github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/postgresql/resource_postgresql_role_test.go (about)

     1  package postgresql
     2  
     3  import (
     4  	"database/sql"
     5  	"fmt"
     6  	"testing"
     7  
     8  	"github.com/hashicorp/terraform/helper/resource"
     9  	"github.com/hashicorp/terraform/terraform"
    10  )
    11  
    12  func TestAccPostgresqlRole_Basic(t *testing.T) {
    13  	resource.Test(t, resource.TestCase{
    14  		PreCheck:     func() { testAccPreCheck(t) },
    15  		Providers:    testAccProviders,
    16  		CheckDestroy: testAccCheckPostgresqlRoleDestroy,
    17  		Steps: []resource.TestStep{
    18  			{
    19  				Config: testAccPostgresqlRoleConfig,
    20  				Check: resource.ComposeTestCheckFunc(
    21  					testAccCheckPostgresqlRoleExists("postgresql_role.myrole2", "true"),
    22  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "name", "testing_role_with_defaults"),
    23  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "superuser", "false"),
    24  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "create_database", "false"),
    25  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "create_role", "false"),
    26  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "inherit", "false"),
    27  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "replication", "false"),
    28  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "bypass_row_level_security", "false"),
    29  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "connection_limit", "-1"),
    30  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "encrypted_password", "true"),
    31  					resource.TestCheckNoResourceAttr("postgresql_role.role_with_defaults", "password"),
    32  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "valid_until", "infinity"),
    33  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "skip_drop_role", "false"),
    34  					resource.TestCheckResourceAttr("postgresql_role.role_with_defaults", "skip_reassign_owned", "false"),
    35  				),
    36  			},
    37  		},
    38  	})
    39  }
    40  
    41  func TestAccPostgresqlRole_Update(t *testing.T) {
    42  	resource.Test(t, resource.TestCase{
    43  		PreCheck:     func() { testAccPreCheck(t) },
    44  		Providers:    testAccProviders,
    45  		CheckDestroy: testAccCheckPostgresqlRoleDestroy,
    46  		Steps: []resource.TestStep{
    47  			{
    48  				Config: testAccPostgresqlRoleUpdate1Config,
    49  				Check: resource.ComposeTestCheckFunc(
    50  					testAccCheckPostgresqlRoleExists("postgresql_role.update_role", "true"),
    51  					resource.TestCheckResourceAttr("postgresql_role.update_role", "name", "update_role"),
    52  					resource.TestCheckResourceAttr("postgresql_role.update_role", "login", "true"),
    53  					resource.TestCheckResourceAttr("postgresql_role.update_role", "connection_limit", "-1"),
    54  				),
    55  			},
    56  			{
    57  				Config: testAccPostgresqlRoleUpdate2Config,
    58  				Check: resource.ComposeTestCheckFunc(
    59  					testAccCheckPostgresqlRoleExists("postgresql_role.update_role", "true"),
    60  					resource.TestCheckResourceAttr("postgresql_role.update_role", "name", "update_role2"),
    61  					resource.TestCheckResourceAttr("postgresql_role.update_role", "login", "true"),
    62  					resource.TestCheckResourceAttr("postgresql_role.update_role", "connection_limit", "5"),
    63  				),
    64  			},
    65  		},
    66  	})
    67  }
    68  
    69  func testAccCheckPostgresqlRoleDestroy(s *terraform.State) error {
    70  	client := testAccProvider.Meta().(*Client)
    71  
    72  	for _, rs := range s.RootModule().Resources {
    73  		if rs.Type != "postgresql_role" {
    74  			continue
    75  		}
    76  
    77  		exists, err := checkRoleExists(client, rs.Primary.ID)
    78  
    79  		if err != nil {
    80  			return fmt.Errorf("Error checking role %s", err)
    81  		}
    82  
    83  		if exists {
    84  			return fmt.Errorf("Role still exists after destroy")
    85  		}
    86  	}
    87  
    88  	return nil
    89  }
    90  
    91  func testAccCheckPostgresqlRoleExists(n string, canLogin string) resource.TestCheckFunc {
    92  	return func(s *terraform.State) error {
    93  		rs, ok := s.RootModule().Resources[n]
    94  		if !ok {
    95  			return fmt.Errorf("Resource not found: %s", n)
    96  		}
    97  
    98  		if rs.Primary.ID == "" {
    99  			return fmt.Errorf("No ID is set")
   100  		}
   101  
   102  		actualCanLogin := rs.Primary.Attributes["login"]
   103  		if actualCanLogin != canLogin {
   104  			return fmt.Errorf("Wrong value for login expected %s got %s", canLogin, actualCanLogin)
   105  		}
   106  
   107  		client := testAccProvider.Meta().(*Client)
   108  		exists, err := checkRoleExists(client, rs.Primary.ID)
   109  
   110  		if err != nil {
   111  			return fmt.Errorf("Error checking role %s", err)
   112  		}
   113  
   114  		if !exists {
   115  			return fmt.Errorf("Role not found")
   116  		}
   117  
   118  		return nil
   119  	}
   120  }
   121  
   122  func checkRoleExists(client *Client, roleName string) (bool, error) {
   123  	conn, err := client.Connect()
   124  	if err != nil {
   125  		return false, err
   126  	}
   127  	defer conn.Close()
   128  
   129  	var _rez int
   130  	err = conn.QueryRow("SELECT 1 from pg_roles d WHERE rolname=$1", roleName).Scan(&_rez)
   131  	switch {
   132  	case err == sql.ErrNoRows:
   133  		return false, nil
   134  	case err != nil:
   135  		return false, fmt.Errorf("Error reading info about role: %s", err)
   136  	default:
   137  		return true, nil
   138  	}
   139  }
   140  
   141  var testAccPostgresqlRoleConfig = `
   142  resource "postgresql_role" "myrole2" {
   143    name = "myrole2"
   144    login = true
   145  }
   146  
   147  resource "postgresql_role" "role_with_pwd" {
   148    name = "role_with_pwd"
   149    login = true
   150    password = "mypass"
   151  }
   152  
   153  resource "postgresql_role" "role_with_pwd_encr" {
   154    name = "role_with_pwd_encr"
   155    login = true
   156    password = "mypass"
   157    encrypted = true
   158  }
   159  
   160  resource "postgresql_role" "role_with_pwd_no_login" {
   161    name = "role_with_pwd_no_login"
   162    password = "mypass"
   163  }
   164  
   165  resource "postgresql_role" "role_simple" {
   166    name = "role_simple"
   167  }
   168  
   169  resource "postgresql_role" "role_with_defaults" {
   170    name = "testing_role_with_defaults"
   171    superuser = false
   172    create_database = false
   173    create_role = false
   174    inherit = false
   175    login = false
   176    replication = false
   177    bypass_row_level_security = false
   178    connection_limit = -1
   179    encrypted_password = true
   180    password = ""
   181    skip_drop_role = false
   182    skip_reassign_owned = false
   183    valid_until = "infinity"
   184  }
   185  `
   186  
   187  var testAccPostgresqlRoleUpdate1Config = `
   188  resource "postgresql_role" "update_role" {
   189    name = "update_role"
   190    login = true
   191  }
   192  `
   193  
   194  var testAccPostgresqlRoleUpdate2Config = `
   195  resource "postgresql_role" "update_role" {
   196    name = "update_role2"
   197    login = true
   198    connection_limit = 5
   199  }
   200  `