cookbooks/postgresql/providers/user.rb

   1 #
   2 # Cookbook Name:: postgresql
   3 # Provider:: postgresql_user
   4 #
   5 # Copyright 2012, OpenStreetMap Foundation
   6 #
   7 # Licensed under the Apache License, Version 2.0 (the "License");
   8 # you may not use this file except in compliance with the License.
   9 # You may obtain a copy of the License at
  10 #
  11 #     http://www.apache.org/licenses/LICENSE-2.0
  12 #
  13 # Unless required by applicable law or agreed to in writing, software
  14 # distributed under the License is distributed on an "AS IS" BASIS,
  15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16 # See the License for the specific language governing permissions and
  17 # limitations under the License.
  18 #
  19
  20 require "shellwords"
  21
  22 use_inline_resources
  23
  24 def load_current_resource
  25   @pg = Chef::PostgreSQL.new(new_resource.cluster)
  26
  27   @current_resource = Chef::Resource::PostgresqlUser.new(new_resource.name)
  28   @current_resource.user(new_resource.user)
  29   @current_resource.cluster(new_resource.cluster)
  30   if (pg_user = @pg.users[@current_resource.user])
  31     @current_resource.superuser(pg_user[:superuser])
  32     @current_resource.createdb(pg_user[:createdb])
  33     @current_resource.createrole(pg_user[:createrole])
  34     @current_resource.replication(pg_user[:replication])
  35   end
  36   @current_resource
  37 end
  38
  39 action :create do
  40   password = new_resource.password ? "ENCRYPTED PASSWORD '#{new_resource.password.shellescape}'" : ""
  41   superuser = new_resource.superuser ? "SUPERUSER" : "NOSUPERUSER"
  42   createdb = new_resource.createdb ? "CREATEDB" : "NOCREATEDB"
  43   createrole = new_resource.createrole ? "CREATEROLE" : "NOCREATEROLE"
  44   replication = new_resource.replication ? "REPLICATION" : "NOREPLICATION"
  45
  46   if !@pg.users.include?(new_resource.user)
  47     @pg.execute(:command => "CREATE ROLE \"#{new_resource.user}\" LOGIN #{password} #{superuser} #{createdb} #{createrole}")
  48     new_resource.updated_by_last_action(true)
  49   else
  50     if new_resource.superuser != @current_resource.superuser
  51       @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{superuser}")
  52       new_resource.updated_by_last_action(true)
  53     end
  54
  55     unless new_resource.superuser
  56       if new_resource.createdb != @current_resource.createdb
  57         @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{createdb}")
  58         new_resource.updated_by_last_action(true)
  59       end
  60
  61       if new_resource.createrole != @current_resource.createrole
  62         @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{createrole}")
  63         new_resource.updated_by_last_action(true)
  64       end
  65
  66       if new_resource.replication != @current_resource.replication
  67         @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{replication}")
  68         new_resource.updated_by_last_action(true)
  69       end
  70     end
  71   end
  72 end
  73
  74 action :drop do
  75   if @pg.users.include?(new_resource.user)
  76     @pg.execute(:command => "DROP ROLE \"#{new_resource.user}\"")
  77     new_resource.updated_by_last_action(true)
  78   end
  79 end