forked from puppetlabs/puppetlabs-postgresql
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathreassign_owned_by.pp
67 lines (61 loc) · 2.94 KB
/
reassign_owned_by.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# @summary Define for reassigning the ownership of objects within a database.
#
# @note This enables us to force the a particular ownership for objects within a database
#
# @param old_role Specifies the role or user who is the current owner of the objects in the specified db
# @param new_role Specifies the role or user who will be the new owner of these objects
# @param db Specifies the database to which the 'REASSIGN OWNED' will be applied
# @param psql_user Specifies the OS user for running psql.
# @param port Port to use when connecting.
# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server.
define postgresql::server::reassign_owned_by (
String $old_role,
String $new_role,
String $db,
String $psql_user = $postgresql::server::user,
Variant[String[1], Stdlib::Port] $port = $postgresql::server::port,
Hash $connect_settings = $postgresql::server::default_connect_settings,
) {
$sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\""
$group = $postgresql::server::group
$psql_path = $postgresql::server::psql_path
#
# Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port
#
if $port != undef {
$port_override = $port
} elsif $connect_settings != undef and 'PGPORT' in $connect_settings {
$port_override = undef
} else {
$port_override = $postgresql::server::port
}
$onlyif = "SELECT tablename FROM pg_catalog.pg_tables WHERE
schemaname NOT IN ('pg_catalog', 'information_schema') AND
tableowner = '${old_role}'
UNION ALL SELECT proname FROM pg_catalog.pg_proc WHERE
pg_get_userbyid(proowner) = '${old_role}'
UNION ALL SELECT viewname FROM pg_catalog.pg_views WHERE
pg_views.schemaname NOT IN ('pg_catalog', 'information_schema') AND
viewowner = '${old_role}'
UNION ALL SELECT relname FROM pg_catalog.pg_class WHERE
relkind='S' AND pg_get_userbyid(relowner) = '${old_role}'"
postgresql_psql { "reassign_owned_by:${db}:${sql_command}":
command => $sql_command,
db => $db,
port => $port_override,
connect_settings => $connect_settings,
psql_user => $psql_user,
psql_group => $group,
psql_path => $psql_path,
onlyif => $onlyif,
}
if($old_role != undef and defined(Postgresql::Server::Role[$old_role])) {
Postgresql::Server::Role[$old_role] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"]
}
if($new_role != undef and defined(Postgresql::Server::Role[$new_role])) {
Postgresql::Server::Role[$new_role] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"]
}
if($db != undef and defined(Postgresql::Server::Database[$db])) {
Postgresql::Server::Database[$db] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"]
}
}