Initial user locking integration tests

Signed-off-by: E.S. Rosenberg a.k.a. Keeper of the Keys <es.rosenberg+github@gmail.com>
2025-04-05 02:00:31 -07:00 · 2025-03-05 14:57:11 +02:00 · 2025-03-05 14:57:11 +02:00 · 0f590dc48e
commit 0f590dc48e
parent 583407fbe2
2 changed files with 144 additions and 0 deletions
--- a/tests/integration/targets/test_mysql_user/tasks/main.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/main.yml
@ -305,3 +305,7 @@
    - name: Mysql_user - test update_password
      ansible.builtin.import_tasks:
        file: test_update_password.yml
+
+    - name: Mysql_user - test user_locking
+      ansible.builtin.import_tasks:
+        file: test_user_locking.yml
--- a/tests/integration/targets/test_mysql_user/tasks/test_user_locking.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_user_locking.yml
@ -0,0 +1,140 @@
+---
+
+- vars:
+    mysql_parameters: &mysql_params
+      login_user: '{{ mysql_user }}'
+      login_password: '{{ mysql_password }}'
+      login_host: '{{ mysql_host }}'
+      login_port: '{{ mysql_primary_port }}'
+
+  block:
+
+    # ========================= Prepare =======================================
+    - name: Mysql_user Lock user | Create a test database
+      community.mysql.mysql_db:
+        <<: *mysql_params
+        name: mysql_lock_user_test
+        state: present
+
+    # ========================== Tests ========================================
+
+    - name: Mysql_user Lock user | Create test user locked
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        password: 'msandbox'
+        locked: yes
+        priv:
+          'mysql_lock_user_test.*': 'SELECT'
+
+    - name: Mysql_user Lock user | Assert that test user is locked
+      community.mysql.mysql_query:
+        <<: *mysql_params
+        query:
+          - SHOW CREATE USER 'mysql_locked_user'@'%'
+      register: locked_user_creation
+      failed_when:
+        - locked_user_creation.query_result[0][0] is not search('ACCOUNT LOCK')
+
+    - name: Mysql_user Lock user | Unlock test user
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        locked: no
+        priv:
+          'mysql_lock_user_test.*': 'SELECT'
+
+    - name: Mysql_user Lock user | Assert that test user is not locked
+      community.mysql.mysql_query:
+        <<: *mysql_params
+        query:
+          - SHOW CREATE USER 'mysql_locked_user'@'%'
+      register: locked_user_creation
+      failed_when:
+        - locked_user_creation.query_result[0][0] is search('ACCOUNT LOCK')
+
+    - name: Mysql_user Lock user | Remove test user
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        state: absent
+        
+    - name: Mysql_user Lock user | Create test user unlocked
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        password: 'msandbox'
+        locked: no
+        priv:
+          'mysql_lock_user_test.*': 'SELECT'
+
+    - name: Mysql_user Lock user | Assert that test user is not locked
+      community.mysql.mysql_query:
+        <<: *mysql_params
+        query:
+          - SHOW CREATE USER 'mysql_locked_user'@'%'
+      register: locked_user_creation
+      failed_when:
+        - locked_user_creation.query_result[0][0] is search('ACCOUNT LOCK')
+
+    - name: Mysql_user Lock user | Lock test user
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        locked: yes
+        priv:
+          'mysql_lock_user_test.*': 'SELECT'
+
+    - name: Mysql_user Lock user | Assert that test user is locked
+      community.mysql.mysql_query:
+        <<: *mysql_params
+        query:
+          - SHOW CREATE USER 'mysql_locked_user'@'%'
+      register: locked_user_creation
+      failed_when:
+        - locked_user_creation.query_result[0][0] is search('ACCOUNT LOCK')
+
+    - name: Mysql_user Lock user | Remove test user
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        state: absent
+
+    - name: Mysql_user Lock user | Create test user default lock action
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        password: 'msandbox'
+        priv:
+          'mysql_lock_user_test.*': 'SELECT'
+
+    - name: Mysql_user Lock user | Assert that test user is not locked
+      community.mysql.mysql_query:
+        <<: *mysql_params
+        query:
+          - SHOW CREATE USER 'mysql_locked_user'@'%'
+      register: locked_user_creation
+      failed_when:
+        - locked_user_creation.query_result[0][0] is search('ACCOUNT LOCK')
+
+    - name: Mysql_user Lock user | Remove test user
+      community.mysql.mysql_user:
+        <<: *mysql_params
+        name: mysql_locked_user
+        host: '%'
+        state: absent
+
+    # ========================= Teardown ======================================
+
+    - name: Mysql_user Lock user | Delete test database
+      community.mysql.mysql_db:
+        <<: *mysql_params
+        name: mysql_lock_user_test
+        state: absent