public_git
/
postgres-operator
mirror of https://github.com/zalando/postgres-operator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

rename re-addedwq roles

This commit is contained in:
Felix Kunde 2021-04-16 12:12:06 +02:00
parent 7164adb74d
commit be6a3cfbe0
2 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/cluster/sync.go
View File

@ -586,6 +586,10 @@ func (c *Cluster) syncRoles() (err error) {
for _, u := range c.pgUsers {
userNames = append(userNames, u.Name)
// add team user name with rename suffix in case we need to rename it back
if u.Origin == spec.RoleOriginTeamsAPI {
userNames = append(userNames, u.Name+constants.RoleRenameSuffix)
}
}
// add removed additional team members from cache

26
pkg/util/users/users.go
View File

@ -40,7 +40,8 @@ func (strategy DefaultUserSyncStrategy) ProduceSyncRequests(dbUsers spec.PgUserM
var reqs []spec.PgSyncUserRequest
for name, newUser := range newUsers {
dbUser, exists := dbUsers[name]
if !exists {
_, existsRenamed := dbUsers[name+constants.RoleRenameSuffix]
if !exists && !existsRenamed {
reqs = append(reqs, spec.PgSyncUserRequest{Kind: spec.PGSyncUserAdd, User: newUser})
if len(newUser.Parameters) > 0 {
reqs = append(reqs, spec.PgSyncUserRequest{Kind: spec.PGSyncAlterSet, User: newUser})
@ -74,10 +75,7 @@ func (strategy DefaultUserSyncStrategy) ProduceSyncRequests(dbUsers spec.PgUserM
// No existing roles are deleted or stripped of role memebership/flags
// but they will be renamed acting as a simple blocker
for name, dbUser := range dbUsers {
_, exists := newUsers[name]
nameSuffixDiff := len(name) - len(constants.RoleRenameSuffix)
if !exists && (nameSuffixDiff <= 0 || (nameSuffixDiff > 0 && name[nameSuffixDiff:] != constants.RoleRenameSuffix)) {
if _, exists := newUsers[name]; !exists {
reqs = append(reqs, spec.PgSyncUserRequest{Kind: spec.PGSyncUserRename, User: dbUser})
}
}
@ -141,7 +139,23 @@ func (strategy DefaultUserSyncStrategy) alterPgUserSet(user spec.PgUser, db *sql
}
func (strategy DefaultUserSyncStrategy) alterPgUserRename(user spec.PgUser, db *sql.DB) error {
query := fmt.Sprintf(alterUserRenameSQL, user.Name, user.Name, constants.RoleRenameSuffix)
var query string
renamedBack := false
nameSuffixDiff := len(user.Name) - len(constants.RoleRenameSuffix)
if nameSuffixDiff > 0 {
if user.Name[nameSuffixDiff:] == constants.RoleRenameSuffix {
query = fmt.Sprintf(alterUserRenameSQL, user.Name, user.Name[:nameSuffixDiff], "")
renamedBack = true
}
}
if !renamedBack {
query = fmt.Sprintf(alterUserRenameSQL, user.Name, user.Name, constants.RoleRenameSuffix)
}
if _, err := db.Exec(query); err != nil {
return err
}