postgresql_privs: add integration test for schema names with '.' or '"'

ansible-collections · Dec 6, 2022 · 5dfd401 · 5dfd401
1 parent 313d91a
commit 5dfd401
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 0 deletions.
diff --git a/tests/integration/targets/postgresql_privs/defaults/main.yml b/tests/integration/targets/postgresql_privs/defaults/main.yml
@@ -7,6 +7,8 @@ db_user_with_dots2: role.with.dots2
 db_name_with_hyphens: ansible-db
 db_user_with_hyphens: ansible-db-user
 db_schema_with_hyphens: ansible-db-schema
+db_schema_with_dot: test.schema
+db_schema_with_quote: 'TEST_schema"'
 db_session_role1: session_role1
 db_session_role2: session_role2
 dangerous_name: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
diff --git a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml
@@ -1476,6 +1476,92 @@
     that:
     - result is not changed
 
+##############
+# Issue https://github.com/ansible-collections/community.postgresql/issues/381
+- name: create schemas with special names
+  become: true
+  become_user: "{{ pg_user }}"
+  postgresql_schema:
+    login_user: "{{ pg_user }}"
+    login_password: password
+    db: "{{ db_name }}"
+    name: "{{ item }}"
+    state: present
+  loop:
+    - "{{ db_schema_with_dot }}"
+    - "{{ db_schema_with_quote }}"
+  register: result
+- assert:
+    that:
+      - result is changed
+- name: create tables in schemas with special names
+  become: true
+  become_user: "{{ pg_user }}"
+  postgresql_table:
+    login_user: "{{ pg_user }}"
+    login_password: password
+    db: "{{ db_name }}"
+    name: '"{{ item|replace("\"", "\"\"") }}"."test.table.name"'
+    columns: []
+  loop:
+    - "{{ db_schema_with_dot }}"
+    - "{{ db_schema_with_quote }}"
+  register: result
+- assert:
+    that:
+      - result is changed
+- name: grant privileges on all tables in schemas with special names
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_privs:
+    login_user: "{{ pg_user }}"
+    login_db: "{{ db_name }}"
+    roles: PUBLIC
+    objs: ALL_IN_SCHEMA
+    type: table
+    privs: SELECT
+    schema: "{{ item }}"
+  loop:
+    - "{{ db_schema_with_dot }}"
+    - "{{ db_schema_with_quote }}"
+  register: result
+- assert:
+    that:
+      - result is changed
+- name: grant privileges on some table in schemas with special names
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_privs:
+    login_user: "{{ pg_user }}"
+    login_db: "{{ db_name }}"
+    roles: PUBLIC
+    objs: 'test.table.name'
+    type: table
+    privs: SELECT
+    schema: "{{ item }}"
+  loop:
+    - "{{ db_schema_with_dot }}"
+    - "{{ db_schema_with_quote }}"
+  register: result
+- assert:
+    that:
+      - result is changed
+- name: cleanup test schemas with special names
+  become: true
+  become_user: "{{ pg_user }}"
+  postgresql_schema:
+    login_user: "{{ pg_user }}"
+    login_password: password
+    db: "{{ db_name }}"
+    name: "{{ item }}"
+    state: absent
+    cascade_drop: true
+  loop:
+    - "{{ db_schema_with_dot }}"
+    - "{{ db_schema_with_quote }}"
+  register: result
+
+
 ##############
 # Issue https://github.com/ansible-collections/community.postgresql/issues/332
 - name: Test community.postgresql issue 332 grant usage