postgresql_schema: add trust_input parameter (#259)

* postgresql_schema: add trust_input parameter

* add changelog fragment

tests/integration/targets/postgresql_schema/defaults/main.yml

@@ -2,5 +2,6 @@
 db_name: 'ansible_db'
 db_user1: 'ansible_db_user1'
 db_user2: 'ansible_db_user2'
+dangerous_name: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
 db_session_role1: 'session_role1'
 db_session_role2: 'session_role2'

tests/integration/targets/postgresql_schema/tasks/postgresql_schema_initial.yml

@@ -61,6 +61,7 @@
     database: "{{ db_name }}"
     name: acme
     login_user: "{{ pg_user }}"
+    trust_input: yes
   register: result
 
 # Checks
@@ -144,6 +145,25 @@
     that:
       - result.rowcount == 0
 
+# Test: trust_input parameter
+- name: Create a new schema with potentially dangerous owner name
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    login_user: "{{ pg_user }}"
+    owner: "{{ dangerous_name }}"
+    trust_input: no
+  register: result
+  ignore_errors: yes
+
+# Checks
+- assert:
+    that:
+      - result is failed
+      - result.msg == 'Passed input \'{{ dangerous_name }}\' is potentially dangerous'
+
 # Test: CREATE SCHEMA; WITH TABLE for DROP CASCADE test
 - name: Create a new schema "acme"
   become_user: "{{ pg_user }}"