mirror of
https://github.com/ansible-collections/community.mysql.git
synced 2025-07-10 07:10:03 -07:00
Fix user module for default roles (#718)
Some checks failed
Plugins CI / Sanity (Ⓐdevel) (push) Has been cancelled
Plugins CI / Sanity (Ⓐstable-2.16) (push) Has been cancelled
Plugins CI / Sanity (Ⓐstable-2.17) (push) Has been cancelled
Plugins CI / Sanity (Ⓐstable-2.18) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 10.11.8, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 10.11.8, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 10.11.8, connector: pymysql 0.10.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 10.11.8, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 10.11.8, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Units (Ⓐdevel, Python3.10) (push) Has been cancelled
Plugins CI / Units (Ⓐdevel, Python3.11) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.16, Python3.9) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.17, Python3.10) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.17, Python3.11) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.10) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.11) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.8) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.9) (push) Has been cancelled
Some checks failed
Plugins CI / Sanity (Ⓐdevel) (push) Has been cancelled
Plugins CI / Sanity (Ⓐstable-2.16) (push) Has been cancelled
Plugins CI / Sanity (Ⓐstable-2.17) (push) Has been cancelled
Plugins CI / Sanity (Ⓐstable-2.18) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐdevel, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 10.11.8, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 10.11.8, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 10.11.8, connector: pymysql 0.10.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.0.38, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.16, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.17, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: mysqlclient 2.0.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 10.11.8, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: mysqlclient 2.0.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 10.11.8, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.4.1, connector: mysqlclient 2.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: pymysql 0.9.3) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.0.38, connector: pymysql 1.0.2) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mariadb 11.4.5, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Integration (Ⓐstable-2.18, DB: mysql 8.4.1, connector: pymysql 1.1.1) (push) Has been cancelled
Plugins CI / Units (Ⓐdevel, Python3.10) (push) Has been cancelled
Plugins CI / Units (Ⓐdevel, Python3.11) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.16, Python3.9) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.17, Python3.10) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.17, Python3.11) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.10) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.11) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.8) (push) Has been cancelled
Plugins CI / Units (Ⓐstable-2.18, Python3.9) (push) Has been cancelled
* mysql_user: fix crash when default role is set * tests: add DEFAULT role to user to force the module to fail * Add changelog fragment --------- Co-authored-by: “tkr” <“tim.kruth@wiit.cloud”>
This commit is contained in:
parent
67f1460070
commit
6f0c0be929
4 changed files with 59 additions and 2 deletions
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
bugfixes:
|
||||
- "mysql_user - fix a crash (unable to parse the MySQL grant string: SET DEFAULT ROLE `somerole` FOR `someuser`@`%`) when using the ``mysql_user`` module with a DEFAULT role present in MariaDB. The DEFAULT role is now ignored by the parser (https://github.com/ansible-collections/community.mysql/issues/710)."
|
|
@ -665,12 +665,19 @@ def privileges_get(cursor, user, host, maria_role=False):
|
|||
res = re.match("""GRANT (.+) ON (.+) TO .*""", grant[0])
|
||||
|
||||
if res is None:
|
||||
# If a user has roles assigned, we'll have one of priv tuples looking like
|
||||
# If a user has roles or a default role assigned,
|
||||
# we'll have some of the priv tuples looking either like
|
||||
# GRANT `admin`@`%` TO `user1`@`localhost`
|
||||
# or
|
||||
# SET DEFAULT ROLE `admin`@`%` FOR `user1`@`localhost`
|
||||
# which will result None as res value.
|
||||
# As we use the mysql_role module to manipulate roles
|
||||
# we just ignore such privs below:
|
||||
res = re.match("""GRANT (.+) TO (['`"]).*""", grant[0])
|
||||
res = re.match(
|
||||
"""GRANT (.+) TO (['`"]).*|SET DEFAULT ROLE (.+) FOR (['`"]).*""",
|
||||
grant[0]
|
||||
)
|
||||
|
||||
if not maria_role and res:
|
||||
continue
|
||||
|
||||
|
|
|
@ -0,0 +1,43 @@
|
|||
---
|
||||
- vars:
|
||||
mysql_parameters: &mysql_params
|
||||
login_user: '{{ mysql_user }}'
|
||||
login_password: '{{ mysql_password }}'
|
||||
login_host: '{{ mysql_host }}'
|
||||
login_port: '{{ mysql_primary_port }}'
|
||||
|
||||
block:
|
||||
- name: Issue-710 | Create user with DEFAULT privileges
|
||||
community.mysql.mysql_user:
|
||||
<<: *mysql_params
|
||||
name: "{{ user_name_1 }}"
|
||||
password: "{{ user_password_1 }}"
|
||||
state: present
|
||||
|
||||
- name: Issue-710 | Create role to use as default
|
||||
community.mysql.mysql_role:
|
||||
<<: *mysql_params
|
||||
name: developers
|
||||
state: present
|
||||
priv: '*.*:ALL'
|
||||
members:
|
||||
- "{{ user_name_1 }}@localhost"
|
||||
|
||||
- name: Issue-710 | Set default role for db_user1
|
||||
community.mysql.mysql_query:
|
||||
<<: *mysql_params
|
||||
query: >-
|
||||
SET DEFAULT ROLE developers {{ (db_engine == 'mysql') | ternary('TO', 'FOR') }} {{ user_name_1 }}@localhost
|
||||
|
||||
- name: Issue-710 | Ensure db_user1 can still be altered
|
||||
community.mysql.mysql_user:
|
||||
<<: *mysql_params
|
||||
name: "{{ user_name_1 }}"
|
||||
password: "{{ user_password_1 }}"
|
||||
priv: '*.*:ALL'
|
||||
state: present
|
||||
|
||||
- name: Issue-710 | Ensure mysql_info can still be executed
|
||||
community.mysql.mysql_info:
|
||||
<<: *mysql_params
|
||||
filter: users_info
|
|
@ -309,3 +309,7 @@
|
|||
- name: Mysql_user - test user_locking
|
||||
ansible.builtin.import_tasks:
|
||||
file: test_user_locking.yml
|
||||
|
||||
# Test that mysql_user still works with default role set
|
||||
# (https://github.com/ansible-collections/community.mysql/issues/710)
|
||||
- include_tasks: issue-710.yml
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue