X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/3a4b1c2078cd515e93a5f1bf8967f380fbd1646f..66c8810de3626826ca758bf47b0def637254c97c:/cookbooks/postgresql/providers/table.rb diff --git a/cookbooks/postgresql/providers/table.rb b/cookbooks/postgresql/providers/table.rb index 7bc8cfb02..495bf8b71 100644 --- a/cookbooks/postgresql/providers/table.rb +++ b/cookbooks/postgresql/providers/table.rb @@ -17,6 +17,8 @@ # limitations under the License. # +use_inline_resources + def load_current_resource @pg = Chef::PostgreSQL.new(new_resource.cluster) @tables = @pg.tables(new_resource.database) @@ -26,7 +28,7 @@ def load_current_resource @current_resource.cluster(new_resource.cluster) @current_resource.database(new_resource.database) @current_resource.schema(new_resource.schema) - if pg_table = @tables[@name] + if (pg_table = @tables[@name]) @current_resource.owner(pg_table[:owner]) @current_resource.permissions(pg_table[:permissions]) end @@ -43,11 +45,11 @@ action :create do end @current_resource.permissions.each_key do |user| - unless new_resource.permissions[user] - converge_by("revoke all for #{user} on #{new_resource}") do - Chef::Log.info("Revoking all for #{user} on #{new_resource}") - @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database) - end + next if new_resource.permissions[user] + + converge_by("revoke all for #{user} on #{new_resource}") do + Chef::Log.info("Revoking all for #{user} on #{new_resource}") + @pg.execute(:command => "REVOKE ALL ON #{@name} FROM \"#{user}\"", :database => new_resource.database) end end @@ -67,12 +69,10 @@ action :create do @pg.execute(:command => "GRANT #{privilege.to_s.upcase} ON #{@name} TO \"#{user}\"", :database => new_resource.database) end end - else - if current_privileges.include?(privilege) - converge_by("revoke #{privilege} for #{user} on #{new_resource}") do - Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}") - @pg.execute(:command => "REVOKE #{privilege.to_s.upcase} ON #{@name} FROM \"#{user}\"", :database => new_resource.database) - end + elsif current_privileges.include?(privilege) + converge_by("revoke #{privilege} for #{user} on #{new_resource}") do + Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}") + @pg.execute(:command => "REVOKE #{privilege.to_s.upcase} ON #{@name} FROM \"#{user}\"", :database => new_resource.database) end end end