mirror of
				https://github.com/ansible-collections/community.mysql.git
				synced 2025-10-25 13:34:03 -07:00 
			
		
		
		
	Fix role integration tests for mariadb (#291)
* Fix: test_mysql_role : Check that the user have no active roles assertion * Fix: test_mysql_role : Check in DB assertion * Fix: test_mysql_role : Check in DB, if not granted, the query will fail for mariadb * Fix: test_mysql_role : Check that the role is active assertion * test_mysql_role : create checks for mariadb * Make 'when' conditions uniform * Fix: test_mysql_role : admin option tests * test_mysql_role : create checks for mariadb * Fix: add fixme on test which create role in check mode 'again' It changes only on mariadb 10.2 (doesn't change on mysql 8 or mariadb 10.5) * Fix: add fixme on test which create role 'again' * Simplify test without checking Host part * Fix 'show grant' checks for mariadb * Enable mariadb tests for test_mysql_role target * Add tests to verify role grants for roles * Add FIXME comments for tests which do not pass on mariadb 10.2 * Fix FIXME tests related to mariadb 10.2 * Exclude mysqlclient==2.0.1 with mariadb from integration tests
This commit is contained in:
		
					parent
					
						
							
								c273ee36a7
							
						
					
				
			
			
				commit
				
					
						82cedf8510
					
				
			
		
					 2 changed files with 432 additions and 37 deletions
				
			
		
							
								
								
									
										4
									
								
								.github/workflows/ansible-test-plugins.yml
									
										
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.github/workflows/ansible-test-plugins.yml
									
										
									
									
										vendored
									
									
								
							|  | @ -78,6 +78,10 @@ jobs: | |||
|             connector: pymysql==0.7.10 | ||||
|           - db_engine_version: mariadb_10.5.9 | ||||
|             connector: pymysql==0.7.10 | ||||
|           - db_engine_version: mariadb_10.3.34 | ||||
|             connector: mysqlclient==2.0.1 | ||||
|           - db_engine_version: mariadb_10.5.9 | ||||
|             connector: mysqlclient==2.0.1 | ||||
|           - python: 3.8 | ||||
|             ansible: stable-2.9 | ||||
|           - python: 3.8 | ||||
|  |  | |||
|  | @ -32,10 +32,9 @@ | |||
|     when: | ||||
|     - srv['version']['major'] < 8 | ||||
| 
 | ||||
|   # FIXME: tests should pass for both mysql >= 8 and mariadb | ||||
|   # Skip unsupported versions | ||||
|   - meta: end_play | ||||
|     when: srv['version']['major'] < 8 or install_type == 'mariadb' | ||||
|     when: srv['version']['major'] < 8 | ||||
| 
 | ||||
|   ######### | ||||
|   # Prepare | ||||
|  | @ -92,7 +91,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -106,11 +105,26 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #===================== | ||||
| 
 | ||||
|  | @ -121,7 +135,7 @@ | |||
|       login_password: '{{ mysql_password }}' | ||||
|       login_host: 127.0.0.1 | ||||
|       login_port: '{{ mysql_primary_port }}' | ||||
|       query: 'SELECT current_role()' | ||||
|       query: 'SELECT COALESCE(current_role(), "NONE") as "current_role()"' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -146,7 +160,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -158,11 +172,26 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check that the role is active | ||||
|     <<: *task_params | ||||
|  | @ -172,11 +201,31 @@ | |||
|       login_host: 127.0.0.1 | ||||
|       login_port: '{{ mysql_primary_port }}' | ||||
|       query: 'SELECT current_role()' | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0["current_role()"] == "`{{ role0 }}`@`%`" | ||||
|       - "'{{ role0 }}' in result.query_result.0.0['current_role()']" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check that the role is active (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       login_user: '{{ user0 }}' | ||||
|       login_password: '{{ mysql_password }}' | ||||
|       login_host: 127.0.0.1 | ||||
|       login_port: '{{ mysql_primary_port }}' | ||||
|       query: | ||||
|         - 'SET ROLE {{ role0 }}' | ||||
|         - 'SELECT current_role()' | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - "'{{ role0 }}' in result.query_result.1.0['current_role()']" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #======================== | ||||
| 
 | ||||
|  | @ -197,7 +246,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -209,11 +258,26 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #======================== | ||||
| 
 | ||||
|  | @ -233,7 +297,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -259,7 +323,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -272,11 +336,27 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   # Must pass because of check_mode | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #======================== | ||||
| 
 | ||||
|  | @ -296,7 +376,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -309,11 +389,27 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #======================== | ||||
| 
 | ||||
|  | @ -366,7 +462,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -396,7 +492,7 @@ | |||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}'" | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|  | @ -477,11 +573,27 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   # user0 is still a member because of check_mode | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   # user1, user2, and role1 are not members because of check_mode | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|  | @ -490,11 +602,26 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user1 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user1 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|  | @ -502,11 +629,26 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user2 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user2 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|  | @ -514,11 +656,27 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ role1 }} USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ role1 }}' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #======================== | ||||
| 
 | ||||
|   - name: Rewrite members | ||||
|  | @ -544,33 +702,79 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   # user0 is not a member any more | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - "'{{ role0 }}' not in result.query_result.0.0['Grants for user0@localhost']" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user1 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user1 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user2 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user2 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|  | @ -578,11 +782,27 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ role1 }} USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ role1 }}' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
| 
 | ||||
|   #========================== | ||||
| 
 | ||||
|  | @ -646,12 +866,26 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
|   #===================== | ||||
| 
 | ||||
|   - name: Append a member | ||||
|  | @ -674,11 +908,26 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   # user1 and user2 must still be in DB because we are appending | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|  | @ -686,22 +935,52 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user1 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user1 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user2 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user2 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #======================== | ||||
| 
 | ||||
|  | @ -763,33 +1042,78 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user1 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user1 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user2 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user2 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #======================== | ||||
| 
 | ||||
|  | @ -814,11 +1138,26 @@ | |||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user0 }}@localhost USING '{{ role0 }}'" | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is succeeded | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user0 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|  | @ -826,11 +1165,26 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user1 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user1 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB, if not granted, the query will fail | ||||
|     <<: *task_params | ||||
|  | @ -838,11 +1192,26 @@ | |||
|       <<: *mysql_params | ||||
|       query: "SHOW GRANTS FOR {{ user2 }}@localhost USING '{{ role0 }}'" | ||||
|     ignore_errors: yes | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check in DB (mariadb) | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT count(User) as user_roles FROM mysql.roles_mapping WHERE User = '{{ user2 }}' AND Host = 'localhost' AND Role = '{{ role0 }}'" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0['user_roles'] == 0 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   #===================== | ||||
| 
 | ||||
|  | @ -914,6 +1283,15 @@ | |||
|       - result.query_result.0.0["Grants for role0@%"] == "GRANT SELECT, INSERT ON *.* TO `role0`@`%`" | ||||
|       - result.query_result.0.1["Grants for role0@%"] == "GRANT UPDATE ON `mysql`.* TO `role0`@`%`" | ||||
|       - result.rowcount.0 == 2 | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0["Grants for role0"] == "GRANT SELECT, INSERT ON *.* TO `role0`" | ||||
|       - result.query_result.0.1["Grants for role0"] == "GRANT UPDATE ON `mysql`.* TO `role0`" | ||||
|       - result.rowcount.0 == 2 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Append privs in check_mode | ||||
|     <<: *task_params | ||||
|  | @ -942,6 +1320,15 @@ | |||
|       - result.query_result.0.0["Grants for role0@%"] == "GRANT SELECT, INSERT ON *.* TO `role0`@`%`" | ||||
|       - result.query_result.0.1["Grants for role0@%"] == "GRANT UPDATE ON `mysql`.* TO `role0`@`%`" | ||||
|       - result.rowcount.0 == 2 | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0["Grants for role0"] == "GRANT SELECT, INSERT ON *.* TO `role0`" | ||||
|       - result.query_result.0.1["Grants for role0"] == "GRANT UPDATE ON `mysql`.* TO `role0`" | ||||
|       - result.rowcount.0 == 2 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Append privs | ||||
|     <<: *task_params | ||||
|  | @ -971,6 +1358,17 @@ | |||
|       - result.query_result.0.2["Grants for role0@%"] == "GRANT SELECT, INSERT ON `test_db1`.`test_table` TO `role0`@`%`" | ||||
|       - result.query_result.0.3["Grants for role0@%"] == "GRANT DELETE ON `test_db2`.`test_table` TO `role0`@`%`" | ||||
|       - result.rowcount.0 == 4 | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0["Grants for role0"] == "GRANT SELECT, INSERT ON *.* TO `role0`" | ||||
|       - result.query_result.0.1["Grants for role0"] == "GRANT UPDATE ON `mysql`.* TO `role0`" | ||||
|       - result.query_result.0.2["Grants for role0"] == "GRANT SELECT, INSERT ON `test_db1`.`test_table` TO `role0`" | ||||
|       - result.query_result.0.3["Grants for role0"] == "GRANT DELETE ON `test_db2`.`test_table` TO `role0`" | ||||
|       - result.rowcount.0 == 4 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Append privs again in check_mode | ||||
|     <<: *task_params | ||||
|  | @ -1038,6 +1436,14 @@ | |||
|       that: | ||||
|       - result.query_result.0.0["Grants for role0@%"] == "GRANT SELECT ON *.* TO `role0`@`%`" | ||||
|       - result.rowcount.0 == 1 | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check (mariadb) | ||||
|     assert: | ||||
|       that: | ||||
|       - result.query_result.0.0["Grants for role0"] == "GRANT SELECT ON *.* TO `role0`" | ||||
|       - result.rowcount.0 == 1 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   # ################# | ||||
|   # Test admin option | ||||
|  | @ -1056,7 +1462,7 @@ | |||
|       <<: *mysql_params | ||||
|       name: '{{ role0 }}' | ||||
|       state: present | ||||
|       admin: '{{ user0 }}' | ||||
|       admin: '{{ user0 }}@localhost' | ||||
|     ignore_errors: yes | ||||
| 
 | ||||
|   - name: Check with MySQL | ||||
|  | @ -1064,34 +1470,26 @@ | |||
|       that: | ||||
|       - result is failed | ||||
|       - result.msg is search('option can be used only with MariaDB') | ||||
|     when: | ||||
|     # Semantically, when there's MySQL | ||||
|     - srv['version']['major'] < 10 | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check with MariaDB | ||||
|     assert: | ||||
|       that: | ||||
|       - result is changed | ||||
|     when: | ||||
|     # Semantically, when there's MariaDB | ||||
|     - srv['version']['major'] >= 10 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check in DB | ||||
|     <<: *task_params | ||||
|     mysql_query: | ||||
|       <<: *mysql_params | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = '%'" | ||||
|     when: | ||||
|     # Semantically, when there's MariaDB | ||||
|     - srv['version']['major'] >= 10 | ||||
|       query: "SELECT 1 FROM mysql.user WHERE User = '{{ role0 }}' AND Host = ''" | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result.rowcount.0 == 1 | ||||
|     when: | ||||
|     # Semantically, when there's MariaDB | ||||
|     - srv['version']['major'] >= 10 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   - name: Create role with admin again | ||||
|     <<: *task_params | ||||
|  | @ -1099,7 +1497,7 @@ | |||
|       <<: *mysql_params | ||||
|       name: '{{ role0 }}' | ||||
|       state: present | ||||
|       admin: '{{ user0 }}' | ||||
|       admin: '{{ user0 }}@localhost' | ||||
|     ignore_errors: yes | ||||
| 
 | ||||
|   - name: Check with MySQL | ||||
|  | @ -1107,17 +1505,13 @@ | |||
|       that: | ||||
|       - result is failed | ||||
|       - result.msg is search('option can be used only with MariaDB') | ||||
|     when: | ||||
|     # Semantically, when there's MySQL | ||||
|     - srv['version']['major'] < 10 | ||||
|     when: install_type == 'mysql' | ||||
| 
 | ||||
|   - name: Check with MariaDB | ||||
|     assert: | ||||
|       that: | ||||
|       - result is not changed | ||||
|     # Semantically, when there's MariaDB | ||||
|     when: | ||||
|     - srv['version']['major'] >= 10 | ||||
|     when: install_type == 'mariadb' | ||||
| 
 | ||||
|   # Try to grant a role to a user who does not exist | ||||
|   - name: Create role with admin again | ||||
|  | @ -1130,14 +1524,11 @@ | |||
|       - '{{ nonexistent }}@localhost' | ||||
|     ignore_errors: yes | ||||
| 
 | ||||
|   - name: Check with MySQL | ||||
|   - name: Check | ||||
|     assert: | ||||
|       that: | ||||
|       - result is failed | ||||
|       - result.msg is search('does not exist') | ||||
|     when: | ||||
|     # Semantically, when there's MySQL | ||||
|     - srv['version']['major'] < 10 | ||||
| 
 | ||||
|   always: | ||||
|   # Clean up | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue