]> git.openstreetmap.org Git - chef.git/blob - cookbooks/postgresql/providers/user.rb
Drop use of sender callout verification completely
[chef.git] / cookbooks / postgresql / providers / user.rb
1 #
2 # Cookbook Name:: postgresql
3 # Provider:: postgresql_user
4 #
5 # Copyright 2012, OpenStreetMap Foundation
6 #
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
10 #
11 #     http://www.apache.org/licenses/LICENSE-2.0
12 #
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18 #
19
20 def load_current_resource
21   @pg = Chef::PostgreSQL.new(new_resource.cluster)
22
23   @current_resource = Chef::Resource::PostgresqlUser.new(new_resource.name)
24   @current_resource.user(new_resource.user)
25   @current_resource.cluster(new_resource.cluster)
26   if pg_user = @pg.users[@current_resource.user]
27     @current_resource.superuser(pg_user[:superuser])
28     @current_resource.createdb(pg_user[:createdb])
29     @current_resource.createrole(pg_user[:createrole])
30     @current_resource.replication(pg_user[:replication])
31   end
32   @current_resource
33 end
34
35 action :create do
36   password = new_resource.password ? "ENCRYPTED PASSWORD '#{new_resource.password}'" : ""
37   superuser = new_resource.superuser ? "SUPERUSER" : "NOSUPERUSER"
38   createdb = new_resource.createdb ? "CREATEDB" : "NOCREATEDB"
39   createrole = new_resource.createrole ? "CREATEROLE" : "NOCREATEROLE"
40   replication = new_resource.replication ? "REPLICATION" : "NOREPLICATION"
41
42   unless @pg.users.include?(new_resource.user)
43     @pg.execute(:command => "CREATE ROLE \"#{new_resource.user}\" LOGIN #{password} #{superuser} #{createdb} #{createrole}")
44     new_resource.updated_by_last_action(true)
45   else
46     if new_resource.superuser != @current_resource.superuser
47       @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{superuser}")
48       new_resource.updated_by_last_action(true)
49     end
50
51     unless new_resource.superuser
52       if new_resource.createdb != @current_resource.createdb
53         @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{createdb}")
54         new_resource.updated_by_last_action(true)
55       end
56
57       if new_resource.createrole != @current_resource.createrole
58         @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{createrole}")
59         new_resource.updated_by_last_action(true)
60       end
61
62       if new_resource.replication != @current_resource.replication
63         @pg.execute(:command => "ALTER ROLE \"#{new_resource.user}\" #{replication}")
64         new_resource.updated_by_last_action(true)
65       end
66     end
67   end
68 end
69
70 action :drop do
71   if @pg.users.include?(new_resource.user)
72     @pg.execute(:command => "DROP ROLE \"#{new_resource.user}\"")
73     new_resource.updated_by_last_action(true)
74   end
75 end