Skip to content

Commit 2579628

Browse files
oravirtoravirt
committed
Fix for #139
- Manage object privs for a schema/role - privs are managed in the format: - privs:owner.object_name - select,update:appschema1.table1 - execute:appschema1.package_name e.g users: - schema: appuser1 default_tablespace: appuser1_data grants: - approle1 object_privs: - execute:sys.dbms_lock - select:sys.dba_pending_transactions state: present
1 parent f10e929 commit 2579628

File tree

1 file changed

+16
-12
lines changed

1 file changed

+16
-12
lines changed

roles/oradb-manage-grants/tasks/main.yml

Lines changed: 16 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,8 @@
44
oracle_grants:
55
role={{ item.1.name }}
66
state={{ item.1.state }}
7-
grants={{ item.1.grants }}
7+
grants={{ item.1.grants |default(omit) }}
8+
object_privs={{ item.1.object_privs | default (omit) }}
89
hostname={{ ansible_hostname }}
910
port={{ listener_port_template }}
1011
service_name={{ db_service_name }}
@@ -17,18 +18,19 @@
1718
- flags:
1819
skip_missing: True
1920
environment: "{{oracle_env}}"
20-
when: oracle_databases is defined and item.0.state|lower == 'present' and item.1.grants is defined
21+
when: oracle_databases is defined and item.0.state|lower == 'present' and (item.1.grants is defined or item.1.object_privs is defined)
2122
run_once: "{{ configure_cluster }}"
2223
become_user: "{{ oracle_user }}"
2324
loop_control:
24-
label: "port: {{ listener_port_template }}, service: {{ db_service_name }}, role: {{ item.1.name | default('none') }}, grants: {{ item.1.grants | default('empty') }}, state: {{ item.1.state }}"
25+
label: "port: {{ listener_port_template }}, service: {{ db_service_name }}, role: {{ item.1.name | default('none') }}, grants: {{ item.1.grants | default(omit) }}, state: {{ item.1.state }}"
2526
tags: users,grants
2627

2728
- name: Manage role grants (pdb)
2829
oracle_grants:
2930
role={{ item.1.name }}
3031
state={{ item.1.state }}
31-
grants={{ item.1.grants }}
32+
grants={{ item.1.grants |default(omit) }}
33+
object_privs={{ item.1.object_privs | default (omit) }}
3234
hostname={{ ansible_hostname }}
3335
port={{ listener_port_template }}
3436
service_name={{ item.0.pdb_name }}
@@ -41,18 +43,19 @@
4143
- flags:
4244
skip_missing: True
4345
environment: "{{oracle_env}}"
44-
when: oracle_pdbs is defined and item.0 is defined and item.0.state|lower == 'present' and item.1.grants is defined
46+
when: oracle_pdbs is defined and item.0 is defined and item.0.state|lower == 'present' and (item.1.grants is defined or item.1.object_privs is defined)
4547
run_once: "{{ configure_cluster }}"
4648
become_user: "{{ oracle_user }}"
4749
loop_control:
48-
label: "port: {{ listener_port_template }}, service: {{ item.0.pdb_name }}, role: {{ item.1.name | default('none') }}, grants: {{ item.1.grants | default('empty') }}, state: {{ item.1.state }}"
50+
label: "port: {{ listener_port_template }}, service: {{ item.0.pdb_name }}, role: {{ item.1.name | default('none') }}, grants: {{ item.1.grants | default(omit) }}, state: {{ item.1.state }}"
4951
tags: users,grants
5052

5153
- name: Manage schema grants (cdb)
5254
oracle_grants:
5355
schema={{ item.1.schema }}
5456
state={{ item.1.state }}
55-
grants={{ item.1.grants }}
57+
grants={{ item.1.grants |default(omit) }}
58+
object_privs={{ item.1.object_privs | default (omit) }}
5659
hostname={{ ansible_hostname }}
5760
port={{ listener_port_template }}
5861
service_name={{ db_service_name }}
@@ -65,18 +68,19 @@
6568
- flags:
6669
skip_missing: True
6770
environment: "{{oracle_env}}"
68-
when: oracle_databases is defined and item.0.state|lower == 'present' and item.1.grants is defined
71+
when: oracle_databases is defined and item.0.state|lower == 'present' and (item.1.grants is defined or item.1.object_privs is defined)
6972
run_once: "{{ configure_cluster }}"
7073
become_user: "{{ oracle_user }}"
7174
loop_control:
72-
label: "port: {{ listener_port_template }}, service: {{ db_service_name }}, schema: {{ item.1.schema }}, grants: {{ item.1.grants | default('empty') }}, state: {{ item.1.state }}"
75+
label: "port: {{ listener_port_template }}, service: {{ db_service_name }}, schema: {{ item.1.schema }}, grants: {{ item.1.grants | default(omit) }}, state: {{ item.1.state }}"
7376
tags: users,grants
7477

7578
- name: Manage schema grants (pdb)
7679
oracle_grants:
7780
schema={{ item.1.schema }}
7881
state={{ item.1.state }}
79-
grants={{ item.1.grants }}
82+
grants={{ item.1.grants | default (omit) }}
83+
object_privs={{ item.1.object_privs |default (omit)}}
8084
hostname={{ ansible_hostname }}
8185
port={{ listener_port_template }}
8286
service_name={{ item.0.pdb_name }}
@@ -89,9 +93,9 @@
8993
- flags:
9094
skip_missing: True
9195
environment: "{{oracle_env}}"
92-
when: oracle_pdbs is defined and item.0 is defined and item.0.state|lower == 'present' and item.1.grants is defined
96+
when: oracle_pdbs is defined and item.0 is defined and item.0.state|lower == 'present' and (item.1.grants is defined or item.1.object_privs is defined)
9397
run_once: "{{ configure_cluster }}"
9498
become_user: "{{ oracle_user }}"
9599
loop_control:
96-
label: "port: {{ listener_port_template }}, service: {{ item.0.pdb_name }}, schema: {{ item.1.schema | default('none') }}, grants: {{ item.1.grants | default('empty') }}, state: {{ item.1.state }}"
100+
label: "port: {{ listener_port_template }}, service: {{ item.0.pdb_name }}, schema: {{ item.1.schema | default('none') }}, grants: {{ item.1.grants | default(omit) }}, state: {{ item.1.state }}"
97101
tags: users,grants

0 commit comments

Comments
 (0)