Merge pull request #142 from kamilszymanski/connection_limit

kbarber · kbarber · commit 78e183c43bc6 · 2013-03-01T06:32:22.000-08:00
Allow to set connection limit for new role
diff --git a/README.md b/README.md
@@ -346,6 +346,9 @@ Weither to grant super user capability for the new role. Defaults to `false`.
 ####`replication`
 If `true` provides replication capabilities for this role. Defaults to `false`.
 
+####`connection_limit`
+Specifies how many concurrent connections the role can make. Defaults to `-1` meaning no limit.
+
 ###Resource: postgresql::tablespace
 This defined type can be used to create a tablespace. For example:
 
diff --git a/manifests/database_user.pp b/manifests/database_user.pp
@@ -39,20 +39,22 @@
 
 define postgresql::database_user(
   $password_hash,
-  $createdb    = false,
-  $createrole  = false,
-  $db          = $postgresql::params::user,
-  $superuser   = false,
-  $replication = false,
-  $user        = $title
+  $createdb         = false,
+  $createrole       = false,
+  $db               = $postgresql::params::user,
+  $superuser        = false,
+  $replication      = false,
+  $connection_limit = -1,
+  $user             = $title
 ) {
   postgresql::role { $user:
-    db              => $db,
-    password_hash   => $password_hash,
-    login           => true,
-    createdb        => $createdb,
-    superuser       => $superuser,
-    createrole      => $createrole,
-    replication     => $replication,
+    db               => $db,
+    password_hash    => $password_hash,
+    login            => true,
+    createdb         => $createdb,
+    superuser        => $superuser,
+    createrole       => $createrole,
+    replication      => $replication,
+    connection_limit => $connection_limit,
   }
 }
diff --git a/manifests/role.pp b/manifests/role.pp
@@ -18,13 +18,14 @@
 
 define postgresql::role(
     $password_hash,
-    $createdb    = false,
-    $createrole  = false,
-    $db          = 'postgres',
-    $login       = false,
-    $superuser   = false,
-    $replication = false,
-    $username    = $title
+    $createdb         = false,
+    $createrole       = false,
+    $db               = 'postgres',
+    $login            = false,
+    $superuser        = false,
+    $replication      = false,
+    $connection_limit = -1,
+    $username         = $title
 ) {
   include postgresql::params
 
@@ -40,8 +41,8 @@
   $superuser_sql   = $superuser   ? { true => 'SUPERUSER'   , default => 'NOSUPERUSER' }
   $replication_sql = $replication ? { true => 'REPLICATION' , default => '' }
 
-  # TODO: FIXME: Will not correct the superuser / createdb / createrole / login / replication status of a role that already exists
-  postgresql_psql {"CREATE ROLE \"${username}\" ENCRYPTED PASSWORD '${password_hash}' ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql}":
+  # TODO: FIXME: Will not correct the superuser / createdb / createrole / login / replication status nor the connection limit of a role that already exists
+  postgresql_psql {"CREATE ROLE \"${username}\" ENCRYPTED PASSWORD '${password_hash}' ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}":
     db        => $db,
     psql_user => $postgresql::params::user,
     unless    => "SELECT rolname FROM pg_roles WHERE rolname='${username}'",
