postgresql_privs: add trust_input parameter (#177)

* postgresql_privs: add trust_input parameter

* add changelog fragment

tests/integration/targets/postgresql_privs/defaults/main.yml

@@ -6,3 +6,4 @@ db_user_with_dots1: role.with.dots1
 db_user_with_dots2: role.with.dots2
 db_session_role1: session_role1
 db_session_role2: session_role2
+dangerous_name: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'

tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml

@@ -62,6 +62,7 @@
     type: table
     objs: test_view
     roles: "{{ db_user2 }}"
+    trust_input: no
   check_mode: yes
   register: result
 

tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml

@@ -77,3 +77,26 @@
 - assert:
     that:
       - result is failed
+
+########################
+# Test trust_input param
+
+- name: Verify trust_input parameter
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_privs:
+    db: "{{ db_session_role1 }}"
+    type: table
+    objs: test2
+    roles: "{{ db_session_role1 }}"
+    login_user: "{{ pg_user }}"
+    privs: update
+    session_role: "{{ dangerous_name }}"
+    trust_input: no
+  ignore_errors: yes
+  register: result
+
+- assert:
+    that:
+      - result is failed
+      - result.msg == 'Passed input \'{{ dangerous_name }}\' is potentially dangerous'