community.postgresql icon indicating copy to clipboard operation
community.postgresql copied to clipboard

Published 20 hours ago verified publisher icon ansible-collections

postgresql_privs: add support for alter default privileges grant usage on schemas

Open Andersson007 opened this issue 3 years ago • 4 comments

SUMMARY

Fixes https://github.com/ansible-collections/community.postgresql/issues/332 Fixes https://github.com/ansible-collections/community.postgresql/issues/333

Test task 332 executes the following queries:

ALTER DEFAULT PRIVILEGES REVOKE ALL ON SCHEMAS FROM \"ansible_db_user3\";
ALTER DEFAULT PRIVILEGES GRANT USAGE ON SCHEMAS TO \"ansible_db_user3\"

Test task 333 executes the following:

ALTER DEFAULT PRIVILEGES REVOKE ALL ON TABLES FROM \"ansible_db_user3\"
ALTER DEFAULT PRIVILEGES GRANT SELECT ON TABLES TO \"ansible_db_user3\"

Is it OK?

not-specified is introduced to preserve backwards compatibility, we can change it as a default in a later major release if needed.

ISSUE TYPE
  • Bugfix Pull Request

Andersson007 avatar Aug 26 '22 07:08 Andersson007

@caseyandgina @hunleyd could you take a look? (if you click the gear in review mode and then click "Hide whitespaces", it'll make the review easier)

if you're OK with the implementation,

@caseyandgina could you please thoroughly test these changes on your test infra? (you can just replace your current module file with the file from my PR)

Despite passing our CI, i won't merge this w/o manual testing (I'm not a DBA).

@hunleyd maybe your folks also could help with testing this?

Andersson007 avatar Aug 26 '22 08:08 Andersson007

this looks ok. will test soon

hunleyd avatar Aug 28 '22 11:08 hunleyd

this looks ok. will test soon

@hunleyd thanks, I'll be waiting for your feedback!

Andersson007 avatar Aug 29 '22 06:08 Andersson007

@caseyandgina if you take part in testing I asked for in my previous message, it'd be much appreciated as we're touching very important module.

Andersson007 avatar Aug 29 '22 06:08 Andersson007

cc @caseyandgina ^

Andersson007 avatar Sep 09 '22 05:09 Andersson007

@Andersson007 I'm sorry but I really don't know how to test as I'm not a developer. I'll need some guidance on how to do this. I have been meaning to talk to some colleagues who have more experience with Ansible, but we've been extremely busy at work lately.

caseyandgina avatar Sep 09 '22 15:09 caseyandgina

@caseyandgina sorry for the late reply, was in a business trip, you can test in simply by:

  1. finding the location of plugins/modules/postgresql_privs.py in your test system (copy it somewhere)
  2. replacing it with the file from this PR, i.e. with this one
  3. running the tasks you had issues with before replacing
  4. after finishing the tests, you can move the original file back

If you have any questions, feel free to ask Thank you

Andersson007 avatar Sep 16 '22 10:09 Andersson007

@hunleyd @caseyandgina thanks for reviewing!

Andersson007 avatar Oct 18 '22 07:10 Andersson007