Skip to content

Commit

Permalink
fix: quote inRoles
Browse files Browse the repository at this point in the history
Signed-off-by: wolfox <[email protected]>
  • Loading branch information
gabriele-wolfox committed Dec 18, 2024
1 parent d0964d5 commit b95026e
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 5 deletions.
8 changes: 7 additions & 1 deletion internal/management/controller/roles/postgres.go
Original file line number Diff line number Diff line change
Expand Up @@ -301,7 +301,13 @@ func GetParentRoles(ctx context.Context, db *sql.DB, role DatabaseRole) ([]strin

func appendInRoleOptions(role DatabaseRole, query *strings.Builder) {
if len(role.InRoles) > 0 {
query.WriteString(fmt.Sprintf(" IN ROLE %s ", strings.Join(role.InRoles, ",")))
quotedInRoles := make([]string, len(role.InRoles))

for i, inRole := range role.InRoles {
quotedInRoles[i] = pq.QuoteLiteral(inRole)
}

query.WriteString(fmt.Sprintf(" IN ROLE %s ", strings.Join(quotedInRoles, ",")))
}
}

Expand Down
8 changes: 4 additions & 4 deletions internal/management/controller/roles/postgres_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -104,22 +104,22 @@ var _ = Describe("Postgres RoleManager implementation test", func() {
}
wantedRoleExpectedCrtStmt := fmt.Sprintf(
"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring VALID UNTIL '2100-01-01 00:00:00Z'",
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE 'pg_monitoring' VALID UNTIL '2100-01-01 00:00:00Z'",
wantedRole.Name)

wantedRoleWithPassExpectedCrtStmt := fmt.Sprintf(
"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring PASSWORD 'myPassword' VALID UNTIL '2100-01-01 00:00:00Z'",
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE 'pg_monitoring' PASSWORD 'myPassword' VALID UNTIL '2100-01-01 00:00:00Z'",
wantedRole.Name)

wantedRoleWithoutValidUntilExpectedCrtStmt := fmt.Sprintf(
"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring PASSWORD 'myPassword'",
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE 'pg_monitoring' PASSWORD 'myPassword'",
wantedRole.Name)

wantedRoleWithPassDeletionExpectedCrtStmt := fmt.Sprintf(
"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring PASSWORD NULL VALID UNTIL '2100-01-01 00:00:00Z'",
"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE 'pg_monitoring' PASSWORD NULL VALID UNTIL '2100-01-01 00:00:00Z'",
wantedRole.Name)
wantedRoleWithDefaultConnectionLimitExpectedCrtStmt := fmt.Sprintf(
"CREATE ROLE \"%s\" NOBYPASSRLS NOCREATEDB NOCREATEROLE INHERIT NOLOGIN NOREPLICATION "+
Expand Down

0 comments on commit b95026e

Please sign in to comment.