attempt to use privileges_get

2025-04-06 10:40:36 -07:00 · 2023-09-13 18:01:59 +02:00 · 2023-09-13 18:01:59 +02:00 · 028089da6d
commit 028089da6d
parent 7f2f141275
2 changed files with 18 additions and 12 deletions
--- a/plugins/module_utils/user.py
+++ b/plugins/module_utils/user.py
@ -324,7 +324,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,

        # Handle privileges
        if new_priv is not None:
-            curr_priv = privileges_get(cursor, user, host, maria_role)
+            curr_priv = privileges_get(module, cursor, user, host, maria_role)

            # If the user has privileges on a db.table that doesn't appear at all in
            # the new specification, then revoke all privileges on it.
@ -396,7 +396,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
                        privileges_grant(cursor, user, host, db_table, grant_privs, tls_requires, maria_role)

            # after privilege manipulation, compare privileges from before and now
-            after_priv = privileges_get(cursor, user, host, maria_role)
+            after_priv = privileges_get(module, cursor, user, host, maria_role)
            changed = changed or (curr_priv != after_priv)

        if role:
@ -455,7 +455,7 @@ def user_get_hostnames(cursor, user):
    return hostnames


-def privileges_get(cursor, user, host, maria_role=False):
+def privileges_get(module, cursor, user, host, maria_role=False):
    """ MySQL doesn't have a better method of getting privileges aside from the
    SHOW GRANTS query syntax, which requires us to then parse the returned string.
    Here's an example of the string that is returned from MySQL:
@ -467,9 +467,10 @@ def privileges_get(cursor, user, host, maria_role=False):
    """
    output = {}
    if not maria_role:
-        cursor.execute("SHOW GRANTS FOR %s@%s", (user, host))
+        query = "SHOW GRANTS FOR '%s'@'%s'" % (user, host)
    else:
-        cursor.execute("SHOW GRANTS FOR %s", (user,))
+        query = "SHOW GRANTS FOR '%s'" % user
+    cursor.execute(query)
    grants = cursor.fetchall()

    def pick(x):
--- a/plugins/modules/mysql_info.py
+++ b/plugins/modules/mysql_info.py
@ -249,7 +249,7 @@ from ansible_collections.community.mysql.plugins.module_utils.mysql import (
    get_server_version,
 )
 from ansible_collections.community.mysql.plugins.module_utils.user import (
-    get_grants,
+    privileges_get,
 )
 from ansible.module_utils.six import iteritems
 from ansible.module_utils._text import to_native
@ -510,15 +510,20 @@ class MySQL_Info(object):
            h = line['Host']
            key = u + '_' + h

-            privs = get_grants(self.module, self.cursor, u, h)
+            user_priv = privileges_get(self.module, self.cursor, u, h)

-            if not privs:
-                self.module.warn(
-                    'Fail to get privileges for user %s on host %s.' % (u, h))
-                privs = {}
+            if not user_priv:
+                self.module.warn("No privileges found for %s on host %s" % (u, h))
+                continue
+
+
+            # if not privs:
+                # self.module.warn(
+                #     'Fail to get privileges for user %s on host %s.' % (u, h))
+                # privs = {}

            self.info['users_privs'][key] = {
-                'user': u, 'host': h, 'privs': privs}
+                'user': u, 'host': h, 'privs': user_priv}

    def __get_databases(self, exclude_fields, return_empty_dbs):
        """Get info about databases."""