postgresql_role: add input validation for commas in search_path

Since we split Postgres' output on commas (specifically, ", "), input values for the search path may not contain this substring. This is legal in Postgres, however, so we need to check for it.
hashicorp · Sep 28, 2019 · 87d8ca6 · 87d8ca6
1 parent 665af96
commit 87d8ca6
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/postgresql/resource_postgresql_role.go b/postgresql/resource_postgresql_role.go
@@ -862,6 +862,9 @@ func alterSearchPath(txn *sql.Tx, d *schema.ResourceData) error {
 	if len(searchPathInterface) > 0 {
 		searchPathString = make([]string, len(searchPathInterface))
 		for i, searchPathPart := range searchPathInterface {
+			if strings.Contains(searchPathPart.(string), ", ") {
+				return fmt.Errorf("search_path cannot contain `, `: %v", searchPathPart)
+			}
 			searchPathString[i] = pq.QuoteIdentifier(searchPathPart.(string))
 		}
 	} else {

diff --git a/website/docs/r/postgresql_role.html.markdown b/website/docs/r/postgresql_role.html.markdown
@@ -87,7 +87,9 @@ resource "postgresql_role" "my_replication_role" {
 
 * `roles` - (Optional) Defines list of roles which will be granted to this new role.
 
-* `search_path` - (Optional) Alters the search path of this new role.
+* `search_path` - (Optional) Alters the search path of this new role. Note that
+  due to limitations in the implementation, values cannot contain the substring
+  `"", ""`.
 
 * `valid_until` - (Optional) Defines the date and time after which the role's
   password is no longer valid.  Established connections past this `valid_time`