ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-06 10:40:36 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

add option to not summarize all privileges

Browse source 
We summarize ALL for mysql_info, but mysql_user needs to compare
actual privileges with the ones provided by ansible.
This commit is contained in:
Laurent Indermuehle 2023-10-11 11:14:54 +02:00
parent 7036490e7e
commit 34505c9b4f
No known key found for this signature in database
GPG key ID: 93FA944C9F34DD09
2 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
plugins/module_utils/user.py
View file

@ -331,7 +331,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
# Handle privileges # Handle privileges
if new_priv is not None: if new_priv is not None:
curr_priv = privileges_get(module, cursor, user, host, maria_role) curr_priv = privileges_get(module, cursor, user, host, maria_role, summarize_all=False)
# If the user has privileges on a db.table that doesn't appear at all in # If the user has privileges on a db.table that doesn't appear at all in
# the new specification, then revoke all privileges on it. # the new specification, then revoke all privileges on it.
@ -403,7 +403,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
privileges_grant(cursor, user, host, db_table, grant_privs, tls_requires, maria_role) privileges_grant(cursor, user, host, db_table, grant_privs, tls_requires, maria_role)
# after privilege manipulation, compare privileges from before and now # after privilege manipulation, compare privileges from before and now
after_priv = privileges_get(module, cursor, user, host, maria_role) after_priv = privileges_get(module, cursor, user, host, maria_role, summarize_all=False)
changed = changed or (curr_priv != after_priv) changed = changed or (curr_priv != after_priv)
if role: if role:
@ -462,7 +462,7 @@ def user_get_hostnames(cursor, user):
return hostnames return hostnames
def privileges_get(module, cursor, user, host, maria_role=False): def privileges_get(module, cursor, user, host, maria_role=False, summarize_all=False):
""" MySQL doesn't have a better method of getting privileges aside from the """ MySQL doesn't have a better method of getting privileges aside from the
SHOW GRANTS query syntax, which requires us to then parse the returned string. SHOW GRANTS query syntax, which requires us to then parse the returned string.
Here's an example of the string that is returned from MySQL: Here's an example of the string that is returned from MySQL:
@ -545,7 +545,7 @@ def privileges_get(module, cursor, user, host, maria_role=False):
db = res.group(2) db = res.group(2)
if sorted(privileges) in sorted(mysql8_all_privileges.values()): if summarize_all and sorted(privileges) in sorted(mysql8_all_privileges.values()):
privileges = ['ALL'] privileges = ['ALL']
if not maria_role: if not maria_role:

2
plugins/modules/mysql_info.py
View file

@ -566,7 +566,7 @@ class MySQL_Info(object):
user = line['User'] user = line['User']
host = line['Host'] host = line['Host']
user_priv = privileges_get(self.module, self.cursor, user, host) user_priv = privileges_get(self.module, self.cursor, user, host, maria_role=False, summarize_all=True)
if not user_priv: if not user_priv:
self.module.warn("No privileges found for %s on host %s" % (user, host)) self.module.warn("No privileges found for %s on host %s" % (user, host))