Dept of second thoughts: remove authorization support before 0.8

releases.

When postgresql_schema_policy lands this attribute should be removed in
order to provide a single way of accomplishing setting permissions on
schema objects.

builtin/providers/postgresql/resource_postgresql_schema.go

@@ -13,8 +13,7 @@ import (
 )
 
 const (
-	schemaNameAttr          = "name"
+	schemaNameAttr = "name"
-	schemaAuthorizationAttr = "authorization"
 )
 
 func resourcePostgreSQLSchema() *schema.Resource {
@@ -33,12 +32,6 @@ func resourcePostgreSQLSchema() *schema.Resource {
 				Required:    true,
 				Description: "The name of the schema",
 			},
-			schemaAuthorizationAttr: {
-				Type:        schema.TypeString,
-				Optional:    true,
-				Computed:    true,
-				Description: "The role name of the owner of the schema",
-			},
 		},
 	}
 }
@@ -55,10 +48,6 @@ func resourcePostgreSQLSchemaCreate(d *schema.ResourceData, meta interface{}) er
 	b := bytes.NewBufferString("CREATE SCHEMA ")
 	fmt.Fprintf(b, pq.QuoteIdentifier(schemaName))
 
-	if v, ok := d.GetOk(schemaAuthorizationAttr); ok {
-		fmt.Fprint(b, " AUTHORIZATION ", pq.QuoteIdentifier(v.(string)))
-	}
-
 	query := b.String()
 	_, err = conn.Query(query)
 	if err != nil {
@@ -99,8 +88,8 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
 	defer conn.Close()
 
 	schemaId := d.Id()
-	var schemaName, schemaAuthorization string
+	var schemaName string
-	err = conn.QueryRow("SELECT nspname, pg_catalog.pg_get_userbyid(nspowner) FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName, &schemaAuthorization)
+	err = conn.QueryRow("SELECT nspname FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName)
 	switch {
 	case err == sql.ErrNoRows:
 		log.Printf("[WARN] PostgreSQL schema (%s) not found", schemaId)
@@ -110,7 +99,6 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
 		return errwrap.Wrapf("Error reading schema: {{err}}", err)
 	default:
 		d.Set(schemaNameAttr, schemaName)
-		d.Set(schemaAuthorizationAttr, schemaAuthorization)
 		d.SetId(schemaName)
 		return nil
 	}
@@ -128,10 +116,6 @@ func resourcePostgreSQLSchemaUpdate(d *schema.ResourceData, meta interface{}) er
 		return err
 	}
 
-	if err := setSchemaAuthorization(conn, d); err != nil {
-		return err
-	}
-
 	return resourcePostgreSQLSchemaRead(d, meta)
 }
 
@@ -155,23 +139,3 @@ func setSchemaName(conn *sql.DB, d *schema.ResourceData) error {
 
 	return nil
 }
-
-func setSchemaAuthorization(conn *sql.DB, d *schema.ResourceData) error {
-	if !d.HasChange(schemaAuthorizationAttr) {
-		return nil
-	}
-
-	schemaAuthorization := d.Get(schemaAuthorizationAttr).(string)
-	if schemaAuthorization == "" {
-		return nil
-	}
-
-	schemaName := d.Get(schemaNameAttr).(string)
-	query := fmt.Sprintf("ALTER SCHEMA %s OWNER TO %s", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(schemaAuthorization))
-
-	if _, err := conn.Query(query); err != nil {
-		return errwrap.Wrapf("Error updating schema AUTHORIZATION: {{err}}", err)
-	}
-
-	return nil
-}

builtin/providers/postgresql/resource_postgresql_schema_test.go

@@ -26,34 +26,6 @@ func TestAccPostgresqlSchema_Basic(t *testing.T) {
 
 					resource.TestCheckResourceAttr(
 						"postgresql_schema.test1", "name", "foo"),
-					// `postgres` is a calculated value
-					// based on the username used in the
-					// provider
-					resource.TestCheckResourceAttr(
-						"postgresql_schema.test1", "authorization", "postgres"),
-				),
-			},
-		},
-	})
-
-	resource.Test(t, resource.TestCase{
-		PreCheck:     func() { testAccPreCheck(t) },
-		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckPostgresqlSchemaDestroy,
-		Steps: []resource.TestStep{
-			{
-				Config: testAccPostgresqlSchemaAuthConfig,
-				Check: resource.ComposeTestCheckFunc(
-					testAccCheckPostgresqlSchemaExists("postgresql_schema.test2", "foo2"),
-					resource.TestCheckResourceAttr(
-						"postgresql_role.myrole4", "name", "myrole4"),
-					resource.TestCheckResourceAttr(
-						"postgresql_role.myrole4", "login", "true"),
-
-					resource.TestCheckResourceAttr(
-						"postgresql_schema.test2", "name", "foo2"),
-					resource.TestCheckResourceAttr(
-						"postgresql_schema.test2", "authorization", "myrole4"),
 				),
 			},
 		},
@@ -141,15 +113,3 @@ resource "postgresql_schema" "test1" {
   name = "foo"
 }
 `
-
-var testAccPostgresqlSchemaAuthConfig = `
-resource "postgresql_role" "myrole4" {
-  name = "myrole4"
-  login = true
-}
-
-resource "postgresql_schema" "test2" {
-  name = "foo2"
-  authorization = "${postgresql_role.myrole4.name}"
-}
-`

website/source/docs/providers/postgresql/r/postgresql_schema.html.markdown

@@ -17,7 +17,6 @@ PostgreSQL database.
 ```
 resource "postgresql_schema" "my_schema" {
   name = "my_schema"
-  authorization = "my_role"
 }
 ```
 
@@ -26,9 +25,6 @@ resource "postgresql_schema" "my_schema" {
 * `name` - (Required) The name of the schema. Must be unique in the PostgreSQL
   database instance where it is configured.
 
-* `authorization` - (Optional) The owner of the schema.  Defaults to the
-  username configured in the schema's provider.
-
 ## Import Example
 
 `postgresql_schema` supports importing resources.  Supposing the following