diff --git a/plugins/module_utils/user.py b/plugins/module_utils/user.py index 7a3d223..2aa0c81 100644 --- a/plugins/module_utils/user.py +++ b/plugins/module_utils/user.py @@ -974,12 +974,9 @@ def set_password_expire(cursor, user, host, password_expire, password_expire_int statment = "PASSWORD EXPIRE INTERVAL %d DAY" % (password_expire_interval) elif password_expire.lower() == "now": statment = "PASSWORD EXPIRE" - if host: - params = (user, host) - query = ["ALTER USER %s@%s"] - else: - params = (user,) - query = ["ALTER USER %s"] + + params = (user, host) + query = ["ALTER USER %s@%s"] query.append(statment) query = ' '.join(query) diff --git a/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_channel.yml b/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_channel.yml index f438dbf..ad450f5 100644 --- a/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_channel.yml +++ b/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_channel.yml @@ -35,7 +35,9 @@ - assert: that: - result is changed - - result.queries == ["CHANGE MASTER TO MASTER_HOST='{{ mysql_host }}',MASTER_USER='{{ replication_user }}',MASTER_PASSWORD='********',MASTER_PORT={{ mysql_primary_port }},MASTER_LOG_FILE='{{ mysql_primary_status.File }}',MASTER_LOG_POS={{ mysql_primary_status.Position }} FOR CHANNEL '{{ test_channel }}'"] + - result.queries == result_query + vars: + result_query: ["CHANGE MASTER TO MASTER_HOST='{{ mysql_host }}',MASTER_USER='{{ replication_user }}',MASTER_PASSWORD='********',MASTER_PORT={{ mysql_primary_port }},MASTER_LOG_FILE='{{ mysql_primary_status.File }}',MASTER_LOG_POS={{ mysql_primary_status.Position }} FOR CHANNEL '{{ test_channel }}'"] # Test startreplica mode: - name: Start replica with channel @@ -49,7 +51,10 @@ - assert: that: - result is changed - - result.queries == ["START SLAVE FOR CHANNEL '{{ test_channel }}'"] or result.queries == ["START REPLICA FOR CHANNEL '{{ test_channel }}'"] + - result.queries == result_query or result_query2 + vars: + result_query: ["START SLAVE FOR CHANNEL '{{ test_channel }}'"] + result_query2: ["START REPLICA FOR CHANNEL '{{ test_channel }}'"] # Test getreplica mode: - name: Get standby status with channel @@ -63,26 +68,34 @@ - assert: that: - replica_status.Is_Replica == true - - replica_status.Master_Host == '{{ mysql_host }}' + - replica_status.Master_Host == mysql_host_value - replica_status.Exec_Master_Log_Pos == mysql_primary_status.Position - - replica_status.Master_Port == {{ mysql_primary_port }} + - replica_status.Master_Port == mysql_primary_port_value - replica_status.Last_IO_Errno == 0 - replica_status.Last_IO_Error == '' - - replica_status.Channel_Name == '{{ test_channel }}' + - replica_status.Channel_Name == test_channel_value - replica_status is not changed when: mysql8022_and_higher == false + vars: + mysql_host_value: '{{ mysql_host }}' + mysql_primary_port_value: '{{ mysql_primary_port }}' + test_channel_value: '{{ test_channel }}' - assert: that: - replica_status.Is_Replica == true - - replica_status.Source_Host == '{{ mysql_host }}' + - replica_status.Source_Host == mysql_host_value - replica_status.Exec_Source_Log_Pos == mysql_primary_status.Position - - replica_status.Source_Port == {{ mysql_primary_port }} + - replica_status.Source_Port == mysql_primary_port_value - replica_status.Last_IO_Errno == 0 - replica_status.Last_IO_Error == '' - - replica_status.Channel_Name == '{{ test_channel }}' + - replica_status.Channel_Name == test_channel_value - replica_status is not changed when: mysql8022_and_higher == true + vars: + mysql_host_value: '{{ mysql_host }}' + mysql_primary_port_value: '{{ mysql_primary_port }}' + test_channel_value: '{{ test_channel }}' # Test stopreplica mode: @@ -97,7 +110,10 @@ - assert: that: - result is changed - - result.queries == ["STOP SLAVE FOR CHANNEL '{{ test_channel }}'"] or result.queries == ["STOP REPLICA FOR CHANNEL '{{ test_channel }}'"] + - result.queries == result_query or result.queries == result_query2 + vars: + result_query: ["STOP SLAVE FOR CHANNEL '{{ test_channel }}'"] + result_query2: ["STOP REPLICA FOR CHANNEL '{{ test_channel }}'"] # Test reset - name: Reset replica with channel @@ -111,7 +127,10 @@ - assert: that: - result is changed - - result.queries == ["RESET SLAVE FOR CHANNEL '{{ test_channel }}'"] or result.queries == ["RESET REPLICA FOR CHANNEL '{{ test_channel }}'"] + - result.queries == result_query or result.queries == result_query2 + vars: + result_query: ["RESET SLAVE FOR CHANNEL '{{ test_channel }}'"] + result_query2: ["RESET REPLICA FOR CHANNEL '{{ test_channel }}'"] # Test reset all - name: Reset replica all with channel @@ -125,4 +144,7 @@ - assert: that: - result is changed - - result.queries == ["RESET SLAVE ALL FOR CHANNEL '{{ test_channel }}'"] or result.queries == ["RESET REPLICA ALL FOR CHANNEL '{{ test_channel }}'"] + - result.queries == result_query or result.queries == result_query2 + vars: + result_query: ["RESET SLAVE ALL FOR CHANNEL '{{ test_channel }}'"] + result_query2: ["RESET REPLICA ALL FOR CHANNEL '{{ test_channel }}'"] diff --git a/tests/integration/targets/test_mysql_user/tasks/test_password_expire.yml b/tests/integration/targets/test_mysql_user/tasks/test_password_expire.yml index 63841a4..362aa1e 100644 --- a/tests/integration/targets/test_mysql_user/tasks/test_password_expire.yml +++ b/tests/integration/targets/test_mysql_user/tasks/test_password_expire.yml @@ -2,18 +2,17 @@ # Tests scenarios for password_expire - vars: - mysql_parameters: + mysql_parameters: &mysql_params login_user: "{{ mysql_user }}" login_password: "{{ mysql_password }}" login_host: "{{ mysql_host }}" login_port: "{{ mysql_primary_port }}" - password_expire: "{{ password_expire }}" block: - include_tasks: utils/assert_user_password_expire.yml vars: username: "{{ item.username }}" - host: "%" + host: "{{ item.host | default('localhost')}}" password_expire: "{{ item.password_expire }}" password: "{{ user_password_1 }}" expect_change: "{{ item.expect_change }}" @@ -21,11 +20,12 @@ expected_password_lifetime: "{{ item.expected_password_lifetime }}" password_expire_interval: "{{ item.password_expire_interval | default(omit) }}" expected_password_expired: "{{ item.expected_password_expired }}" - + check_mode: "{{ item.check_mode | default(omit) }}" loop: # all variants set the password when nothing exists # never expires - username: "{{ user_name_1 }}" + host: "%" password_expire: never expect_change: true expected_password_lifetime: "0" @@ -46,6 +46,7 @@ # assert idempotency - username: "{{ user_name_1 }}" + host: "%" password_expire: never expect_change: false expected_password_lifetime: "0" @@ -69,6 +70,7 @@ expected_password_lifetime: "0" expected_password_expired: "N" - username: "{{ user_name_1 }}" + host: "%" password_expire: default expect_change: true expected_password_lifetime: "-1" @@ -82,6 +84,7 @@ # assert password expires now - username: "{{ user_name_1 }}" + host: "%" password_expire: now expect_change: true expected_password_lifetime: "-1" # password lifetime should be the same @@ -94,6 +97,7 @@ # assert idempotency password expires now - username: "{{ user_name_1 }}" + host: "%" password_expire: now expect_change: false expected_password_lifetime: "-1" # password lifetime should be the same @@ -104,6 +108,68 @@ expected_password_lifetime: "100" # password lifetime should be the same expected_password_expired: "Y" + # assert check_mode + - username: "{{ user_name_3 }}" + password_expire: interval + password_expire_interval: 10 + check_mode: true + expect_change: true + expected_password_lifetime: "0" + expected_password_expired: "N" + + - name: password_expire | Set password_expire = interval without password_expire_interval + mysql_user: + <<: *mysql_params + name: '{{ user_name_4 }}' + host: '%' + password: '{{ user_password_4 }}' + password_expire: interval + state: present + register: result + ignore_errors: true + + - name: password_expire | Assert that action fails if 'password_expire_interval' not set + assert: + that: + - result is failed + - "'should be used with' in result.msg" + + - name: password_expire | Set password_expire_interval < 1 + mysql_user: + <<: *mysql_params + name: '{{ user_name_4 }}' + host: '%' + password: '{{ user_password_4 }}' + password_expire: interval + password_expire_interval: -1 + state: present + register: result + ignore_errors: true + + - name: password_expire | Assert that action fails if 'password_expire_interval' is < 1 + assert: + that: + - result is failed + - "'should be positive number' in result.msg" + + - name: password_expire | check mode for user creation + mysql_user: + <<: *mysql_params + name: '{{ user_name_4 }}' + host: '%' + password: '{{ user_password_4 }}' + password_expire: interval + password_expire_interval: 20 + state: present + register: result + check_mode: True + ignore_errors: true + + - name: password_expire | Assert that check mode for user creation + assert: + that: + - result.changed == true + - include_tasks: utils/remove_user.yml vars: user_name: "{{ item.username }}" @@ -111,3 +177,4 @@ - username: "{{ user_name_1 }}" - username: "{{ user_name_2 }}" - username: "{{ user_name_3 }}" + - username: "{{ user_name_4 }}" diff --git a/tests/integration/targets/test_mysql_user/tasks/utils/assert_user_password_expire.yml b/tests/integration/targets/test_mysql_user/tasks/utils/assert_user_password_expire.yml index 29f0b8c..b1d3579 100644 --- a/tests/integration/targets/test_mysql_user/tasks/utils/assert_user_password_expire.yml +++ b/tests/integration/targets/test_mysql_user/tasks/utils/assert_user_password_expire.yml @@ -12,10 +12,13 @@ password_expire: "{{ password_expire }}" password_expire_interval: "{{ password_expire_interval | default(omit) }}" register: result + check_mode: "{{ check_mode | default(false) }}" - name: Utils | Assert user password_expire | Assert a change occurred assert: - that: "result.changed == {{ expect_change }}" + that: result.changed == expect_change_value + vars: + expect_change_value: "{{ expect_change }}" - name: Utils | Assert user password_lifetime | Query user '{{ username }}' command: '{{ mysql_command }} -BNe "SELECT IFNULL(password_lifetime, -1) FROM mysql.user where user=''{{ username }}'' and host=''{{ host }}''"' @@ -27,7 +30,9 @@ - name: Utils | Assert user password_lifetime | Assert password_lifetime is in user stdout assert: that: - - "'{{ expected_password_lifetime }}' in password_lifetime.stdout_lines" + - expected_password_lifetime_value in password_lifetime.stdout_lines + vars: + expected_password_lifetime_value: "{{ expected_password_lifetime }}" when: - db_engine == 'mysql' - db_version is version('5.7.0', '>=') @@ -45,7 +50,9 @@ - name: Utils | Assert user password_lifetime | Assert password_lifetime is in user stdout assert: that: - - "'{{ expected_password_lifetime }}' in password_lifetime.stdout_lines" + - expected_password_lifetime_value in password_lifetime.stdout_lines + vars: + expected_password_lifetime_value: "{{ expected_password_lifetime }}" when: - db_engine == 'mariadb' - db_version is version('10.4.3', '>=') @@ -60,6 +67,8 @@ - name: Utils | Assert user password_expired | Assert password_expired is in user stdout assert: that: - - "'{{ expected_password_expired }}' in password_expired.stdout_lines" + - expected_password_expired_value in password_expired.stdout_lines + vars: + expected_password_expired_value: "{{ expected_password_expired }}" when: (db_engine == 'mysql' and db_version is version('5.7.0', '>=')) or (db_engine == 'mariadb' and db_version is version('10.4.3', '>='))