From 4d4a5f2a02e0a7ef98db5ac82d49cd0859d75726 Mon Sep 17 00:00:00 2001 From: hubiongithub <79990207+hubiongithub@users.noreply.github.com> Date: Tue, 31 May 2022 17:43:15 +0200 Subject: [PATCH] merge into stable1 (#383) * PR379 merge * Update plugins/modules/mysql_user.py Co-authored-by: Andrew Klychkov Co-authored-by: Andrew Klychkov --- .../fragments/334-mysql_user_fix_logic_on_oncreate.yml | 2 ++ plugins/modules/mysql_user.py | 9 +++++---- 2 files changed, 7 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml new file mode 100644 index 0000000..4ac88a1 --- /dev/null +++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml @@ -0,0 +1,2 @@ +bugfixes: + - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334). The ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments. This PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change" diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index 2fb76fd..1151d92 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -22,7 +22,8 @@ options: required: true password: description: - - Set the user's password. + - Set the user's password. Only for C(mysql_native_password) authentication. + For other authentication plugins see the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). type: str encrypted: description: @@ -94,8 +95,8 @@ options: default: no update_password: description: - - C(always) will update passwords if they differ. - - C(on_create) will only set the password for newly created users. + - C(always) will update passwords if they differ. This affects I(password) and the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). + - C(on_create) will only set the password or the combination of plugin, plugin_hash_string, plugin_auth_string for newly created users. type: str choices: [ always, on_create ] default: always @@ -1263,7 +1264,7 @@ def main(): priv, append_privs, tls_requires, module) else: changed, msg = user_mod(cursor, user, host, host_all, None, encrypted, - plugin, plugin_hash_string, plugin_auth_string, + None, None, None, priv, append_privs, tls_requires, module) except (SQLParseError, InvalidPrivsError, mysql_driver.Error) as e: