add pg_ownership fix

src/main/python/ddadevops/aws_rds_pg_mixin.py

@@ -59,23 +59,59 @@ class AwsRdsPgMixin(DevopsBuild):
                                 "GRANT " + group_role + " TO " + new_user_name + ";")
         print("created user:", new_user_name)
 
-    def deactivate_user(self, gopass_path_superuser, to_remove_user_name):
+    def deactivate_user(self, gopass_path_superuser, to_deactivate_user_name):
         superuser_name = gopass_field_from_path(gopass_path_superuser, 'user')
         superuser_password = gopass_password_from_path(gopass_path_superuser)
 
         owned_by_wrong_user = self.execute_pg_rds_sql(superuser_name, superuser_password,
                                                       "SELECT count(*) FROM pg_class c, pg_user u WHERE c.relowner = u.usesysid " +
-                                                      "and u.usename='" + to_remove_user_name + "';")
+                                                      "and u.usename='" + to_deactivate_user_name + "';")
+        
         if int(owned_by_wrong_user) > 0:
+            owned_objects = self.execute_pg_rds_sql(superuser_name, superuser_password,
+                                                "SELECT c.relname FROM pg_class c, pg_user u WHERE c.relowner = u.usesysid " +
+                                                "and u.usename='" + to_deactivate_user_name + "';")
             raise AssertionError(
-                "There are still objects owned by the user to be deleted.")
+                "There are still objects owned by the user to be deactivated:", owned_objects,to_deactivate_user_name)
 
         connections = self.execute_pg_rds_sql(superuser_name, superuser_password,
                                               "SELECT count(*) FROM pg_stat_activity WHERE application_name = " +
-                                              "'PostgreSQL JDBC Driver' AND usename = '" + to_remove_user_name + "';")
+                                              "'PostgreSQL JDBC Driver' AND usename = '" + to_deactivate_user_name + "';")
         if int(connections) > 0:
             raise AssertionError("User is still connected.")
 
         self.execute_pg_rds_sql(superuser_name, superuser_password,
-                                "ALTER ROLE " + to_remove_user_name + " WITH NOLOGIN NOCREATEROLE;")
+                                "ALTER ROLE " + to_deactivate_user_name + " WITH NOLOGIN NOCREATEROLE;")
-        print('deactivated user:', to_remove_user_name)
+        print('deactivated user:', to_deactivate_user_name)
+
+    def change_owned_objects(self, gopass_path_superuser, to_deactivate_user_name, owner):
+        superuser_name = gopass_field_from_path(gopass_path_superuser, 'user')
+        superuser_password = gopass_password_from_path(gopass_path_superuser)
+
+        alter_objects = f"""SELECT 'ALTER TABLE ' || c.relname || ' OWNER TO {owner};'
+            FROM pg_class c, pg_user u
+            WHERE c.relowner = u.usesysid 
+            and c.relkind = 'r'
+            and u.usename='{to_deactivate_user_name}'
+            UNION
+            SELECT 'ALTER INDEX ' || c.relname || ' OWNER TO {owner};'
+            FROM pg_class c, pg_user u
+            WHERE c.relowner = u.usesysid 
+            and c.relkind = 'i'
+            and c.relname not like 'pg_toast%'
+            and u.usename='{to_deactivate_user_name}'
+            UNION
+            SELECT 'ALTER SEQUENCE ' || c.relname || ' OWNER TO {owner};'
+            FROM pg_class c, pg_user u
+            WHERE c.relowner = u.usesysid 
+            and c.relkind = 'S'
+            and u.usename='{to_deactivate_user_name}';"""
+
+        alter_stmt = self.execute_pg_rds_sql(superuser_name, superuser_password, alter_objects)
+        alter_stmt.strip()
+
+        if (alter_stmt != ''):
+            print('apply alter statements? \n', alter_stmt)
+            proceed = input('\n[y/n] \n')
+            if(proceed == 'y'):
+                self.execute_pg_rds_sql(superuser_name, superuser_password, alter_stmt)