Allow to set connection limit for new role

This commit is contained in:
Kamil Szymanski 2013-02-28 00:43:24 +01:00
parent cb1a751fed
commit e7b25d6b29
3 changed files with 28 additions and 22 deletions

View file

@ -346,6 +346,9 @@ Weither to grant super user capability for the new role. Defaults to `false`.
####`replication`
If `true` provides replication capabilities for this role. Defaults to `false`.
####`connection_limit`
Specifies how many concurrent connections the role can make. Defaults to `-1` meaning no limit.
###Resource: postgresql::tablespace
This defined type can be used to create a tablespace. For example:

View file

@ -39,20 +39,22 @@
define postgresql::database_user(
$password_hash,
$createdb = false,
$createrole = false,
$db = $postgresql::params::user,
$superuser = false,
$replication = false,
$user = $title
$createdb = false,
$createrole = false,
$db = $postgresql::params::user,
$superuser = false,
$replication = false,
$connection_limit = -1,
$user = $title
) {
postgresql::role { $user:
db => $db,
password_hash => $password_hash,
login => true,
createdb => $createdb,
superuser => $superuser,
createrole => $createrole,
replication => $replication,
db => $db,
password_hash => $password_hash,
login => true,
createdb => $createdb,
superuser => $superuser,
createrole => $createrole,
replication => $replication,
connection_limit => $connection_limit,
}
}

View file

@ -18,13 +18,14 @@
define postgresql::role(
$password_hash,
$createdb = false,
$createrole = false,
$db = 'postgres',
$login = false,
$superuser = false,
$replication = false,
$username = $title
$createdb = false,
$createrole = false,
$db = 'postgres',
$login = false,
$superuser = false,
$replication = false,
$connection_limit = -1,
$username = $title
) {
include postgresql::params
@ -40,8 +41,8 @@ define postgresql::role(
$superuser_sql = $superuser ? { true => 'SUPERUSER' , default => 'NOSUPERUSER' }
$replication_sql = $replication ? { true => 'REPLICATION' , default => '' }
# TODO: FIXME: Will not correct the superuser / createdb / createrole / login / replication status of a role that already exists
postgresql_psql {"CREATE ROLE \"${username}\" ENCRYPTED PASSWORD '${password_hash}' ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql}":
# TODO: FIXME: Will not correct the superuser / createdb / createrole / login / replication status nor the connection limit of a role that already exists
postgresql_psql {"CREATE ROLE \"${username}\" ENCRYPTED PASSWORD '${password_hash}' ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}":
db => $db,
psql_user => $postgresql::params::user,
unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}'",