Skip to content

Add onlyif option to postgresql_psql type #527

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 9 commits into from
Closed

Add onlyif option to postgresql_psql type #527

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
0540059
Add onlyif parameter to postgresql_psql to only run command if onlyif…
kimor79 Nov 5, 2014
61c6f09
Add option to only attempt table grant if table already exists
kimor79 Nov 5, 2014
d2c9ab5
Make this slightly more generic
kimor79 Nov 10, 2014
6f44abe
Merge pull request #619 from puppetlabs/modulesync_updates
bmjen May 7, 2015
ff77c52
Add onlyif parameter to postgresql_psql to only run command if onlyif…
kimor79 Nov 5, 2014
a7fc928
Add option to only attempt table grant if table already exists
kimor79 Nov 5, 2014
66c849d
Make this slightly more generic
kimor79 Nov 10, 2014
4b7f98c
Merge branch 'psql-onlyif' of github.com:kimor79/puppetlabs-postgresq…
kimor79 May 19, 2015
810f077
Remove duplicate onlyif declaration
kimor79 May 19, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add option to only attempt table grant if table already exists
  • Loading branch information
@kimor79
kimor79 committed May 19, 2015
commit a7fc928ce7b8cc6cd11a5db1bed445dcdcd98b0f
28 changes: 22 additions & 6 deletions manifests/server/grant.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,13 @@
define postgresql::server::grant (
$role,
$db,
$privilege = undef,
$object_type = 'database',
$object_name = undef,
$psql_db = $postgresql::server::default_database,
$psql_user = $postgresql::server::user,
$port = $postgresql::server::port
$privilege = undef,
$object_type = 'database',
$object_name = undef,
$psql_db = $postgresql::server::default_database,
$psql_user = $postgresql::server::user,
$port = $postgresql::server::port,
$onlyif_exists = false,
) {
$group = $postgresql::server::group
$psql_path = $postgresql::server::psql_path
Expand All @@ -22,6 +23,8 @@
$_object_type = upcase($object_type)
$_privilege = upcase($privilege)

validate_bool($onlyif_exists)

## Validate that the object type is known
validate_string($_object_type,
#'COLUMN',
Expand Down Expand Up @@ -59,6 +62,7 @@
'ALL','ALL PRIVILEGES')
$unless_function = 'has_database_privilege'
$on_db = $psql_db
$onlyif_function = undef
}
'SCHEMA': {
$unless_privilege = $_privilege ? {
Expand All @@ -69,6 +73,7 @@
validate_string($_privilege, 'CREATE', 'USAGE', 'ALL', 'ALL PRIVILEGES')
$unless_function = 'has_schema_privilege'
$on_db = $db
$onlyif_function = undef
}
'TABLE': {
$unless_privilege = $_privilege ? {
Expand All @@ -79,12 +84,17 @@
'TRUNCATE','REFERENCES','TRIGGER','ALL','ALL PRIVILEGES')
$unless_function = 'has_table_privilege'
$on_db = $db
$onlyif_function = $onlyif_exists ? {
true => 'table_exists',
default => undef,
}
}
'ALL TABLES IN SCHEMA': {
validate_string($_privilege,'SELECT','INSERT','UPDATE','DELETE',
'TRUNCATE','REFERENCES','TRIGGER','ALL','ALL PRIVILEGES')
$unless_function = 'custom'
$on_db = $db
$onlyif_function = undef

$schema = $object_name

Expand Down Expand Up @@ -150,6 +160,11 @@
'${_granted_object}', '${unless_privilege}')",
}

$_onlyif = $onlyif_function ? {
'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object'",
default => undef,
}

$grant_cmd = "GRANT ${_privilege} ON ${_object_type} \"${_togrant_object}\" TO
\"${role}\""
postgresql_psql { "grant:${name}":
Expand All @@ -159,6 +174,7 @@
psql_user => $psql_user,
psql_group => $group,
psql_path => $psql_path,
onlyif => $_onlyif,
unless => $_unless,
require => Class['postgresql::server']
}
Expand Down
24 changes: 13 additions & 11 deletions manifests/server/table_grant.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,18 +5,20 @@
$table,
$db,
$role,
$port = $postgresql::server::port,
$psql_db = undef,
$psql_user = undef
$port = $postgresql::server::port,
$psql_db = undef,
$psql_user = undef,
$onlyif_table_exists = false,
) {
postgresql::server::grant { "table:${name}":
role => $role,
db => $db,
port => $port,
privilege => $privilege,
object_type => 'TABLE',
object_name => $table,
psql_db => $psql_db,
psql_user => $psql_user,
role => $role,
db => $db,
port => $port,
privilege => $privilege,
object_type => 'TABLE',
object_name => $table,
psql_db => $psql_db,
psql_user => $psql_user,
onlyif_table_exists => $onlyif_table_exists,
}
}