Skip to content

Commit b4d514f

Browse files
author
Matthias Fuhrmeister
committed
integrate schema create permission into exisiting method
1 parent d7d3a70 commit b4d514f

File tree

5 files changed

+20
-50
lines changed

5 files changed

+20
-50
lines changed

pkg/controller/postgres/postgres_controller.go

Lines changed: 2 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -220,17 +220,12 @@ func (r *ReconcilePostgres) Reconcile(request reconcile.Request) (_ reconcile.Re
220220
}
221221

222222
// Set privileges on schema
223-
err = r.pg.SetSchemaPrivileges(database, owner, reader, schema, readerPrivs, reqLogger)
223+
err = r.pg.SetSchemaPrivileges(database, owner, reader, schema, readerPrivs, false, reqLogger)
224224
if err != nil {
225225
reqLogger.Error(err, fmt.Sprintf("Could not give %s permissions \"%s\"", reader, readerPrivs))
226226
continue
227227
}
228-
err = r.pg.SetSchemaPrivileges(database, owner, writer, schema, writerPrivs, reqLogger)
229-
if err != nil {
230-
reqLogger.Error(err, fmt.Sprintf("Could not give %s permissions \"%s\"", writer, writerPrivs))
231-
continue
232-
}
233-
err = r.pg.SetSchemaPrivilegesCreate(database, owner, writer, schema, writerPrivs, reqLogger)
228+
err = r.pg.SetSchemaPrivileges(database, owner, writer, schema, writerPrivs, true, reqLogger)
234229
if err != nil {
235230
reqLogger.Error(err, fmt.Sprintf("Could not give %s permissions \"%s\"", writer, writerPrivs))
236231
continue

pkg/controller/postgres/postgres_controller_test.go

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -682,12 +682,10 @@ var _ = Describe("ReconcilePostgres", func() {
682682
// Expected method calls
683683
// customers schema
684684
pg.EXPECT().CreateSchema(name, name+"-group", "customers", gomock.Any()).Return(nil).Times(1)
685-
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "customers", gomock.Any(), gomock.Any()).Return(nil).Times(2)
686-
pg.EXPECT().SetSchemaPrivilegesCreate(name, name+"-group", name+"-writer", "customers", gomock.Any(), gomock.Any()).Return(nil).Times(1)
685+
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "customers", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil).Times(2)
687686
// stores schema
688687
pg.EXPECT().CreateSchema(name, name+"-group", "stores", gomock.Any()).Return(nil).Times(1)
689-
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "stores", gomock.Any(), gomock.Any()).Return(nil).Times(2)
690-
pg.EXPECT().SetSchemaPrivilegesCreate(name, name+"-group", name+"-writer", "stores", gomock.Any(), gomock.Any()).Return(nil).Times(1)
688+
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "stores", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil).Times(2)
691689
})
692690

693691
It("should update status", func() {
@@ -709,12 +707,11 @@ var _ = Describe("ReconcilePostgres", func() {
709707
// Expected method calls
710708
// customers schema errors
711709
pg.EXPECT().CreateSchema(name, name+"-group", "customers", gomock.Any()).Return(fmt.Errorf("Could not create schema")).Times(1)
712-
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "customers", gomock.Any(), gomock.Any()).Return(nil).Times(0)
713-
pg.EXPECT().SetSchemaPrivilegesCreate(name, name+"-group", name+"-writer", "customers", gomock.Any(), gomock.Any()).Return(nil).Times(0)
710+
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "customers", gomock.Any(), gomock.Any() ,gomock.Any()).Return(nil).Times(0)
714711
// stores schema
715712
pg.EXPECT().CreateSchema(name, name+"-group", "stores", gomock.Any()).Return(nil).Times(1)
716-
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "stores", gomock.Any(), gomock.Any()).Return(nil).Times(2)
717-
pg.EXPECT().SetSchemaPrivilegesCreate(name, name+"-group", name+"-writer", "stores", gomock.Any(), gomock.Any()).Return(nil).Times(1)
713+
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "stores", gomock.Any(), false, gomock.Any()).Return(nil).Times(1)
714+
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "stores", gomock.Any(), true, gomock.Any()).Return(nil).Times(1)
718715
})
719716

720717
It("should update status", func() {
@@ -755,8 +752,7 @@ var _ = Describe("ReconcilePostgres", func() {
755752
// Expected method calls
756753
// customers schema
757754
pg.EXPECT().CreateSchema(name, name+"-group", "customers", gomock.Any()).Return(nil).Times(1)
758-
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "customers", gomock.Any(), gomock.Any()).Return(nil).Times(2)
759-
pg.EXPECT().SetSchemaPrivilegesCreate(name, name+"-group", name+"-writer", "customers", gomock.Any(), gomock.Any()).Return(nil).Times(1)
755+
pg.EXPECT().SetSchemaPrivileges(name, name+"-group", gomock.Any(), "customers", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil).Times(2)
760756
// stores schema already exists
761757
pg.EXPECT().CreateSchema(name, name+"-group", "stores", gomock.Any()).Times(0)
762758
// Call reconcile

pkg/postgres/database.go

Lines changed: 7 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ func (c *pg) CreateExtension(db, extension string, logger logr.Logger) error {
9595
return nil
9696
}
9797

98-
func (c *pg) SetSchemaPrivileges(db, creator, role, schema, privs string, logger logr.Logger) error {
98+
func (c *pg) SetSchemaPrivileges(db, creator, role, schema, privs string, createSchema bool, logger logr.Logger) error {
9999
tmpDb, err := GetConnection(c.user, c.pass, c.host, db, c.args, logger)
100100
if err != nil {
101101
return err
@@ -119,20 +119,14 @@ func (c *pg) SetSchemaPrivileges(db, creator, role, schema, privs string, logger
119119
if err != nil {
120120
return err
121121
}
122-
return nil
123-
}
124122

125-
func (c *pg) SetSchemaPrivilegesCreate(db, creator, role, schema, privs string, logger logr.Logger) error {
126-
tmpDb, err := GetConnection(c.user, c.pass, c.host, db, c.args, logger)
127-
if err != nil {
128-
return err
123+
// Grant role usage on schema if createSchema
124+
if createSchema {
125+
_, err = tmpDb.Exec(fmt.Sprintf(GRANT_CREATE_TABLE, schema, role))
126+
if err != nil {
127+
return err
128+
}
129129
}
130-
defer tmpDb.Close()
131130

132-
// Grant role usage on schema
133-
_, err = tmpDb.Exec(fmt.Sprintf(GRANT_CREATE_TABLE, schema, role))
134-
if err != nil {
135-
return err
136-
}
137131
return nil
138132
}

pkg/postgres/mock/postgres.go

Lines changed: 4 additions & 18 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/postgres/postgres.go

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,7 @@ type PG interface {
1616
CreateUserRole(role, password string) (string, error)
1717
UpdatePassword(role, password string) error
1818
GrantRole(role, grantee string) error
19-
SetSchemaPrivileges(db, creator, role, schema, privs string, logger logr.Logger) error
20-
SetSchemaPrivilegesCreate(db, creator, role, schema, privs string, logger logr.Logger) error
19+
SetSchemaPrivileges(db, creator, role, schema, privs string, createSchema bool, logger logr.Logger) error
2120
RevokeRole(role, revoked string) error
2221
AlterDefaultLoginRole(role, setRole string) error
2322
DropDatabase(db string, logger logr.Logger) error

0 commit comments

Comments
 (0)