mysql_user: refactor to reduce execute() calls (#76)

This module does not currently log the SQL statements that it executes. A change was proposed to add this functionality, but it would require modifications in many sections of the code due to how many cursor.execute() statements there currently are. This change simply consolidates the number of execute() calls where it is trivial to do so.
2025-04-06 10:40:36 -07:00 · 2021-01-15 05:44:03 -05:00 · 2021-01-15 05:44:03 -05:00 · b25fb5974d
commit b25fb5974d
parent 06907715d7
2 changed files with 27 additions and 37 deletions
--- a/changelogs/fragments/76-mysql-user-query-refact.yaml
+++ b/changelogs/fragments/76-mysql-user-query-refact.yaml
@ -0,0 +1,2 @@
+minor_changes:
+  - mysql_user - refactor to reduce cursor.execute() calls in preparation for adding query logging (https://github.com/ansible-collections/community.mysql/pull/76).
--- a/plugins/modules/mysql_user.py
+++ b/plugins/modules/mysql_user.py
@ -492,44 +492,28 @@ def user_add(cursor, user, host, host_all, password, encrypted,

    if password and encrypted:
        if supports_identified_by_password(cursor):
-            cursor.execute(*mogrify("CREATE USER %s@%s IDENTIFIED BY PASSWORD %s", (user, host, password), tls_requires))
+            query_with_args = "CREATE USER %s@%s IDENTIFIED BY PASSWORD %s", (user, host, password)
        else:
-            cursor.execute(
-                *mogrify(
-                    "CREATE USER %s@%s IDENTIFIED WITH mysql_native_password AS %s", (user, host, password),
-                    tls_requires
-                )
-            )
-
+            query_with_args = "CREATE USER %s@%s IDENTIFIED WITH mysql_native_password AS %s", (user, host, password)
    elif password and not encrypted:
        if old_user_mgmt:
-            cursor.execute(*mogrify("CREATE USER %s@%s IDENTIFIED BY %s", (user, host, password), tls_requires))
+            query_with_args = "CREATE USER %s@%s IDENTIFIED BY %s", (user, host, password)
        else:
            cursor.execute("SELECT CONCAT('*', UCASE(SHA1(UNHEX(SHA1(%s)))))", (password,))
            encrypted_password = cursor.fetchone()[0]
-            cursor.execute(
-                *mogrify(
-                    "CREATE USER %s@%s IDENTIFIED WITH mysql_native_password AS %s",
-                    (user, host, encrypted_password),
-                    tls_requires,
-                )
-            )
+            query_with_args = "CREATE USER %s@%s IDENTIFIED WITH mysql_native_password AS %s", (user, host, encrypted_password)
    elif plugin and plugin_hash_string:
-        cursor.execute(
-            *mogrify(
-                "CREATE USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string), tls_requires
-            )
-        )
+        query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string)
    elif plugin and plugin_auth_string:
-        cursor.execute(
-            *mogrify(
-                "CREATE USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string), tls_requires
-            )
-        )
+        query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string)
    elif plugin:
-        cursor.execute(*mogrify("CREATE USER %s@%s IDENTIFIED WITH %s", (user, host, plugin), tls_requires))
+        query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s", (user, host, plugin)
    else:
-        cursor.execute(*mogrify("CREATE USER %s@%s", (user, host), tls_requires))
+        query_with_args = "CREATE USER %s@%s", (user, host)
+
+    query_with_args_and_tls_requires = query_with_args + (tls_requires,)
+    cursor.execute(*mogrify(*query_with_args_and_tls_requires))
+
    if new_priv is not None:
        for db_table, priv in iteritems(new_priv):
            privileges_grant(cursor, user, host, db_table, priv, tls_requires)
@ -651,11 +635,13 @@ def user_mod(cursor, user, host, host_all, password, encrypted,

            if update:
                if plugin_hash_string:
-                    cursor.execute("ALTER USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string))
+                    query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string)
                elif plugin_auth_string:
-                    cursor.execute("ALTER USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string))
+                    query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string)
                else:
-                    cursor.execute("ALTER USER %s@%s IDENTIFIED WITH %s", (user, host, plugin))
+                    query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s", (user, host, plugin)
+
+                cursor.execute(*query_with_args)
                changed = True

        # Handle privileges
@ -720,10 +706,12 @@ def user_mod(cursor, user, host, host_all, password, encrypted,

            if tls_requires is not None:
                query = " ".join((pre_query, "%s@%s"))
-                cursor.execute(*mogrify_requires(query, (user, host), tls_requires))
+                query_with_args = mogrify_requires(query, (user, host), tls_requires)
            else:
                query = " ".join((pre_query, "%s@%s REQUIRE NONE"))
-                cursor.execute(query, (user, host))
+                query_with_args = query, (user, host)
+
+            cursor.execute(*query_with_args)
            changed = True

    return (changed, msg)
@ -735,11 +723,11 @@ def user_delete(cursor, user, host, host_all, check_mode):

    if host_all:
        hostnames = user_get_hostnames(cursor, user)
-
-        for hostname in hostnames:
-            cursor.execute("DROP USER %s@%s", (user, hostname))
    else:
-        cursor.execute("DROP USER %s@%s", (user, host))
+        hostnames = [host]
+
+    for hostname in hostnames:
+        cursor.execute("DROP USER %s@%s", (user, hostname))

    return True