Merge pull request #10707 from hashicorp/b-postgresql-schema-auth

Dept of second thoughts: remove authorization support ASAP.
This commit is contained in:
Sean Chittenden 2016-12-13 10:45:19 -08:00 committed by GitHub
commit 60658fdfbc
3 changed files with 3 additions and 83 deletions

View File

@ -13,8 +13,7 @@ import (
) )
const ( const (
schemaNameAttr = "name" schemaNameAttr = "name"
schemaAuthorizationAttr = "authorization"
) )
func resourcePostgreSQLSchema() *schema.Resource { func resourcePostgreSQLSchema() *schema.Resource {
@ -33,12 +32,6 @@ func resourcePostgreSQLSchema() *schema.Resource {
Required: true, Required: true,
Description: "The name of the schema", Description: "The name of the schema",
}, },
schemaAuthorizationAttr: {
Type: schema.TypeString,
Optional: true,
Computed: true,
Description: "The role name of the owner of the schema",
},
}, },
} }
} }
@ -55,10 +48,6 @@ func resourcePostgreSQLSchemaCreate(d *schema.ResourceData, meta interface{}) er
b := bytes.NewBufferString("CREATE SCHEMA ") b := bytes.NewBufferString("CREATE SCHEMA ")
fmt.Fprintf(b, pq.QuoteIdentifier(schemaName)) fmt.Fprintf(b, pq.QuoteIdentifier(schemaName))
if v, ok := d.GetOk(schemaAuthorizationAttr); ok {
fmt.Fprint(b, " AUTHORIZATION ", pq.QuoteIdentifier(v.(string)))
}
query := b.String() query := b.String()
_, err = conn.Query(query) _, err = conn.Query(query)
if err != nil { if err != nil {
@ -99,8 +88,8 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
defer conn.Close() defer conn.Close()
schemaId := d.Id() schemaId := d.Id()
var schemaName, schemaAuthorization string var schemaName string
err = conn.QueryRow("SELECT nspname, pg_catalog.pg_get_userbyid(nspowner) FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName, &schemaAuthorization) err = conn.QueryRow("SELECT nspname FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName)
switch { switch {
case err == sql.ErrNoRows: case err == sql.ErrNoRows:
log.Printf("[WARN] PostgreSQL schema (%s) not found", schemaId) log.Printf("[WARN] PostgreSQL schema (%s) not found", schemaId)
@ -110,7 +99,6 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
return errwrap.Wrapf("Error reading schema: {{err}}", err) return errwrap.Wrapf("Error reading schema: {{err}}", err)
default: default:
d.Set(schemaNameAttr, schemaName) d.Set(schemaNameAttr, schemaName)
d.Set(schemaAuthorizationAttr, schemaAuthorization)
d.SetId(schemaName) d.SetId(schemaName)
return nil return nil
} }
@ -128,10 +116,6 @@ func resourcePostgreSQLSchemaUpdate(d *schema.ResourceData, meta interface{}) er
return err return err
} }
if err := setSchemaAuthorization(conn, d); err != nil {
return err
}
return resourcePostgreSQLSchemaRead(d, meta) return resourcePostgreSQLSchemaRead(d, meta)
} }
@ -155,23 +139,3 @@ func setSchemaName(conn *sql.DB, d *schema.ResourceData) error {
return nil return nil
} }
func setSchemaAuthorization(conn *sql.DB, d *schema.ResourceData) error {
if !d.HasChange(schemaAuthorizationAttr) {
return nil
}
schemaAuthorization := d.Get(schemaAuthorizationAttr).(string)
if schemaAuthorization == "" {
return nil
}
schemaName := d.Get(schemaNameAttr).(string)
query := fmt.Sprintf("ALTER SCHEMA %s OWNER TO %s", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(schemaAuthorization))
if _, err := conn.Query(query); err != nil {
return errwrap.Wrapf("Error updating schema AUTHORIZATION: {{err}}", err)
}
return nil
}

View File

@ -26,34 +26,6 @@ func TestAccPostgresqlSchema_Basic(t *testing.T) {
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"postgresql_schema.test1", "name", "foo"), "postgresql_schema.test1", "name", "foo"),
// `postgres` is a calculated value
// based on the username used in the
// provider
resource.TestCheckResourceAttr(
"postgresql_schema.test1", "authorization", "postgres"),
),
},
},
})
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckPostgresqlSchemaDestroy,
Steps: []resource.TestStep{
{
Config: testAccPostgresqlSchemaAuthConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckPostgresqlSchemaExists("postgresql_schema.test2", "foo2"),
resource.TestCheckResourceAttr(
"postgresql_role.myrole4", "name", "myrole4"),
resource.TestCheckResourceAttr(
"postgresql_role.myrole4", "login", "true"),
resource.TestCheckResourceAttr(
"postgresql_schema.test2", "name", "foo2"),
resource.TestCheckResourceAttr(
"postgresql_schema.test2", "authorization", "myrole4"),
), ),
}, },
}, },
@ -141,15 +113,3 @@ resource "postgresql_schema" "test1" {
name = "foo" name = "foo"
} }
` `
var testAccPostgresqlSchemaAuthConfig = `
resource "postgresql_role" "myrole4" {
name = "myrole4"
login = true
}
resource "postgresql_schema" "test2" {
name = "foo2"
authorization = "${postgresql_role.myrole4.name}"
}
`

View File

@ -17,7 +17,6 @@ PostgreSQL database.
``` ```
resource "postgresql_schema" "my_schema" { resource "postgresql_schema" "my_schema" {
name = "my_schema" name = "my_schema"
authorization = "my_role"
} }
``` ```
@ -26,9 +25,6 @@ resource "postgresql_schema" "my_schema" {
* `name` - (Required) The name of the schema. Must be unique in the PostgreSQL * `name` - (Required) The name of the schema. Must be unique in the PostgreSQL
database instance where it is configured. database instance where it is configured.
* `authorization` - (Optional) The owner of the schema. Defaults to the
username configured in the schema's provider.
## Import Example ## Import Example
`postgresql_schema` supports importing resources. Supposing the following `postgresql_schema` supports importing resources. Supposing the following