community.postgresql icon indicating copy to clipboard operation
community.postgresql copied to clipboard
verified publisher icon ansible-collections

community.postgresql.postgresql_privs - allow list of schemas

Open danielleshoemake opened this issue 11 months ago • 4 comments

SUMMARY

Allow the schema parameter to accept a list of schemas

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

community.postgresql.postgresql_privs - schema

ADDITIONAL INFORMATION

My organization has about 100 databases on an instance of postgres, each with 1 to 3 schemas. We setup 6 group roles, each with a different set of permissions, universally on all databases and schemas. To execute GRANT SELECT,UPDATE ON ALL TABLES IN SCHEMA public TO role1;, this requires 100 to 300 iterations of the community.postgresql.postgresql_privs module to cover the 1 to 3 schemas in each database for 1 of the 6 roles. And of course we are granting more than table permissions, so the playbook to configure these 6 roles on all databases takes nearly two hours. Perhaps the loop that would be required in code would take the same amount of time, but we were thinking that if we could shave the number of iterations down by giving a list of schemas, this might reduce the overall time it takes to handle permission configuration.

danielleshoemake avatar Apr 29 '25 23:04 danielleshoemake

Makes sense.

andreasscherbaum avatar Apr 30 '25 06:04 andreasscherbaum

@danielleshoemake hello, thanks for requesting the enhancement! would you like to tackle it your self? If yes, please let us know. our quick start dev guide can help volunteers who are new to development here Putting the help wanted label

Andersson007 avatar Apr 30 '25 07:04 Andersson007

Hello,

I find myself needing this as well :)

Looks like it would require changes at least at the following places (besides doc and tests):

  • https://github.com/ansible-collections/community.postgresql/blob/f3789b7c7c427f39a01dcc157810c4d835f24cee/plugins/modules/postgresql_privs.py#L792
  • https://github.com/ansible-collections/community.postgresql/blob/f3789b7c7c427f39a01dcc157810c4d835f24cee/plugins/modules/postgresql_privs.py#L822
  • and https://github.com/ansible-collections/community.postgresql/blob/f3789b7c7c427f39a01dcc157810c4d835f24cee/plugins/modules/postgresql_privs.py#L882

Maybe some day I'll give it a try but I'm a postgresql newbie and an ansible newbie...

dawagner avatar Oct 31 '25 14:10 dawagner

@dawagner hello, thanks for your interest in helping with this!

Maybe some day I'll give it a try but I'm a postgresql newbie and an ansible newbie...

That's OK, as long as your changes covered with tests and the existing tests run with no failures, your contribution will be welcome. Check out this guide.

Andersson007 avatar Nov 03 '25 07:11 Andersson007