From 23961a3f2f7ba2044e444b443b2e8eb1889c8214 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Sun, 15 Oct 2023 11:27:40 +0000
Subject: [PATCH] Grant roles to newly created users

---
 cookbooks/postgresql/resources/user.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/cookbooks/postgresql/resources/user.rb b/cookbooks/postgresql/resources/user.rb
index 31194fedc..6d0e07e47 100644
--- a/cookbooks/postgresql/resources/user.rb
+++ b/cookbooks/postgresql/resources/user.rb
@@ -43,6 +43,12 @@ action :create do
     converge_by "create role #{new_resource.user}" do
       cluster.execute(:command => "CREATE ROLE \"#{new_resource.user}\" LOGIN #{password} #{superuser} #{createdb} #{createrole}")
     end
+
+    Array(new_resource.roles).each do |role|
+      converge_by "grant #{role} to #{new_resource.user}" do
+        cluster.execute(:command => "GRANT \"#{role}\" TO \"#{new_resource.user}\"")
+      end
+    end
   else
     current_user = cluster.users[new_resource.user]
 
-- 
2.39.5