Merge pull request #10707 from hashicorp/b-postgresql-schema-auth

Dept of second thoughts: remove authorization support ASAP.
2016-12-13 10:45:19 -08:00 · 2016-12-13 10:45:19 -08:00 · 60658fdfbc
parent a04ce1d09a 56a193f228
commit 60658fdfbc
3 changed files with 3 additions and 83 deletions
--- a/builtin/providers/postgresql/resource_postgresql_schema.go
+++ b/builtin/providers/postgresql/resource_postgresql_schema.go
@ -13,8 +13,7 @@ import (
 )

 const (
-	schemaNameAttr          = "name"
-	schemaAuthorizationAttr = "authorization"
+	schemaNameAttr = "name"
 )

 func resourcePostgreSQLSchema() *schema.Resource {
@ -33,12 +32,6 @@ func resourcePostgreSQLSchema() *schema.Resource {
 				Required:    true,
 				Description: "The name of the schema",
 			},
-			schemaAuthorizationAttr: {
-				Type:        schema.TypeString,
-				Optional:    true,
-				Computed:    true,
-				Description: "The role name of the owner of the schema",
-			},
 		},
 	}
 }
@ -55,10 +48,6 @@ func resourcePostgreSQLSchemaCreate(d *schema.ResourceData, meta interface{}) er
 	b := bytes.NewBufferString("CREATE SCHEMA ")
 	fmt.Fprintf(b, pq.QuoteIdentifier(schemaName))

-	if v, ok := d.GetOk(schemaAuthorizationAttr); ok {
-		fmt.Fprint(b, " AUTHORIZATION ", pq.QuoteIdentifier(v.(string)))
-	}
-
 	query := b.String()
 	_, err = conn.Query(query)
 	if err != nil {
@ -99,8 +88,8 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
 	defer conn.Close()

 	schemaId := d.Id()
-	var schemaName, schemaAuthorization string
-	err = conn.QueryRow("SELECT nspname, pg_catalog.pg_get_userbyid(nspowner) FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName, &schemaAuthorization)
+	var schemaName string
+	err = conn.QueryRow("SELECT nspname FROM pg_catalog.pg_namespace WHERE nspname=$1", schemaId).Scan(&schemaName)
 	switch {
 	case err == sql.ErrNoRows:
 		log.Printf("[WARN] PostgreSQL schema (%s) not found", schemaId)
@ -110,7 +99,6 @@ func resourcePostgreSQLSchemaRead(d *schema.ResourceData, meta interface{}) erro
 		return errwrap.Wrapf("Error reading schema: {{err}}", err)
 	default:
 		d.Set(schemaNameAttr, schemaName)
-		d.Set(schemaAuthorizationAttr, schemaAuthorization)
 		d.SetId(schemaName)
 		return nil
 	}
@ -128,10 +116,6 @@ func resourcePostgreSQLSchemaUpdate(d *schema.ResourceData, meta interface{}) er
 		return err
 	}

-	if err := setSchemaAuthorization(conn, d); err != nil {
-		return err
-	}
-
 	return resourcePostgreSQLSchemaRead(d, meta)
 }

@ -155,23 +139,3 @@ func setSchemaName(conn *sql.DB, d *schema.ResourceData) error {

 	return nil
 }
-
-func setSchemaAuthorization(conn *sql.DB, d *schema.ResourceData) error {
-	if !d.HasChange(schemaAuthorizationAttr) {
-		return nil
-	}
-
-	schemaAuthorization := d.Get(schemaAuthorizationAttr).(string)
-	if schemaAuthorization == "" {
-		return nil
-	}
-
-	schemaName := d.Get(schemaNameAttr).(string)
-	query := fmt.Sprintf("ALTER SCHEMA %s OWNER TO %s", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(schemaAuthorization))
-
-	if _, err := conn.Query(query); err != nil {
-		return errwrap.Wrapf("Error updating schema AUTHORIZATION: {{err}}", err)
-	}
-
-	return nil
-}
--- a/builtin/providers/postgresql/resource_postgresql_schema_test.go
+++ b/builtin/providers/postgresql/resource_postgresql_schema_test.go
@ -26,34 +26,6 @@ func TestAccPostgresqlSchema_Basic(t *testing.T) {

 					resource.TestCheckResourceAttr(
 						"postgresql_schema.test1", "name", "foo"),
-					// `postgres` is a calculated value
-					// based on the username used in the
-					// provider
-					resource.TestCheckResourceAttr(
-						"postgresql_schema.test1", "authorization", "postgres"),
-				),
-			},
-		},
-	})
-
-	resource.Test(t, resource.TestCase{
-		PreCheck:     func() { testAccPreCheck(t) },
-		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckPostgresqlSchemaDestroy,
-		Steps: []resource.TestStep{
-			{
-				Config: testAccPostgresqlSchemaAuthConfig,
-				Check: resource.ComposeTestCheckFunc(
-					testAccCheckPostgresqlSchemaExists("postgresql_schema.test2", "foo2"),
-					resource.TestCheckResourceAttr(
-						"postgresql_role.myrole4", "name", "myrole4"),
-					resource.TestCheckResourceAttr(
-						"postgresql_role.myrole4", "login", "true"),
-
-					resource.TestCheckResourceAttr(
-						"postgresql_schema.test2", "name", "foo2"),
-					resource.TestCheckResourceAttr(
-						"postgresql_schema.test2", "authorization", "myrole4"),
 				),
 			},
 		},
@ -141,15 +113,3 @@ resource "postgresql_schema" "test1" {
  name = "foo"
 }
 `
-
-var testAccPostgresqlSchemaAuthConfig = `
-resource "postgresql_role" "myrole4" {
-  name = "myrole4"
-  login = true
-}
-
-resource "postgresql_schema" "test2" {
-  name = "foo2"
-  authorization = "${postgresql_role.myrole4.name}"
-}
-`
--- a/website/source/docs/providers/postgresql/r/postgresql_schema.html.markdown
+++ b/website/source/docs/providers/postgresql/r/postgresql_schema.html.markdown
@ -17,7 +17,6 @@ PostgreSQL database.
 ```
 resource "postgresql_schema" "my_schema" {
  name = "my_schema"
-  authorization = "my_role"
 }
 ```

@ -26,9 +25,6 @@ resource "postgresql_schema" "my_schema" {
 * `name` - (Required) The name of the schema. Must be unique in the PostgreSQL
  database instance where it is configured.

-* `authorization` - (Optional) The owner of the schema.  Defaults to the
-  username configured in the schema's provider.
-
 ## Import Example

 `postgresql_schema` supports importing resources.  Supposing the following