ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-21 18:01:28 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge branch 'main' into lie_fix_plugin_hash_string_return

Browse source
This commit is contained in:
Laurent Indermuehle 2024-04-24 16:19:06 +02:00
commit 9b2624c942
No known key found for this signature in database
GPG key ID: 93FA944C9F34DD09
9 changed files with 210 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

43
plugins/module_utils/user.py
View file

@ -17,6 +17,7 @@ from ansible.module_utils.six import iteritems
from ansible_collections.community.mysql.plugins.module_utils.mysql import (
mysql_driver,
get_server_implementation,
)
@ -80,31 +81,6 @@ def do_not_mogrify_requires(query, params, tls_requires):
return query, params
def get_tls_requires(cursor, user, host):
if user:
if not impl.use_old_user_mgmt(cursor):
query = "SHOW CREATE USER '%s'@'%s'" % (user, host)
else:
query = "SHOW GRANTS for '%s'@'%s'" % (user, host)
cursor.execute(query)
require_list = [tuple[0] for tuple in filter(lambda x: "REQUIRE" in x[0], cursor.fetchall())]
require_line = require_list[0] if require_list else ""
pattern = r"(?<=\bREQUIRE\b)(.*?)(?=(?:\bPASSWORD\b|$))"
requires_match = re.search(pattern, require_line)
requires = requires_match.group().strip() if requires_match else ""
if any((requires.startswith(req) for req in ('SSL', 'X509', 'NONE'))):
requires = requires.split()[0]
if requires == 'NONE':
requires = None
else:
import shlex
items = iter(shlex.split(requires))
requires = dict(zip(items, items))
return requires or None
def get_grants(cursor, user, host):
cursor.execute("SHOW GRANTS FOR %s@%s", (user, host))
grants_line = list(filter(lambda x: "ON *.*" in x[0], cursor.fetchall()))[0]
@ -166,6 +142,7 @@ def user_add(cursor, user, host, host_all, password, encrypted,
return {'changed': True, 'password_changed': None, 'attributes': attributes}
# Determine what user management method server uses
impl = get_user_implementation(cursor)
old_user_mgmt = impl.use_old_user_mgmt(cursor)
mogrify = do_not_mogrify_requires if old_user_mgmt else mogrify_requires
@ -244,6 +221,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
grant_option = False
# Determine what user management method server uses
impl = get_user_implementation(cursor)
old_user_mgmt = impl.use_old_user_mgmt(cursor)
if host_all and not role:
@ -499,7 +477,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
continue
# Handle TLS requirements
current_requires = get_tls_requires(cursor, user, host)
current_requires = sanitize_requires(impl.get_tls_requires(cursor, user, host))
if current_requires != tls_requires:
msg = "TLS requires updated"
if not module.check_mode:
@ -837,6 +815,7 @@ def privileges_grant(cursor, user, host, db_table, priv, tls_requires, maria_rol
query.append("TO %s")
params = (user)
impl = get_user_implementation(cursor)
if tls_requires and impl.use_old_user_mgmt(cursor):
query, params = mogrify_requires(" ".join(query), params, tls_requires)
query = [query]
@ -973,6 +952,7 @@ def limit_resources(module, cursor, user, host, resource_limits, check_mode):
Returns: True, if changed, False otherwise.
"""
impl = get_user_implementation(cursor)
if not impl.server_supports_alter_user(cursor):
module.fail_json(msg="The server version does not match the requirements "
"for resource_limits parameter. See module's documentation.")
@ -1108,12 +1088,11 @@ def attributes_get(cursor, user, host):
return j if j else None
def get_impl(cursor):
global impl
cursor.execute("SELECT VERSION()")
if 'mariadb' in cursor.fetchone()[0].lower():
def get_user_implementation(cursor):
db_engine = get_server_implementation(cursor)
if db_engine == 'mariadb':
from ansible_collections.community.mysql.plugins.module_utils.implementations.mariadb import user as mariauser
impl = mariauser
return mariauser
else:
from ansible_collections.community.mysql.plugins.module_utils.implementations.mysql import user as mysqluser
impl = mysqluser
return mysqluser