From 764cae9f337999dec53dd836d9b9b18c22748874 Mon Sep 17 00:00:00 2001
From: Andrew Klychkov <aaklychkov@mail.ru>
Date: Mon, 20 Apr 2020 09:01:42 +0300
Subject: [PATCH] postgresql_privs: add trust_input parameter (#177)

* postgresql_privs: add trust_input parameter

* add changelog fragment
---
 ...gresql_privs_add_trust_input_parameter.yml |  2 ++
 plugins/module_utils/database.py              |  3 +++
 .../database/postgresql/postgresql_privs.py   | 16 ++++++++++++-
 .../postgresql_privs/defaults/main.yml        |  1 +
 .../tasks/postgresql_privs_general.yml        |  1 +
 .../tasks/postgresql_privs_session_role.yml   | 23 +++++++++++++++++++
 6 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/fragments/177-postgresql_privs_add_trust_input_parameter.yml

diff --git a/changelogs/fragments/177-postgresql_privs_add_trust_input_parameter.yml b/changelogs/fragments/177-postgresql_privs_add_trust_input_parameter.yml
new file mode 100644
index 0000000000..be0e5e75f0
--- /dev/null
+++ b/changelogs/fragments/177-postgresql_privs_add_trust_input_parameter.yml
@@ -0,0 +1,2 @@
+minor_changes:
+- postgresql_privs - add the ``trust_input`` parameter (https://github.com/ansible-collections/community.general/pull/177).
diff --git a/plugins/module_utils/database.py b/plugins/module_utils/database.py
index c8874a6862..67bdb43257 100644
--- a/plugins/module_utils/database.py
+++ b/plugins/module_utils/database.py
@@ -191,6 +191,9 @@ def check_input(module, *args):
                 if is_input_dangerous(e):
                     dangerous_elements.append(e)
 
+        elif elem is None or isinstance(elem, bool):
+            pass
+
         else:
             elem = str(elem)
             if is_input_dangerous(elem):
diff --git a/plugins/modules/database/postgresql/postgresql_privs.py b/plugins/modules/database/postgresql/postgresql_privs.py
index c676959814..1aa0d06559 100644
--- a/plugins/modules/database/postgresql/postgresql_privs.py
+++ b/plugins/modules/database/postgresql/postgresql_privs.py
@@ -157,6 +157,11 @@ options:
     type: str
     aliases:
     - ssl_rootcert
+  trust_input:
+    description:
+    - If C(no), check whether values of some parameters are potentially dangerous.
+    type: bool
+    default: yes
 
 notes:
 - Parameters that accept comma separated lists (I(privs), I(objs), I(roles))
@@ -417,7 +422,10 @@ except ImportError:
 
 # import module snippets
 from ansible.module_utils.basic import AnsibleModule, missing_required_lib
-from ansible_collections.community.general.plugins.module_utils.database import pg_quote_identifier
+from ansible_collections.community.general.plugins.module_utils.database import (
+    pg_quote_identifier,
+    check_input,
+)
 from ansible_collections.community.general.plugins.module_utils.postgres import postgres_common_argument_spec
 from ansible.module_utils._text import to_native
 
@@ -943,6 +951,7 @@ def main():
         login=dict(default='postgres', aliases=['login_user']),
         password=dict(default='', aliases=['login_password'], no_log=True),
         fail_on_role=dict(type='bool', default=True),
+        trust_input=dict(type='bool', default=True),
     )
 
     module = AnsibleModule(
@@ -977,6 +986,11 @@ def main():
         module.fail_json(msg='Argument "privs" is required '
                              'for type "%s".' % p.type)
 
+    # Check input
+    if not p.trust_input:
+        # Check input for potentially dangerous elements:
+        check_input(module, p.roles, p.target_roles, p.session_role, p.schema)
+
     # Connect to Database
     if not psycopg2:
         module.fail_json(msg=missing_required_lib('psycopg2'), exception=PSYCOPG2_IMP_ERR)
diff --git a/tests/integration/targets/postgresql_privs/defaults/main.yml b/tests/integration/targets/postgresql_privs/defaults/main.yml
index db3ddb32f1..3ef770e020 100644
--- a/tests/integration/targets/postgresql_privs/defaults/main.yml
+++ b/tests/integration/targets/postgresql_privs/defaults/main.yml
@@ -6,3 +6,4 @@ db_user_with_dots1: role.with.dots1
 db_user_with_dots2: role.with.dots2
 db_session_role1: session_role1
 db_session_role2: session_role2
+dangerous_name: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
diff --git a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml
index 53388be8ef..75b95baac2 100644
--- a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml
@@ -62,6 +62,7 @@
     type: table
     objs: test_view
     roles: "{{ db_user2 }}"
+    trust_input: no
   check_mode: yes
   register: result
 
diff --git a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml
index 164bbba67d..9a06c9d262 100644
--- a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml
@@ -77,3 +77,26 @@
 - assert:
     that:
       - result is failed
+
+########################
+# Test trust_input param
+
+- name: Verify trust_input parameter
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_privs:
+    db: "{{ db_session_role1 }}"
+    type: table
+    objs: test2
+    roles: "{{ db_session_role1 }}"
+    login_user: "{{ pg_user }}"
+    privs: update
+    session_role: "{{ dangerous_name }}"
+    trust_input: no
+  ignore_errors: yes
+  register: result
+
+- assert:
+    that:
+      - result is failed
+      - result.msg == 'Passed input \'{{ dangerous_name }}\' is potentially dangerous'