file

@ -72,7 +72,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(new_owner), I(obj_name),
I(reassign_owned_by), I(session_role) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
seealso:

4
plugins/modules/database/postgresql/postgresql_privs.py
View file

@ -159,7 +159,9 @@ options:
- ssl_rootcert
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(roles), I(target_roles), I(session_role),
I(schema) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes

4
plugins/modules/database/postgresql/postgresql_publication.py
View file

@ -71,7 +71,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(name), I(tables), I(owner),
I(session_role), I(params) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
notes:

3
plugins/modules/database/postgresql/postgresql_schema.py
View file

@ -71,7 +71,8 @@ options:
aliases: [ ssl_rootcert ]
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(schema), I(owner), I(session_role) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
seealso:

4
plugins/modules/database/postgresql/postgresql_sequence.py
View file

@ -137,7 +137,9 @@ options:
- login_db
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(sequence), I(schema), I(rename_to),
I(owner), I(newschema), I(session_role) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
notes:

4
plugins/modules/database/postgresql/postgresql_subscription.py
View file

@ -89,7 +89,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(name), I(publications), I(owner),
I(session_role), I(connparams), I(subsparams) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes

4
plugins/modules/database/postgresql/postgresql_tablespace.py
View file

@ -77,7 +77,9 @@ options:
- login_db
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(tablespace), I(location), I(owner),
I(rename_to), I(session_role), I(settings_list) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes

4
plugins/modules/database/postgresql/postgresql_user.py
View file

@ -149,7 +149,9 @@ options:
type: str
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
- If C(no), check whether values of parameters I(name), I(password), I(privs), I(expires),
I(role_attr_flags), I(groups), I(comment), I(session_role) are potentially dangerous.
- It makes sense to use C(yes) only when SQL injections via the parameters are possible.
type: bool
default: yes
notes: