# limitations under the License.
#
+use_inline_resources
+
def load_current_resource
@pg = Chef::PostgreSQL.new(new_resource.cluster)
@tables = @pg.tables(new_resource.database)
@current_resource.cluster(new_resource.cluster)
@current_resource.database(new_resource.database)
@current_resource.schema(new_resource.schema)
- if pg_table = @tables[@name]
+ if (pg_table = @tables[@name])
@current_resource.owner(pg_table[:owner])
@current_resource.permissions(pg_table[:permissions])
end
end
@current_resource.permissions.each_key do |user|
- unless new_resource.permissions[user]
- converge_by("revoke all for #{user} on #{new_resource}") do
- Chef::Log.info("Revoking all for #{user} on #{new_resource}")
- @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
- end
+ next if new_resource.permissions[user]
+
+ converge_by("revoke all for #{user} on #{new_resource}") do
+ Chef::Log.info("Revoking all for #{user} on #{new_resource}")
+ @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
end
end
@pg.execute(:command => "GRANT #{privilege.to_s.upcase} ON #{@name} TO \"#{user}\"", :database => new_resource.database)
end
end
- else
- if current_privileges.include?(privilege)
- converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
- Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
- @pg.execute(:command => "REVOKE #{privilege.to_s.upcase} ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
- end
+ elsif current_privileges.include?(privilege)
+ converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
+ Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
+ @pg.execute(:command => "REVOKE #{privilege.to_s.upcase} ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
end
end
end