]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/postgresql/providers/table.rb
Add cookbook for blogs.openstreetmap.org
[chef.git] / cookbooks / postgresql / providers / table.rb
index 4a2b43f5dd3dd885b161fcf16acde33792d23685..495bf8b71e7d9368c25daeaa47cc255e53b1e890 100644 (file)
@@ -17,6 +17,8 @@
 # limitations under the License.
 #
 
 # limitations under the License.
 #
 
+use_inline_resources
+
 def load_current_resource
   @pg = Chef::PostgreSQL.new(new_resource.cluster)
   @tables = @pg.tables(new_resource.database)
 def load_current_resource
   @pg = Chef::PostgreSQL.new(new_resource.cluster)
   @tables = @pg.tables(new_resource.database)
@@ -26,7 +28,7 @@ def load_current_resource
   @current_resource.cluster(new_resource.cluster)
   @current_resource.database(new_resource.database)
   @current_resource.schema(new_resource.schema)
   @current_resource.cluster(new_resource.cluster)
   @current_resource.database(new_resource.database)
   @current_resource.schema(new_resource.schema)
-  if pg_table = @tables[@name]
+  if (pg_table = @tables[@name])
     @current_resource.owner(pg_table[:owner])
     @current_resource.permissions(pg_table[:permissions])
   end
     @current_resource.owner(pg_table[:owner])
     @current_resource.permissions(pg_table[:permissions])
   end
@@ -42,19 +44,19 @@ action :create do
       end
     end
 
       end
     end
 
-    @current_resource.permissions.each do |user,privileges|
-      unless new_resource.permissions[user]
-        converge_by("revoke all for #{user} on #{new_resource}") do
-          Chef::Log.info("Revoking all for #{user} on #{new_resource}")
-          @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
-        end
+    @current_resource.permissions.each_key do |user|
+      next if new_resource.permissions[user]
+
+      converge_by("revoke all for #{user} on #{new_resource}") do
+        Chef::Log.info("Revoking all for #{user} on #{new_resource}")
+        @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
       end
     end
 
       end
     end
 
-    new_resource.permissions.each do |user,new_privileges|
+    new_resource.permissions.each do |user, new_privileges|
       current_privileges = @current_resource.permissions[user] || {}
       new_privileges = Array(new_privileges)
       current_privileges = @current_resource.permissions[user] || {}
       new_privileges = Array(new_privileges)
-      
+
       if new_privileges.include?(:all)
         new_privileges |= Chef::PostgreSQL::TABLE_PRIVILEGES
       end
       if new_privileges.include?(:all)
         new_privileges |= Chef::PostgreSQL::TABLE_PRIVILEGES
       end
@@ -67,12 +69,10 @@ action :create do
               @pg.execute(:command => "GRANT #{privilege.to_s.upcase} ON #{@name} TO \"#{user}\"", :database => new_resource.database)
             end
           end
               @pg.execute(:command => "GRANT #{privilege.to_s.upcase} ON #{@name} TO \"#{user}\"", :database => new_resource.database)
             end
           end
-        else
-          if current_privileges.include?(privilege)
-            converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
-              Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
-              @pg.execute(:command => "REVOKE #{privilege.to_s.upcase} ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
-            end
+        elsif current_privileges.include?(privilege)
+          converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
+            Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
+            @pg.execute(:command => "REVOKE #{privilege.to_s.upcase} ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
           end
         end
       end
           end
         end
       end