postgresql-charms-single-kernel 16.0.2__py3-none-any.whl → 16.1.1__py3-none-any.whl

{postgresql_charms_single_kernel-16.0.2.dist-info → postgresql_charms_single_kernel-16.1.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: postgresql-charms-single-kernel
-Version: 16.0.2
+Version: 16.1.1
 Summary: Shared and reusable code for PostgreSQL-related charms
 Author-email: Canonical Data Platform <data-platform@lists.launchpad.net>
 License-Expression: Apache-2.0

postgresql_charms_single_kernel-16.1.1.dist-info/RECORD

@@ -0,0 +1,11 @@
+single_kernel_postgresql/__init__.py,sha256=F57JUcML43xgR0kpj9csryZkAoDSBPLLRjzSTHPaTd4,116
+single_kernel_postgresql/abstract_charm.py,sha256=jWYV7nTZLiwxCZEedMZwyXzU3iNDRUcz5ZdI4LGUkUw,841
+single_kernel_postgresql/config/__init__.py,sha256=k9Ud5ZZNd3l0nn8xi8AIlT45oZk8hJ542BjAFGDJzuc,140
+single_kernel_postgresql/config/literals.py,sha256=88r33TBX7SXqgpV6EEXtZmSJrfOtsFiVJ_omop0RuBo,643
+single_kernel_postgresql/utils/__init__.py,sha256=VwAEW3wYjs99q38bid47aS6Os4s3catK4H5HfdPkp94,121
+single_kernel_postgresql/utils/filesystem.py,sha256=CJ2iXqFPKM0NfqqZSTDlENOrM0RW7rmTmcuzwV0bR9A,552
+single_kernel_postgresql/utils/postgresql.py,sha256=IiEOFzrpiDXRWgwnvywiul9f8gU8hxCBaSqVFUyFgjU,79617
+postgresql_charms_single_kernel-16.1.1.dist-info/METADATA,sha256=UD9GAm4GA4tQKAaWsDiR5uyN-k921jq2nt8Uwq6sqsE,484
+postgresql_charms_single_kernel-16.1.1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+postgresql_charms_single_kernel-16.1.1.dist-info/top_level.txt,sha256=fH85HKyfDV3--1JuYe-rWJmN5XTlXVXGOBO5iNA36Rk,25
+postgresql_charms_single_kernel-16.1.1.dist-info/RECORD,,

single_kernel_postgresql/abstract_charm.py

@@ -4,7 +4,7 @@
 
 from ops.charm import CharmBase
 
-from .config.literals import SYSTEM_USERS, USER
+from .config.literals import SYSTEM_USERS, USER, Substrates
 from .utils.postgresql import PostgreSQL
 
 
@@ -15,6 +15,7 @@ class AbstractPostgreSQLCharm(CharmBase):
         super().__init__(*args)
 
         self.postgresql = PostgreSQL(
+            substrate=Substrates.VM,
             primary_host="localhost",
             current_host="localhost",
             user=USER,

single_kernel_postgresql/config/literals.py

@@ -5,6 +5,8 @@
 This module should contain the literals used in the charms (paths, enums, etc).
 """
 
+from enum import Enum
+
 # Permissions.
 POSTGRESQL_STORAGE_PERMISSIONS = 0o700
 
@@ -19,3 +21,10 @@ REWIND_USER = "rewind"
 SNAP_USER = "_daemon_"
 USER = "operator"
 SYSTEM_USERS = [MONITORING_USER, REPLICATION_USER, REWIND_USER, USER]
+
+
+class Substrates(str, Enum):
+    """Possible substrates."""
+
+    K8S = "k8s"
+    VM = "vm"

single_kernel_postgresql/utils/postgresql.py

@@ -30,7 +30,13 @@ import psycopg2
 from ops import ConfigData
 from psycopg2.sql import SQL, Identifier, Literal
 
-from ..config.literals import BACKUP_USER, POSTGRESQL_STORAGE_PERMISSIONS, SNAP_USER, SYSTEM_USERS
+from ..config.literals import (
+    BACKUP_USER,
+    POSTGRESQL_STORAGE_PERMISSIONS,
+    SNAP_USER,
+    SYSTEM_USERS,
+    Substrates,
+)
 from .filesystem import change_owner
 
 # Groups to distinguish HBA access
@@ -60,6 +66,7 @@ ALLOWED_ROLES = {
 }
 
 INVALID_DATABASE_NAME_BLOCKING_MESSAGE = "invalid database name"
+INVALID_DATABASE_NAMES = ["databases", "postgres", "template0", "template1"]
 INVALID_EXTRA_USER_ROLE_BLOCKING_MESSAGE = "invalid role(s) for extra user roles"
 
 REQUIRED_PLUGINS = {
@@ -107,6 +114,10 @@ class PostgreSQLCreateUserError(PostgreSQLBaseError):
         self.message = message
 
 
+class PostgreSQLUpdateUserError(PostgreSQLBaseError):
+    """Exception raised when creating a user fails."""
+
+
 class PostgreSQLUndefinedHostError(PostgreSQLBaseError):
     """Exception when host is not set."""
 
@@ -139,6 +150,10 @@ class PostgreSQLGetPostgreSQLVersionError(PostgreSQLBaseError):
     """Exception raised when retrieving PostgreSQL version fails."""
 
 
+class PostgreSQLListDatabasesError(PostgreSQLBaseError):
+    """Exception raised when retrieving the databases."""
+
+
 class PostgreSQLListAccessibleDatabasesForUserError(PostgreSQLBaseError):
     """Exception raised when retrieving the accessible databases for a user fails."""
 
@@ -216,6 +231,7 @@ class PostgreSQL:
 
     def __init__(
         self,
+        substrate: Substrates,
         primary_host: Optional[str],
         current_host: Optional[str],
         user: str,
@@ -223,6 +239,18 @@ class PostgreSQL:
         database: str,
         system_users: Optional[List[str]] = None,
     ):
+        """Create a PostgreSQL helper.
+
+        Args:
+            substrate: substrate where the charm is running (Substrates.K8S or Substrates.VM).
+            primary_host: hostname or address for primary database host.
+            current_host: hostname or address for the current database host.
+            user: username to connect as.
+            password: password for the user.
+            database: default database name.
+            system_users: list of system users.
+        """
+        self.substrate = substrate
         self.primary_host = primary_host
         self.current_host = current_host
         self.user = user
@@ -322,7 +350,7 @@ class PostgreSQL:
         if len(database) > 49:
             logger.error(f"Invalid database name (it must not exceed 49 characters): {database}.")
             raise PostgreSQLCreateDatabaseError(INVALID_DATABASE_NAME_BLOCKING_MESSAGE)
-        if database in ["postgres", "template0", "template1"]:
+        if database in INVALID_DATABASE_NAMES:
             logger.error(f"Invalid database name: {database}.")
             raise PostgreSQLCreateDatabaseError(INVALID_DATABASE_NAME_BLOCKING_MESSAGE)
         plugins = plugins if plugins else []
@@ -419,14 +447,28 @@ class PostgreSQL:
         Returns:
             A tuple containing the adjusted user definition and a list of additional statements.
         """
+        db_roles, connect_statements = self._adjust_user_roles(user, roles, database)
+        if db_roles:
+            str_roles = [f'"{role}"' for role in db_roles]
+            user_definition += f" IN ROLE {', '.join(str_roles)}"
+        return user_definition, connect_statements
+
+    def _adjust_user_roles(
+        self, user: str, roles: Optional[List[str]], database: Optional[str]
+    ) -> Tuple[List[str], List[str]]:
+        """Adjusts the user definition to include additional statements.
+
+        Returns:
+            A tuple containing the adjusted user definition and a list of additional statements.
+        """
+        db_roles = []
         connect_statements = []
         if database:
             if roles is not None and not any(
-                True
-                for role in roles
-                if role in [ROLE_STATS, ROLE_READ, ROLE_DML, ROLE_BACKUP, ROLE_DBA]
+                role in [ROLE_STATS, ROLE_READ, ROLE_DML, ROLE_BACKUP, ROLE_DBA] for role in roles
             ):
-                user_definition += f' IN ROLE "charmed_{database}_admin", "charmed_{database}_dml"'
+                db_roles.append(f"charmed_{database}_admin")
+                db_roles.append(f"charmed_{database}_dml")
             else:
                 connect_statements.append(
                     SQL("GRANT CONNECT ON DATABASE {} TO {};").format(
@@ -434,9 +476,7 @@ class PostgreSQL:
                     )
                 )
         if roles is not None and any(
-            True
-            for role in roles
-            if role
+            role
             in [
                 ROLE_STATS,
                 ROLE_READ,
@@ -446,6 +486,7 @@ class PostgreSQL:
                 ROLE_ADMIN,
                 ROLE_DATABASES_OWNER,
             ]
+            for role in roles
         ):
             for system_database in ["postgres", "template1"]:
                 connect_statements.append(
@@ -453,7 +494,7 @@ class PostgreSQL:
                         Identifier(system_database), Identifier(user)
                     )
                 )
-        return user_definition, connect_statements
+        return db_roles, connect_statements
 
     def _process_extra_user_roles(
         self, user: str, extra_user_roles: Optional[List[str]] = None
@@ -1077,7 +1118,7 @@ class PostgreSQL:
             if temp_location is not None:
                 # Fix permissions on the temporary tablespace location when a reboot happens and tmpfs is being used.
                 temp_location_stats = os.stat(temp_location)
-                if (
+                if self.substrate == Substrates.VM and (
                     pwd.getpwuid(temp_location_stats.st_uid).pw_name != SNAP_USER
                     or int(temp_location_stats.st_mode & 0o777) != POSTGRESQL_STORAGE_PERMISSIONS
                 ):
@@ -1821,3 +1862,50 @@ $$ LANGUAGE plpgsql security definer;"""  # noqa: S608
             finally:
                 if connection:
                     connection.close()
+
+    def list_databases(self, prefix: Optional[str] = None) -> List[str]:
+        """List non-system databases starting with prefix."""
+        prefix_stmt = (
+            SQL(" AND datname LIKE {}").format(Literal(prefix + "%")) if prefix else SQL("")
+        )
+        try:
+            with self._connect_to_database() as connection, connection.cursor() as cursor:
+                cursor.execute(
+                    SQL(
+                        "SELECT datname FROM pg_database WHERE datistemplate = false AND datname <>'postgres'{};"
+                    ).format(prefix_stmt)
+                )
+                return [row[0] for row in cursor.fetchall()]
+        except psycopg2.Error as e:
+            raise PostgreSQLListDatabasesError() from e
+        finally:
+            if connection:
+                connection.close()
+
+    def add_user_to_databases(
+        self, user: str, databases: List[str], extra_user_roles: Optional[List[str]] = None
+    ) -> None:
+        """Grant user access to database."""
+        try:
+            roles, _ = self._process_extra_user_roles(user, extra_user_roles)
+            connect_stmt = []
+            for database in databases:
+                db_roles, db_connect_stmt = self._adjust_user_roles(user, roles, database)
+                roles += db_roles
+                connect_stmt += db_connect_stmt
+            with self._connect_to_database() as connection, connection.cursor() as cursor:
+                cursor.execute(SQL("RESET ROLE;"))
+                cursor.execute(SQL("BEGIN;"))
+                cursor.execute(SQL("SET LOCAL log_statement = 'none';"))
+                cursor.execute(SQL("COMMIT;"))
+
+                # Add extra user roles to the new user.
+                for role in roles:
+                    cursor.execute(
+                        SQL("GRANT {} TO {};").format(Identifier(role), Identifier(user))
+                    )
+                for statement in connect_stmt:
+                    cursor.execute(statement)
+        except psycopg2.Error as e:
+            logger.error(f"Failed to create user: {e}")
+            raise PostgreSQLUpdateUserError() from e

postgresql_charms_single_kernel-16.0.2.dist-info/RECORD

@@ -1,11 +0,0 @@
-single_kernel_postgresql/__init__.py,sha256=F57JUcML43xgR0kpj9csryZkAoDSBPLLRjzSTHPaTd4,116
-single_kernel_postgresql/abstract_charm.py,sha256=grlJCmpz8rq7_NKVkyuoK7_8I2r6DRkh5DhbtyPWna8,792
-single_kernel_postgresql/config/__init__.py,sha256=k9Ud5ZZNd3l0nn8xi8AIlT45oZk8hJ542BjAFGDJzuc,140
-single_kernel_postgresql/config/literals.py,sha256=4EpAnoxCEMfOCPpFD5dyAU_0h2OwAHgEX9OjTWNcaQg,527
-single_kernel_postgresql/utils/__init__.py,sha256=VwAEW3wYjs99q38bid47aS6Os4s3catK4H5HfdPkp94,121
-single_kernel_postgresql/utils/filesystem.py,sha256=CJ2iXqFPKM0NfqqZSTDlENOrM0RW7rmTmcuzwV0bR9A,552
-single_kernel_postgresql/utils/postgresql.py,sha256=ZhTZZcshgHjZgP4aRCWyfmW9ArUISLdqo9NnJBg1fdM,75963
-postgresql_charms_single_kernel-16.0.2.dist-info/METADATA,sha256=TCKebjoRLWERCEzeLgiRcX9dfZx-TLXf0CU55Ki7xik,484
-postgresql_charms_single_kernel-16.0.2.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-postgresql_charms_single_kernel-16.0.2.dist-info/top_level.txt,sha256=fH85HKyfDV3--1JuYe-rWJmN5XTlXVXGOBO5iNA36Rk,25
-postgresql_charms_single_kernel-16.0.2.dist-info/RECORD,,