ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-04-18 16:31:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

postgresql_schema: add trust_input parameter (#259)

Browse source 
* postgresql_schema: add trust_input parameter

* add changelog fragment
This commit is contained in:
Andrew Klychkov 2020-05-01 14:09:23 +03:00 committed by GitHub
parent d6b368e63f
commit c68f17f09b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 44 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

26
plugins/modules/database/postgresql/postgresql_schema.py
View file

@ -69,6 +69,11 @@ options:
- If the file exists, the server's certificate will be verified to be signed by one of these authorities.
type: str
aliases: [ ssl_rootcert ]
trust_input:
description:
- If C(no), check whether values of some parameters are potentially dangerous.
type: bool
default: yes
seealso:
- name: PostgreSQL schemas
description: General information about PostgreSQL schemas.
@ -136,7 +141,11 @@ from ansible_collections.community.general.plugins.module_utils.postgres import
get_conn_params,
postgres_common_argument_spec,
)
from ansible_collections.community.general.plugins.module_utils.database import SQLParseError, pg_quote_identifier
from ansible_collections.community.general.plugins.module_utils.database import (
check_input,
pg_quote_identifier,
SQLParseError,
)
from ansible.module_utils._text import to_native
executed_queries = []
@ -151,9 +160,8 @@ class NotSupportedError(Exception):
#
def set_owner(cursor, schema, owner):
query = "ALTER SCHEMA %s OWNER TO %s" % (
pg_quote_identifier(schema, 'schema'),
pg_quote_identifier(owner, 'role'))
query = 'ALTER SCHEMA %s OWNER TO "%s"' % (
pg_quote_identifier(schema, 'schema'), owner)
cursor.execute(query)
executed_queries.append(query)
return True
@ -190,7 +198,7 @@ def schema_create(cursor, schema, owner):
if not schema_exists(cursor, schema):
query_fragments = ['CREATE SCHEMA %s' % pg_quote_identifier(schema, 'schema')]
if owner:
query_fragments.append('AUTHORIZATION %s' % pg_quote_identifier(owner, 'role'))
query_fragments.append('AUTHORIZATION "%s"' % owner)
query = ' '.join(query_fragments)
cursor.execute(query)
executed_queries.append(query)
@ -227,6 +235,7 @@ def main():
cascade_drop=dict(type="bool", default=False),
state=dict(type="str", default="present", choices=["absent", "present"]),
session_role=dict(type="str"),
trust_input=dict(type="bool", default=True),
)
module = AnsibleModule(
@ -238,6 +247,13 @@ def main():
owner = module.params["owner"]
state = module.params["state"]
cascade_drop = module.params["cascade_drop"]
session_role = module.params["session_role"]
trust_input = module.params["trust_input"]
if not trust_input:
# Check input for potentially dangerous elements:
check_input(module, schema, owner, session_role)
changed = False
conn_params = get_conn_params(module, module.params)