Implement grants on database #123
Conversation
ghost
added
the
There was a problem hiding this comment.
Thanks a lot for your work 👍
Nice to have created the dedicated function for the queries.
Could you quickly add a test like TestAccPostgresqlGrant for database.
You can make it simple with just one privilege and create a function which check that the role has the privilege (like testCheckTablesPrivileges but simpler, like just checking that the role can create a table if you give him this right)
| "role": roleName, | ||
| }), | ||
| privileges: []string{"SELECT"}, | ||
| expected: fmt.Sprintf("GRANT SELECT ON ALL TABLES IN SCHEMA %s TO %s", pq.QuoteIdentifier(databaseName), pq.QuoteIdentifier(roleName)), |
There was a problem hiding this comment.
I would have even set the generated string as expected value, but as you prefer.
There was a problem hiding this comment.
You mean not using fmt.Sprintf and pq.QuoteIdentifier, and hardcoding the string ?
|
I was just looking for this. Great work :)! |
|
@cyrilgdn I tried to add an acceptance test, however I'm even less fluent with that kind of tests than with Golang. Take a deep breath before reading :) |
There was a problem hiding this comment.
@jeromepin Sorry for the response delay.
Your acceptance test was actually not testing anything 😄
(and should have failed but you didn't check the error of the query you executed)
As I understand that these tests are really not easy to understand and to dive in, I allowed myself to write it for you and to push on your branch.
Basically I check that if we add CREATE privilege for a role on a database, this role will be able to create a schema in this database (and will not be able to do it if this privilege has not been set).
When writing this test (and testing manually too), I find out a couple a problems that I fixed too.
Mainly:
- the
readRolePrivilegeswas not working for database, it needs a different query schemaparameter needs to be optional now as it doesn't make sense for database.
Would you mind reviewing my code (and if someone else sees this message and want to review, feel free :) ), so we can approve and merge ?
Thank you!
Oh... I knew testing wasn't my strong suit, but I didn't knew I was that bad 😄 🤦♂ Sorry for that !
Thank you very much for taking the time ! 👍
No problem, I'll review it. But since I wasn't able to write a proper acceptance test, I'm not sure I'm the most qualified to review your work 😂 |
|
@cyrilgdn Looks good to me ! 👍 |
|
I'll let you known here when it's released. |
|
@cyrilgdn Any ETA on the release date for this? Not being able to allow a user to connect to a database is a huge hole in functionality for this provider, and I would really love for this to be released. Thanks! Edit: # Install latest plugin from master
go get -u github.com/terraform-providers/terraform-provider-postgresql
# Add as "custom" plugin with obviously fake version
mkdir -p ~/.terraform.d/plugins
ln -s $GOPATH/bin/terraform-provider-postgresql ~/.terraform.d/plugins/terraform-provider-postgresql_v999.0.0Then specify the fake version in your provider block provider "postgresql" {
version = "999.0.0
...
}Reinitializing with |
|
@stefan2718 Sorry for the delay, As I explained here #138 , v1.6.0 will be released during the week (next Monday at the latest). |
|
Hi, This feature has been released in v1.6.0 last Friday. |
|
I've created this merge request to update the provider documentation to reflect the changes made in this MR. |
I'm following @tgermain's comment (we work together) regarding the proposal to handle
GRANTon databases (in addition to sequences and tables).I took the liberty to move the query string creation (for both grant and revoke queries) into two dedicated functions and write unit test for them (although I'm a test newbie). Feel free to discard that if you find it irrelevant.