# Test code for the postgresql_ping module
# Copyright: (c) 2019, Andrew Klychkov (@Andersson007) <aaklychkov@mail.ru>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

- name: postgresql_ping - test return values
  become_user: "{{ pg_user }}"
  become: yes
  postgresql_ping:
    db: "{{ db_default }}"
    login_user: "{{ pg_user }}"
  register: result
  ignore_errors: yes

- assert:
    that:
      - result.is_available == true
      - result.server_version != {}
      - result.server_version.major != false
      - result.server_version.minor != false
      - result is not changed

- name: postgresql_ping - check ping of non-existing database doesn't return anything
  become_user: "{{ pg_user }}"
  become: yes
  postgresql_ping:
    db: "{{ db_name_nonexist }}"
    login_user: "{{ pg_user }}"
  register: result
  ignore_errors: yes

- assert:
    that:
      - result.is_available == false
      - result.server_version == {}
      - result is not changed

- name: postgresql_ping - ping DB with SSL
  become_user: "{{ pg_user }}"
  become: yes
  postgresql_ping:
    db: "{{ ssl_db }}"
    login_user: "{{ ssl_user }}"
    login_password: "{{ ssl_pass }}"
    login_host: 127.0.0.1
    login_port: 5432
    ssl_mode: require
    ca_cert: '{{ ssl_rootcert }}'
    trust_input: yes
  register: result
  when:
  - ansible_os_family == 'Debian'
  - postgres_version_resp.stdout is version('9.4', '>=')

- assert:
    that: 
    - result.is_available == true
  when:
  - ansible_os_family == 'Debian'
  - postgres_version_resp.stdout is version('9.4', '>=')

- name: postgresql_ping - check trust_input
  become_user: "{{ pg_user }}"
  become: yes
  postgresql_ping:
    db: "{{ db_default }}"
    login_user: "{{ pg_user }}"
    trust_input: no
    session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
  register: result
  ignore_errors: yes

- assert:
    that:
    - result is failed
    - result.msg is search('is potentially dangerous')