3 describe 'postgresql::server::grant_role', :type => :define do
5 "class { 'postgresql::server': }"
9 {:osfamily => 'Debian',
10 :operatingsystem => 'Debian',
11 :operatingsystemrelease => '6.0',
12 :kernel => 'Linux', :concat_basedir => tmpfilename('postgis'),
14 :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
18 let (:title) { 'test' }
25 context "with mandatory arguments only" do
27 is_expected.to contain_postgresql_psql("grant_role:#{title}").with({
28 :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"",
29 :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true",
30 }).that_requires('Class[postgresql::server]')
34 context "with db arguments" do
35 let (:params) { super().merge({
36 :psql_db => 'postgres',
37 :psql_user => 'postgres',
42 is_expected.to contain_postgresql_psql("grant_role:#{title}").with({
43 :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"",
44 :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true",
45 :db => params[:psql_db],
46 :psql_user => params[:psql_user],
47 :port => params[:port],
48 }).that_requires('Class[postgresql::server]')
52 context "with ensure => absent" do
53 let (:params) { super().merge({
58 is_expected.to contain_postgresql_psql("grant_role:#{title}").with({
59 :command => "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"",
60 :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') != true",
61 }).that_requires('Class[postgresql::server]')
65 context "with user defined" do
67 "class { 'postgresql::server': }
68 postgresql::server::role { '#{params[:role]}': }"
72 is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]")
75 is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]")
79 context "with group defined" do
81 "class { 'postgresql::server': }
82 postgresql::server::role { '#{params[:group]}': }"
86 is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]")
89 is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]")
93 context "with connect_settings" do
94 let (:params) { super().merge({
95 :connect_settings => { 'PGHOST' => 'postgres-db-server' },
99 is_expected.to contain_postgresql_psql("grant_role:#{title}").with_connect_settings( { 'PGHOST' => 'postgres-db-server' } )
102 is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires('Class[postgresql::server]')