Can't revoke functions from user

[DPatFrance]

SUMMARY

Can't revoke the functions from user with community.postgresql.postgresql_privs.

ISSUE TYPE

• Bug Report

COMPONENT NAME

postgresql_privs

COLLECTION VERSION

community.general 8.5.0

ACTUAL RESULTS

The revoke FUNCTIONS is missing in the queries.

"changed": false,
  "invocation": {
      "module_args": {
          "ca_cert": null,
          "connect_params": {},
          "database": "pgappli",
          "db": "appli",
          "fail_on_role": true,
          "grant_option": null,
          "login_host": "localhost",
          "login_password": "",
          "login_port": 5432,
          "login_unix_socket": "",
          "login_user": "postgres",
          "objs": "FUNCTIONS",
          "password": "",
          "port": 5432,
          "privs": "ALL",
          "role": "testTOUp",
          "roles": "testTOUp",
          "schema": "public",
          "session_role": null,
          "ssl_cert": null,
          "ssl_key": null,
          "ssl_mode": "prefer",
          "state": "absent",
          "target_roles": null,
          "trust_input": true,
          "type": "default_privs"
      }
  },
  "queries": [
      "ALTER DEFAULT PRIVILEGES IN SCHEMA \"public\" REVOKE ALL ON TABLES FROM \"testTOUp\";\nALTER DEFAULT PRIVILEGES IN SCHEMA \"public\" REVOKE ALL ON SEQUENCES FROM \"testTOUp\";\nALTER DEFAULT PRIVILEGES IN SCHEMA \"public\" REVOKE ALL ON TYPES FROM \"testTOUp\";" 

PROPOSED SOLUTION

In the module postgresql_privs.py : add FUNCTIONS at the line 975:

 972     def build_absent(self):
 973         if self._obj_type == 'default_privs':
 974             self.query = []
 975             for obj in ['TABLES', 'FUNCTIONS', 'SEQUENCES', 'TYPES']:
 976                 if self._as_who:
 977                     self.query.append(
 978                         'ALTER DEFAULT PRIVILEGES FOR ROLE {0}{1} REVOKE ALL ON {2} FROM {3};'.format(self._as_who,
 979                                                                                                       self._schema, obj,
 980                                                                                                       self._for_whom))
 981                 else:
 982                     self.query.append(
 983                         'ALTER DEFAULT PRIVILEGES{0} REVOKE ALL ON {1} FROM {2};'.format(self._schema, obj,
 984                                                                                          self._for_whom))
 985         else:
 986             self.query.append('REVOKE {0} FROM {1};'.format(self._set_what, self._for_whom))

[hunleyd]

Thanks for the issue @DPatFrance ! Would you be interested in making a PR with your proposed fix? If not, someone else will pick this up eventually.

[DPatFrance]

Hello,
Thank you for your reply, I'll let you make the correction. 😃

[Andersson007]

@DPatFrance hello, thanks for reporting the bug!
Looks like an easyfix to me. I'll put the help wanted and easyfix labels on the issue.
If someone wants to fix it, please before starting add a comment. There's also a quick start guide for new folks

[SlamChillz]

@Andersson007 @DPatFrance I would work on this fix.

[Andersson007]

@SlamChillz hello, cool, thanks!

[Andersson007]

@DPatFrance thanks for the bug report!