* postgresql_privs change fail to warn if role does not exists
* postgresql_privs change fail to warn if role does not exists: fix sanity
* postgresql_privs change fail to warn if role does not exists: add changelog fragment
* postgresql_privs change fail to warn if role does not exists: fixes
* postgresql_privs change fail to warn if role does not exists: added fail_on_role param
* postgresql_idx: ci tests, refactoring, return values
* postgresql_idx: ci tests, new params, return values
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* postgresql_idx: ci tests, fix
* New module postgresql_table - fix tests
* New module postgresql_table - fix tests
* New module postgresql_table - fix tests
* New module postgresql_table - fix state choices order
* Allow session_role to be set for PostgreSQL
By implementing session_role it becomes possible to run the specific
PostgreSQL commands as a different role.
The usecase that is immediately served by this, is the one that one
ansible playbook can be shared by multiple users, which all have
their
own PostgreSQL login_user. They do not need to share login
credentials,
as they can share the role within the PostgreSQL database.
The following example may give some insight:
$ psql -U jdoe -X -d postgres
postgres=> CREATE DATABASE abc;
ERROR: permission denied to create database
postgres=> set role postgres;
SET
postgres=# CREATE DATABASE abc;
CREATE DATABASE
fixes#43592
* Tests for session_role in PostgreSQL
* Bump version_added for session_role feature
* Remove explicit encrypted parameter from tests
Have added some extra arguments to the postgresql_lang module to allow
configuring an SSL connection to the postgresql server and explicit
support for connecting via a unix socket. The arguments and method used
here for the connection are the same as used by the postgresql_schema
module.
* Allow creating extension in a specific schema
* Code Review: Update example to include schema parameter
* Code Review: Use simple string concatenation to build query
conn_limit type is set to 'int'. This will allow module to compare conn_limit with record value without type casting.
Fixes: #38118
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* New module - postgresql_idx
* New module postgresql_idx: added returns block
* New module postgresql_idx: fixed documentation, typos and added idxname to fail_json
Have added some extra arguments to the postgresql_ext module to allow
configuring an SSL connection to the postgresql server and explicit
support for connecting via a unix socket. The arguments and method used
here for the connection are the same as used by the postgresql_database
module.
Have added some extra arguments to the postgresql_schema module to allow
configuring an SSL connection to the postgresql server. The arguments
and method used here for the connection are the same as used by the
postgresql_database module.
* Update postgresql_user.py
md5sum generates output with hypen. Something like the following
```
$ echo "md5$(echo -n 'verysecretpasswordJOE' | md5sum)"
md5d011966da94d776cf59bf6dbde240e5d -
```
We need to remove hyphen from the output. Also the command by itself is incorrect
```
echo "md5$(echo -n 'verysecretpasswordJOE' | md5sum")
```
double quotes must be after right parenthesis
```
echo "md5$(echo -n 'verysecretpasswordJOE' | md5sum)"
```
+label: docsite_pr
* Update postgresql_user.py
Add curly braces
* Support for postgresql default privileges
fix the following issues:
* #29701
* #23657
* The ALTER DEFAULT PRIVILEGES is implemented with type 'default_privs'
* Added a Query Builder for simplification
* Some minor lint
* Fixed Lint Issue in doc
Fixed misspelled method name
* Removed the damned empty space on line 243 ! (within the doc) x|
* Kept Compat in string interpolation for old beloved python 2.6
* Set encrypted as default and fix empty password reporting changed
* Starting with Postgres 10 `UNENCRYPTED` passwords are removed and
because of that this module fails with the default `encrypted=no`.
Also encrypted passwords are suported since version 7.2
(https://www.postgresql.org/docs/7.2/static/sql-createuser.html) which
went EOL in 2007 and since 7.3 it is the default. Because of this it
makes a lot more sense to make `encrypted=yes` the default. This won't
break backward compatibility, the module would just update the user's
password in the DB in the hashed format and everything else will work
like before. It's also a security bad practice to store passwords in
plain text. fixes#25823
* There was also a bug with `encrypted=yes` and an empty password always
reported as changed.
* Improved documentation for `encrypted`/`password` parameters, and
removed some obsolete notes about passlib.
* Fix clearing user's password to work with all versions of Postgres
* Add tests for clearing the user password
* Fix documentation atfer rebase
* Add changelog fragment
* Module DOCUMENTATION should match argspec
Large update of many modules so that DOCUMENTATION option name and
aliases match those defined in the argspec.
Issues identified by https://github.com/ansible/ansible/pull/34809
In addition to many typos and missing aliases, the following notable
changes were made:
* Create `module_docs_fragments/url.py` for `url_argument_spec`
* `dellos*_command` shouldn't have ever had `waitfor` (was incorrectly copied)
* `ce_aaa_server_host.py` `s/raduis_server_type/radius_server_type/g`
* `Junos_lldp` enable should be part of `state`.
This fix removes a deprecated Postgresql User role attribute
called 'CREATEUSER' and 'NOCREATEUSER'. Also, updated documentation
for deprecation.
Fixes: #24928
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds additional check to get details about roles
from pg_roles instead of pg_authid. On AWS RDS instances,
access to pg_authid is restricted for security reasons.
Fixes: #32358
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix allows user to specify alternative maintenance DB
required for initial connection in Postgresql_db module.
Also, adds pep8 related fixes.
Fixes: #30017
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds handling of error/exception message using
to_native API instead of decoding.
Also, fixes PEP8 errors.
Fixes: #31825
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds documentation update and example update
for user's password expiration option 'expire' in postgresql_user.
Now, option is more clear and explicit about default value.
Fixes: #30195
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
The fix adds exception handling while user add operation in
postgresql_user module.
Fixes: #29738
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
It could be something like '10beta4', which StrictVersion() would
reject. When Postgres 10 is released, it will be '10', which
StrictVersion() would STILL reject.
Fortunately, psycopg2 has a 'server_version' connection attribute that
is guaranteed to be an integer like 90605 for version 9.6.5, or 100000
for version 10. We can safely use this for version-specific code.
