X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/faf8ae12e85eabb050b0f5eceb2cb67ad1de5261..317a044e552ea33471a5f1a9c4d9368a71368fc6:/cookbooks/postgresql/providers/user.rb

diff --git a/cookbooks/postgresql/providers/user.rb b/cookbooks/postgresql/providers/user.rb
index 11c783e22..5df0f3847 100644
--- a/cookbooks/postgresql/providers/user.rb
+++ b/cookbooks/postgresql/providers/user.rb
@@ -17,13 +17,17 @@
 # limitations under the License.
 #
 
+require "shellwords"
+
+use_inline_resources
+
 def load_current_resource
   @pg = Chef::PostgreSQL.new(new_resource.cluster)
 
   @current_resource = Chef::Resource::PostgresqlUser.new(new_resource.name)
   @current_resource.user(new_resource.user)
   @current_resource.cluster(new_resource.cluster)
-  if pg_user = @pg.users[@current_resource.user]
+  if (pg_user = @pg.users[@current_resource.user])
     @current_resource.superuser(pg_user[:superuser])
     @current_resource.createdb(pg_user[:createdb])
     @current_resource.createrole(pg_user[:createrole])
@@ -33,13 +37,13 @@ def load_current_resource
 end
 
 action :create do
-  password = new_resource.password ? "ENCRYPTED PASSWORD '#{new_resource.password}'" : ""
+  password = new_resource.password ? "ENCRYPTED PASSWORD '#{new_resource.password.shellescape}'" : ""
   superuser = new_resource.superuser ? "SUPERUSER" : "NOSUPERUSER"
   createdb = new_resource.createdb ? "CREATEDB" : "NOCREATEDB"
   createrole = new_resource.createrole ? "CREATEROLE" : "NOCREATEROLE"
   replication = new_resource.replication ? "REPLICATION" : "NOREPLICATION"
 
-  unless @pg.users.include?(new_resource.user)
+  if !@pg.users.include?(new_resource.user)
     @pg.execute(:command => "CREATE ROLE \"#{new_resource.user}\" LOGIN #{password} #{superuser} #{createdb} #{createrole}")
     new_resource.updated_by_last_action(true)
   else