-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
postgresql_priv: Granting privileges using ALL_IN_SCHEMA does not use ALL TABLES in SCHEMA #269
Comments
thanks for the report @SantiRaposo ! |
Hi! Yes the end result is apparently fine, it's just that the optimal way to execute changes to all tables in a schema is to use the ALL TABLES option rather than retrieving a complete list of tables and constructing a query that way. |
Thanks for confirming. Did you wanna look at this @jchancojr ? If so, feel free to self-assign, otherwise, I'll take a stab at it soon |
Sure, I'll take a look at this and reach back out with my findings. |
@SantiRaposo Hi, The reason the code behaves this way is because we currently support versions < 9.0 where the Thanks for pointing this out! |
…ile to include the `ALL x IN SCHEMA` syntax for versions of PostgreSQL 9.0.0 and greater. This means that if the version is 8.4.22 or lower, the code will continue to run individual grants per object. fixes ansible-collections#269
Hi @SantiRaposo Created PR #282 to solve for this! Thanks for pointing it out. |
SUMMARY
When using the postgresql_priv module, selecting the ALL_IN_SCHEMA option for the
obj
argument does not produce the expected statement.EXPECTED:
GRANT <privileges> ON ALL TABLES IN SCHEMA <schema> TO <role>;
ACTUAL:
GRANT <privileges> ON schema.table1, schema.table2, schema.table3, ... schema.tableN <schema> TO <role>;
ISSUE TYPE
COMPONENT NAME
postgresql_priv
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
Debian bullseye
STEPS TO REPRODUCE
Run the following statemens in a postgresql database:
CREATE TABLE public.table1(s varchar);
CREATE TABLE public.table2(s varchar);
CREATE TABLE public.table3(s varchar);
CREATE TABLE public.table4(s varchar);
CREATE TABLE public.table5(s varchar);
CREATE ROLE test;
Then run the following ansible task:
EXPECTED RESULTS
The executed query should use the ALL TABLES IN SCHEMA {schema} statement.
ACTUAL RESULTS
The module builds a list of all tables in the schema and constructs a query specifying each one individually. This creates extremely long logs for databases with many tables.
The text was updated successfully, but these errors were encountered: