X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/741593ee2bf203c9261f604d094e3d8e621698a8..44166d054d076ce26743c466ce002d7bc2e3c4dd:/cookbooks/postgresql/resources/table.rb diff --git a/cookbooks/postgresql/resources/table.rb b/cookbooks/postgresql/resources/table.rb index 4bb2431ee..5970f4e0a 100644 --- a/cookbooks/postgresql/resources/table.rb +++ b/cookbooks/postgresql/resources/table.rb @@ -17,13 +17,15 @@ # limitations under the License. # +unified_mode true + default_action :create property :table, :kind_of => String, :name_property => true property :cluster, :kind_of => String, :required => true property :database, :kind_of => String, :required => true property :schema, :kind_of => String, :default => "public" -property :owner, :kind_of => String, :required => true +property :owner, :kind_of => String, :required => [:create] property :permissions, :kind_of => Hash, :default => {} action :create do @@ -40,7 +42,7 @@ action :create do converge_by("revoke all for #{user} on #{new_resource}") do Chef::Log.info("Revoking all for #{user} on #{new_resource}") - cluster.execute(:command => "REVOKE ALL ON #{qualified_name} FROM \"#{user}\"", :database => new_resource.database) + cluster.execute(:command => "REVOKE ALL ON TABLE #{qualified_name} FROM \"#{user}\"", :database => new_resource.database) end end @@ -57,13 +59,13 @@ action :create do unless current_privileges.include?(privilege) converge_by("grant #{privilege} for #{user} on #{new_resource}") do Chef::Log.info("Granting #{privilege} for #{user} on #{new_resource}") - cluster.execute(:command => "GRANT #{privilege.to_s.upcase} ON #{qualified_name} TO \"#{user}\"", :database => new_resource.database) + cluster.execute(:command => "GRANT #{privilege.to_s.upcase} ON TABLE #{qualified_name} TO \"#{user}\"", :database => new_resource.database) end end elsif current_privileges.include?(privilege) converge_by("revoke #{privilege} for #{user} on #{new_resource}") do Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}") - cluster.execute(:command => "REVOKE #{privilege.to_s.upcase} ON #{qualified_name} FROM \"#{user}\"", :database => new_resource.database) + cluster.execute(:command => "REVOKE #{privilege.to_s.upcase} ON TABLE #{qualified_name} FROM \"#{user}\"", :database => new_resource.database) end end end