diff options
| author | Adrian Likins <alikins@redhat.com> | 2017-02-15 15:28:29 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-02-15 15:28:29 -0500 |
| commit | 499d3a1b531548f00f820552c685912b2465d2b2 (patch) | |
| tree | f669b0243fa081cf1e017d7f8895849196fdcb20 | |
| parent | 6fae1d2bbfa1086e4fc18e95acac96f98d838480 (diff) | |
| download | ansible-499d3a1b531548f00f820552c685912b2465d2b2.tar.gz | |
add a intg test for issue #19835 (#21487)
(postgresql_user changing role_attr_flags with no_password_checks
fails)
| -rw-r--r-- | test/integration/targets/postgresql/defaults/main.yml | 1 | ||||
| -rw-r--r-- | test/integration/targets/postgresql/tasks/main.yml | 106 |
2 files changed, 107 insertions, 0 deletions
diff --git a/test/integration/targets/postgresql/defaults/main.yml b/test/integration/targets/postgresql/defaults/main.yml index a78f817a63..0dee1f0fc3 100644 --- a/test/integration/targets/postgresql/defaults/main.yml +++ b/test/integration/targets/postgresql/defaults/main.yml @@ -3,5 +3,6 @@ db_name: 'ansible_db' db_user1: 'ansible_db_user1' db_user2: 'ansible_db_user2' +db_user3: 'ansible_db_user3' tmp_dir: '/tmp' diff --git a/test/integration/targets/postgresql/tasks/main.yml b/test/integration/targets/postgresql/tasks/main.yml index dd9de5e5cd..b6cad4106d 100644 --- a/test/integration/targets/postgresql/tasks/main.yml +++ b/test/integration/targets/postgresql/tasks/main.yml @@ -374,6 +374,112 @@ that: - "result.stdout_lines[-1] == '(0 rows)'" +# Test cases to replicate issue 19835 +- name: Create a user "{{ db_user3 }}" to test issue 19835 + become_user: "{{ pg_user }}" + become: True + postgresql_user: + name: "{{ db_user3 }}" + encrypted: 'yes' + password: "md55c8ccfd9d6711fc69a7eae647fc54f51" + login_user: "{{ pg_user }}" + #role_attr_flags: "NOSUPERUSER,NOCREATEROLE,NOCREATEDB,noinherit,NOLOGIN" + db: postgres + register: result + +- name: Check that ansible reports that "{{ db_user3 }}" was created for testing issue 19835 + assert: + that: + - "result.changed == True" + +- name: debug result + debug: + var: result + +- name: Check that "{{ db_user3 }}" was created for testing issue 19835 + become_user: "{{ pg_user }}" + become: True + shell: echo "select * from pg_user where usename='{{ db_user3 }}';" | psql -d postgres + register: result + +- assert: + that: + - "result.stdout_lines[-1] == '(1 row)'" + +- name: Modify user "{{ db_user3 }}" to have only login role attributes for testing issue 19835 + become_user: "{{ pg_user }}" + become: True + postgresql_user: + name: "{{ db_user3 }}" + state: "present" + role_attr_flags: "NOSUPERUSER,NOCREATEROLE,NOCREATEDB,noinherit" + login_user: "{{ pg_user }}" + db: postgres + register: result + +- name: Check that ansible reports it modified the roles for testing issue 19835 + assert: + that: + - "result.changed == True" + +- name: Check that the user "{{ db_user3 }}" has the requested role attributes for testing issue 19835 + become_user: "{{ pg_user }}" + become: True + shell: echo "select 'super:'||rolsuper, 'createrole:'||rolcreaterole, 'create:'||rolcreatedb, 'inherit:'||rolinherit, 'login:'||rolcanlogin from pg_roles where rolname='{{ db_user3 }}';" | psql -d postgres + register: result + +- name: Modify a single role attribute on the user "{{ db_user3 }}" with no_password_changes set to yes. issue 19835 + become_user: "{{ pg_user }}" + become: True + postgresql_user: + name: "{{ db_user3 }}" + state: "present" + role_attr_flags: "CREATEDB" + no_password_changes: yes + login_user: "{{ pg_user }}" + db: postgres + register: result + +- name: Check that ansible reports it modified the role with no_password_changes set to yes. issue 19835 + assert: + that: + - "result.changed == True" + +- name: Check that the user "{{ db_user3 }}" has the requested role attributes with no_password_changes set to yes. issue 19835 + become_user: "{{ pg_user }}" + become: True + shell: echo "select 'super:'||rolsuper, 'createrole:'||rolcreaterole, 'create:'||rolcreatedb, 'inherit:'||rolinherit, 'login:'||rolcanlogin from pg_roles where rolname='{{ db_user3 }}';" | psql -d postgres + register: result + +- name: Assert that the request role attributes check for user "{{ db_user3 }}" was correct with no_password_changes set to yes. issue 19835 + assert: + that: + - "result.stdout_lines[-1] == '(1 row)'" + - "'super:f' in result.stdout_lines[-2]" + - "'createrole:f' in result.stdout_lines[-2]" + - "'create:t' in result.stdout_lines[-2]" + - "'inherit:f' in result.stdout_lines[-2]" + - "'login:t' in result.stdout_lines[-2]" + +- name: Cleanup the "{{ db_user3 }}" user + become_user: "{{ pg_user }}" + become: True + postgresql_user: + name: "{{ db_user3 }}" + state: 'absent' + login_user: "{{ pg_user }}" + db: postgres + +- name: Check that "{{ db_user3 }}" was removed + become_user: "{{ pg_user }}" + become: True + shell: echo "select * from pg_user where usename='{{ db_user3 }}';" | psql -d postgres + register: result + +- assert: + that: + - "result.stdout_lines[-1] == '(0 rows)'" + ### TODO: test expires, fail_on_user # |