ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-08-29 01:11:46 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

mysql_role, mysql_user: when subtract_privileges, don't grant unwanted privileges and don't revoke USAGE implicitly

Browse source
This commit is contained in:
Felix Hamme 2022-04-13 18:14:15 +02:00
commit 52eb368e30
3 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
plugins/module_utils/user.py
View file

@ -560,7 +560,7 @@ def sort_column_order(statement):
return '%s(%s)' % (priv_name, ', '.join(columns))
def privileges_unpack(priv, mode):
def privileges_unpack(priv, mode, ensure_usage=True):
""" Take a privileges string, typically passed as a parameter, and unserialize
it into a dictionary, the same format as privileges_get() above. We have this
custom format to avoid using YAML/JSON strings inside YAML playbooks. Example
@ -606,7 +606,7 @@ def privileges_unpack(priv, mode):
# Handle cases when there's privs like GRANT SELECT (colA, ...) in privs.
output[pieces[0]] = normalize_col_grants(output[pieces[0]])
if '*.*' not in output:
if ensure_usage and '*.*' not in output:
output['*.*'] = ['USAGE']
return output