Dept of second thoughts: remove authorization support before 0.8

releases.

When postgresql_schema_policy lands this attribute should be removed in
order to provide a single way of accomplishing setting permissions on
schema objects.
This commit is contained in:
Sean Chittenden 2016-12-13 10:28:06 -08:00
parent 7cda9e8c74
commit 56a193f228
No known key found for this signature in database
GPG Key ID: 4EBC9DC16C2E5E16
3 changed files with 3 additions and 83 deletions

View File

@ -13,8 +13,7 @@ import (
)
const (
schemaNameAttr = "name"
schemaAuthorizationAttr = "authorization"
schemaNameAttr = "name"
)
func resourcePostgreSQLSchema() *schema.Resource {
@ -33,12 +32,6 @@ func resourcePostgreSQLSchema() *schema.Resource {
Required: true,
Description: "The name of the schema",
},
schemaAuthorizationAttr: {
Type: schema.TypeString,
Optional: true,
Computed: true,
Description: "The role name of the owner of the schema",
},
},
}
}
@ -55,10 +48,6 @@ func resourcePostgreSQLSchemaCreate(d *schema.ResourceData, meta interface{}) er
b := bytes.NewBufferString("CREATE SCHEMA ")
fmt.Fprintf(b, pq.QuoteIdentifier(schemaName))
if v, ok := d.GetOk(schemaAuthorizationAttr); ok {
fmt.Fprint(b, " AUTHORIZATION ", pq.QuoteIdentifier(v.(string)))
}
query := b.String()
_, err = conn.Query(query)
if err != nil {
@ -99,8 +88,8 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
defer conn.Close()
schemaId := d.Id()
var schemaName, schemaAuthorization string
err = conn.QueryRow("SELECT nspname, pg_catalog.pg_get_userbyid(nspowner) FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName, &schemaAuthorization)
var schemaName string
err = conn.QueryRow("SELECT nspname FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName)
switch {
case err == sql.ErrNoRows:
log.Printf("[WARN] PostgreSQL schema (%s) not found", schemaId)
@ -110,7 +99,6 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
return errwrap.Wrapf("Error reading schema: {{err}}", err)
default:
d.Set(schemaNameAttr, schemaName)
d.Set(schemaAuthorizationAttr, schemaAuthorization)
d.SetId(schemaName)
return nil
}
@ -128,10 +116,6 @@ func resourcePostgreSQLSchemaUpdate(d *schema.ResourceData, meta interface{}) er
return err
}
if err := setSchemaAuthorization(conn, d); err != nil {
return err
}
return resourcePostgreSQLSchemaRead(d, meta)
}
@ -155,23 +139,3 @@ func setSchemaName(conn *sql.DB, d *schema.ResourceData) error {
return nil
}
func setSchemaAuthorization(conn *sql.DB, d *schema.ResourceData) error {
if !d.HasChange(schemaAuthorizationAttr) {
return nil
}
schemaAuthorization := d.Get(schemaAuthorizationAttr).(string)
if schemaAuthorization == "" {
return nil
}
schemaName := d.Get(schemaNameAttr).(string)
query := fmt.Sprintf("ALTER SCHEMA %s OWNER TO %s", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(schemaAuthorization))
if _, err := conn.Query(query); err != nil {
return errwrap.Wrapf("Error updating schema AUTHORIZATION: {{err}}", err)
}
return nil
}

View File

@ -26,34 +26,6 @@ func TestAccPostgresqlSchema_Basic(t *testing.T) {
resource.TestCheckResourceAttr(
"postgresql_schema.test1", "name", "foo"),
// `postgres` is a calculated value
// based on the username used in the
// provider
resource.TestCheckResourceAttr(
"postgresql_schema.test1", "authorization", "postgres"),
),
},
},
})
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckPostgresqlSchemaDestroy,
Steps: []resource.TestStep{
{
Config: testAccPostgresqlSchemaAuthConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckPostgresqlSchemaExists("postgresql_schema.test2", "foo2"),
resource.TestCheckResourceAttr(
"postgresql_role.myrole4", "name", "myrole4"),
resource.TestCheckResourceAttr(
"postgresql_role.myrole4", "login", "true"),
resource.TestCheckResourceAttr(
"postgresql_schema.test2", "name", "foo2"),
resource.TestCheckResourceAttr(
"postgresql_schema.test2", "authorization", "myrole4"),
),
},
},
@ -141,15 +113,3 @@ resource "postgresql_schema" "test1" {
name = "foo"
}
`
var testAccPostgresqlSchemaAuthConfig = `
resource "postgresql_role" "myrole4" {
name = "myrole4"
login = true
}
resource "postgresql_schema" "test2" {
name = "foo2"
authorization = "${postgresql_role.myrole4.name}"
}
`

View File

@ -17,7 +17,6 @@ PostgreSQL database.
```
resource "postgresql_schema" "my_schema" {
name = "my_schema"
authorization = "my_role"
}
```
@ -26,9 +25,6 @@ resource "postgresql_schema" "my_schema" {
* `name` - (Required) The name of the schema. Must be unique in the PostgreSQL
database instance where it is configured.
* `authorization` - (Optional) The owner of the schema. Defaults to the
username configured in the schema's provider.
## Import Example
`postgresql_schema` supports importing resources. Supposing the following