feat: add SSL options (#22)

* Added SSL options

* Fixed order of attribute initialisation in init

* debug

* Removed commas

* Removed debug print statement

* Updated python versions

Updated python versions

* Update README.md

* Update release.yml

* Create release.yml

---------

Co-authored-by: hsluoyz <hsluoyz@qq.com>

Author: stuartbeattie84

.github/workflows/release.yml

@@ -11,7 +11,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: [ "3.6", "3.7", "3.8", "3.9", "3.10" ]
+        python-version: [ "3.9", "3.10", "3.11" ]
         os: [ ubuntu-latest, macOS-latest, windows-latest]
 
     steps:
@@ -116,7 +116,7 @@ jobs:
       - name: Setup Node.js
         uses: actions/setup-node@v1
         with:
-          node-version: '16'
+          node-version: '18'
 
       - name: Setup
         run: npm install -g semantic-release @semantic-release/github @semantic-release/changelog @semantic-release/commit-analyzer @semantic-release/git @semantic-release/release-notes-generator semantic-release-pypi

README.md

@@ -26,3 +26,20 @@ watcher = PostgresqlWatcher(host=HOST, port=PORT, user=USER, password=PASSWORD,
 watcher.set_update_callback(casbin_enforcer.e.load_policy)
 casbin_enforcer.set_watcher(watcher)
 ```
+
+## Basic Usage Example With SSL Enabled
+
+See [PostgresQL documentation](https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS) for full details of SSL parameters.
+
+### With Flask-authz
+```python
+from flask_authz import CasbinEnforcer
+from postgresql_watcher import PostgresqlWatcher
+from flask import Flask
+from casbin.persist.adapters import FileAdapter
+
+casbin_enforcer = CasbinEnforcer(app, adapter)
+watcher = PostgresqlWatcher(host=HOST, port=PORT, user=USER, password=PASSWORD, dbname=DBNAME, sslmode="verify_full", sslcert=SSLCERT, sslrootcert=SSLROOTCERT, sslkey=SSLKEY)
+watcher.set_update_callback(casbin_enforcer.e.load_policy)
+casbin_enforcer.set_watcher(watcher)
+```

postgresql_watcher/watcher.py

@@ -17,6 +17,10 @@ def casbin_subscription(
     dbname: Optional[str] = "postgres",
     delay: Optional[int] = 2,
     channel_name: Optional[str] = POSTGRESQL_CHANNEL_NAME,
+    sslmode: Optional[str] = None,
+    sslrootcert: Optional[str] = None,
+    sslcert: Optional[str] = None,
+    sslkey: Optional[str] = None
 ):
     # delay connecting to postgresql (postgresql connection failure)
     time.sleep(delay)
@@ -25,7 +29,11 @@ def casbin_subscription(
         port=port,
         user=user,
         password=password,
-        dbname=dbname
+        dbname=dbname,
+        sslmode=sslmode,
+        sslrootcert=sslrootcert,
+        sslcert=sslcert,
+        sslkey=sslkey
     )
     # Can only receive notifications when not in transaction, set this for easier usage
     conn.set_isolation_level(extensions.ISOLATION_LEVEL_AUTOCOMMIT)
@@ -52,6 +60,10 @@ def __init__(
         dbname: Optional[str] = "postgres",
         channel_name: Optional[str] = POSTGRESQL_CHANNEL_NAME,
         start_process: Optional[bool] = True,
+        sslmode: Optional[str] = None,
+        sslrootcert: Optional[str] = None,
+        sslcert: Optional[str] = None,
+        sslkey: Optional[str] = None
     ):
         self.update_callback = None
         self.parent_conn = None
@@ -61,6 +73,10 @@ def __init__(
         self.password = password
         self.dbname = dbname
         self.channel_name = channel_name
+        self.sslmode = sslmode
+        self.sslrootcert = sslrootcert
+        self.sslcert = sslcert
+        self.sslkey = sslkey
         self.subscribed_process = self.create_subscriber_process(start_process)
 
     def create_subscriber_process(
@@ -82,6 +98,10 @@ def create_subscriber_process(
                 self.dbname,
                 delay,
                 self.channel_name,
+                self.sslmode,
+                self.sslrootcert,
+                self.sslcert,
+                self.sslkey
             ),
             daemon=True,
         )
@@ -100,6 +120,10 @@ def update(self):
             user=self.user,
             password=self.password,
             dbname=self.dbname,
+            sslmode=self.sslmode,
+            sslrootcert=self.sslrootcert,
+            sslcert=self.sslcert,
+            sslkey=self.sslkey
         )
         # Can only receive notifications when not in transaction, set this for easier usage
         conn.set_isolation_level(extensions.ISOLATION_LEVEL_AUTOCOMMIT)