Quote postgres privilege target names (saltstack#36249)

* Quote postgres privilege target names Postgres lets you put characters in table/database names which you then must quote. So we should always quote. * Updating unit tests * Also quote role names. Role names can also have dashes (or others) in them, so we must also quote them.
rickyninja · Sep 15, 2016 · fbbe9ec · fbbe9ec
1 parent 9451141
commit fbbe9ec
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 10 deletions.
diff --git a/salt/modules/postgres.py b/salt/modules/postgres.py
@@ -2865,22 +2865,22 @@ def privileges_grant(name,
     _grants = ','.join(_privs)
 
     if object_type in ['table', 'sequence']:
-        on_part = '{0}.{1}'.format(prepend, object_name)
+        on_part = '{0}."{1}"'.format(prepend, object_name)
     else:
-        on_part = object_name
+        on_part = '"{0}"'.format(object_name)
 
     if grant_option:
         if object_type == 'group':
-            query = 'GRANT {0} TO {1} WITH ADMIN OPTION'.format(
+            query = 'GRANT {0} TO "{1}" WITH ADMIN OPTION'.format(
                 object_name, name)
         else:
-            query = 'GRANT {0} ON {1} {2} TO {3} WITH GRANT OPTION'.format(
+            query = 'GRANT {0} ON {1} {2} TO "{3}" WITH GRANT OPTION'.format(
                 _grants, object_type.upper(), on_part, name)
     else:
         if object_type == 'group':
-            query = 'GRANT {0} TO {1}'.format(object_name, name)
+            query = 'GRANT {0} TO "{1}"'.format(object_name, name)
         else:
-            query = 'GRANT {0} ON {1} {2} TO {3}'.format(
+            query = 'GRANT {0} ON {1} {2} TO "{3}"'.format(
                 _grants, object_type.upper(), on_part, name)
 
     ret = _psql_prepare_and_run(['-c', query],

diff --git a/tests/unit/modules/postgres_test.py b/tests/unit/modules/postgres_test.py
@@ -1240,7 +1240,7 @@ def test_privileges_grant_table(self):
                    password='testpassword'
                 )
 
-                query = 'GRANT ALL ON TABLE public.awl TO baruwa WITH GRANT OPTION'
+                query = 'GRANT ALL ON TABLE public."awl" TO "baruwa" WITH GRANT OPTION'
 
                 postgres._run_psql.assert_called_once_with(
                     ['/usr/bin/pgsql', '--no-align', '--no-readline',
@@ -1267,7 +1267,7 @@ def test_privileges_grant_table(self):
                    password='testpassword'
                 )
 
-                query = 'GRANT ALL ON TABLE public.awl TO baruwa'
+                query = 'GRANT ALL ON TABLE public."awl" TO "baruwa"'
 
                 postgres._run_psql.assert_called_once_with(
                     ['/usr/bin/pgsql', '--no-align', '--no-readline',
@@ -1298,7 +1298,7 @@ def test_privileges_grant_group(self):
                    password='testpassword'
                 )
 
-                query = 'GRANT admins TO baruwa WITH ADMIN OPTION'
+                query = 'GRANT admins TO "baruwa" WITH ADMIN OPTION'
 
                 postgres._run_psql.assert_called_once_with(
                     ['/usr/bin/pgsql', '--no-align', '--no-readline',
@@ -1324,7 +1324,7 @@ def test_privileges_grant_group(self):
                    password='testpassword'
                 )
 
-                query = 'GRANT admins TO baruwa'
+                query = 'GRANT admins TO "baruwa"'
 
                 postgres._run_psql.assert_called_once_with(
                     ['/usr/bin/pgsql', '--no-align', '--no-readline',