ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-20 01:11:27 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

initial commit for password_expire support

Browse source
This commit is contained in:
Tomas 2023-11-22 10:32:57 +02:00
parent 8dfab12bae
commit 314ec02955
4 changed files with 123 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

31
plugins/modules/mysql_user.py
View file

@ -155,6 +155,20 @@ options:
- Cannot be used to set global variables, use the M(community.mysql.mysql_variables) module instead.
type: dict
version_added: '3.6.0'
password_expire:
description:
- C(never) password will never expire.
- C(default) password is defined ussing global system varaiable I(default_password_lifetime) setting.
- C(interval) password will expire in days which is defined in I(password_expire_interval)
type: str
choices: [ never, default, interval ]
default: never
password_expire_interval:
description:
- number of days password will expire. Used with I(password_expire)
- if C(password_expire_interval <= 0) password will expire immediately.
type: int
default: None
column_case_sensitive:
description:
@ -415,6 +429,8 @@ def main():
force_context=dict(type='bool', default=False),
session_vars=dict(type='dict'),
column_case_sensitive=dict(type='bool', default=None), # TODO 4.0.0 add default=True
password_expire=dict(type='str', choices=['never', 'default', 'interval'], default=None, no_log=True),
password_expire_interval=dict(type='int', default=None, no_log=True),
)
module = AnsibleModule(
argument_spec=argument_spec,
@ -451,6 +467,8 @@ def main():
resource_limits = module.params["resource_limits"]
session_vars = module.params["session_vars"]
column_case_sensitive = module.params["column_case_sensitive"]
password_expire = module.params["password_expire"]
password_expire_interval = module.params["password_expire_interval"]
if priv and not isinstance(priv, (str, dict)):
module.fail_json(msg="priv parameter must be str or dict but %s was passed" % type(priv))
@ -460,6 +478,10 @@ def main():
if mysql_driver is None:
module.fail_json(msg=mysql_driver_fail_msg)
if password_expire == "interval" and not password_expire_interval:
module.fail_json(msg="password_expire value interval \
should be used with password_expire_interval")
cursor = None
try:
@ -506,12 +528,14 @@ def main():
if update_password == "always":
result = user_mod(cursor, user, host, host_all, password, encrypted,
plugin, plugin_hash_string, plugin_auth_string,
priv, append_privs, subtract_privs, tls_requires, module)
priv, append_privs, subtract_privs, tls_requires, module,
password_expire, password_expire_interval)
else:
result = user_mod(cursor, user, host, host_all, None, encrypted,
None, None, None,
priv, append_privs, subtract_privs, tls_requires, module)
priv, append_privs, subtract_privs, tls_requires, module,
password_expire, password_expire_interval)
changed = result['changed']
msg = result['msg']
password_changed = result['password_changed']
@ -527,7 +551,8 @@ def main():
reuse_existing_password = update_password == 'on_new_username'
result = user_add(cursor, user, host, host_all, password, encrypted,
plugin, plugin_hash_string, plugin_auth_string,
priv, tls_requires, module.check_mode, reuse_existing_password)
priv, tls_requires, module, reuse_existing_password,
password_expire, password_expire_interval)
changed = result['changed']
password_changed = result['password_changed']
if changed: