ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-08-25 07:21:45 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Only revoke grant option if it exists and absence is requested

Browse source
This commit is contained in:
R. Sicart 2022-08-31 10:53:24 +02:00
commit 1321b8c7d4
1 changed files with 3 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
plugins/module_utils/user.py
View file

@ -363,13 +363,12 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
grant_privs = list(set(new_priv[db_table]) - set(curr_priv[db_table]))
revoke_privs = list(set(curr_priv[db_table]) - set(new_priv[db_table]))
# ... but do not revoke GRANT option when it's already allowed
# and already in privs.
# ... but only revoke grant option if it exists and absence is requested
#
# For more details
# https://github.com/ansible-collections/community.mysql/issues/77#issuecomment-1209693807
if 'GRANT' in new_priv[db_table] and 'GRANT' in curr_priv[db_table]:
grant_privs.append('GRANT')
if 'GRANT' in grant_privs:
grant_option = 'GRANT' in revoke_privs and 'GRANT' not in grant_privs
if grant_privs == ['GRANT']:
# USAGE grants no privileges, it is only needed because 'WITH GRANT OPTION' cannot stand alone