end
end
- @current_resource.permissions.each do |user,privileges|
- unless new_resource.permissions[user]
- converge_by("revoke all for #{user} on #{new_resource}") do
- Chef::Log.info("Revoking all for #{user} on #{new_resource}")
- @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
- end
+ @current_resource.permissions.each_key do |user|
+ next if new_resource.permissions[user]
+
+ converge_by("revoke all for #{user} on #{new_resource}") do
+ Chef::Log.info("Revoking all for #{user} on #{new_resource}")
+ @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database)
end
end
- new_resource.permissions.each do |user,new_privileges|
+ new_resource.permissions.each do |user, new_privileges|
current_privileges = @current_resource.permissions[user] || {}
new_privileges = Array(new_privileges)
-
+
if new_privileges.include?(:all)
new_privileges |= Chef::PostgreSQL::TABLE_PRIVILEGES
end