ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-08-25 07:21:45 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Cut tests for method added in v3

Browse source
This commit is contained in:
Laurent Indermuehle 2022-08-24 14:25:09 +02:00
commit bfe79eda9d
No known key found for this signature in database
GPG key ID: 93FA944C9F34DD09
2 changed files with 0 additions and 341 deletions
Download patch file Download diff file Expand all files Collapse all files

168
tests/integration/targets/test_mysql_user/tasks/issue-265.yml
View file

@ -1,168 +0,0 @@
---
- vars:
mysql_parameters: &mysql_params
login_user: '{{ mysql_user }}'
login_password: '{{ mysql_password }}'
login_host: 127.0.0.1
login_port: '{{ mysql_primary_port }}'
block:
- name: Drop mysql user if exists
mysql_user:
<<: *mysql_params
name: '{{ user_name_1 }}'
state: absent
ignore_errors: yes
# Tests with force_context: yes
# Test user creation
- name: create mysql user {{user_name_1}}
mysql_user:
<<: *mysql_params
name: '{{ user_name_1 }}'
password: '{{ user_password_1 }}'
state: present
force_context: yes
register: result
- name: assert output message mysql user was created
assert:
that:
- result is changed
- include: assert_user.yml user_name={{user_name_1}}
# Test user removal
- name: remove mysql user {{user_name_1}}
mysql_user:
<<: *mysql_params
name: '{{user_name_1}}'
password: '{{user_password_1}}'
state: absent
force_context: yes
register: result
- name: assert output message mysql user was removed
assert:
that:
- result is changed
# Test blank user removal
- name: create blank mysql user to be removed later
mysql_user:
<<: *mysql_params
name: ""
state: present
force_context: yes
password: 'KJFDY&D*Sfuydsgf'
- name: remove blank mysql user with hosts=all (expect changed)
mysql_user:
<<: *mysql_params
user: ""
host_all: true
state: absent
force_context: yes
register: result
- name: assert changed is true for removing all blank users
assert:
that:
- result is changed
- name: remove blank mysql user with hosts=all (expect ok)
mysql_user:
<<: *mysql_params
user: ""
host_all: true
force_context: yes
state: absent
register: result
- name: assert changed is true for removing all blank users
assert:
that:
- result is not changed
- include: assert_no_user.yml user_name={{user_name_1}}
# Tests with force_context: no
# Test user creation
- name: Drop mysql user if exists
mysql_user:
<<: *mysql_params
name: '{{ user_name_1 }}'
state: absent
ignore_errors: yes
# Tests with force_context: yes
# Test user creation
- name: create mysql user {{user_name_1}}
mysql_user:
<<: *mysql_params
name: '{{ user_name_1 }}'
password: '{{ user_password_1 }}'
state: present
force_context: yes
register: result
- name: assert output message mysql user was created
assert:
that:
- result is changed
- include: assert_user.yml user_name={{user_name_1}}
# Test user removal
- name: remove mysql user {{user_name_1}}
mysql_user:
<<: *mysql_params
name: '{{user_name_1}}'
password: '{{user_password_1}}'
state: absent
force_context: no
register: result
- name: assert output message mysql user was removed
assert:
that:
- result is changed
# Test blank user removal
- name: create blank mysql user to be removed later
mysql_user:
<<: *mysql_params
name: ""
state: present
force_context: no
password: 'KJFDY&D*Sfuydsgf'
- name: remove blank mysql user with hosts=all (expect changed)
mysql_user:
<<: *mysql_params
user: ""
host_all: true
state: absent
force_context: no
register: result
- name: assert changed is true for removing all blank users
assert:
that:
- result is changed
- name: remove blank mysql user with hosts=all (expect ok)
mysql_user:
<<: *mysql_params
user: ""
host_all: true
force_context: no
state: absent
register: result
- name: assert changed is true for removing all blank users
assert:
that:
- result is not changed
- include: assert_no_user.yml user_name={{user_name_1}}

173
tests/integration/targets/test_mysql_user/tasks/test_priv_subtract.yml
View file

@ -1,173 +0,0 @@
# Test code to ensure that subtracting privileges will not result in unnecessary changes.
- vars:
mysql_parameters: &mysql_params
login_user: '{{ mysql_user }}'
login_password: '{{ mysql_password }}'
login_host: 127.0.0.1
login_port: '{{ mysql_primary_port }}'
block:
- name: Create test databases
mysql_db:
<<: *mysql_params
name: '{{ item }}'
state: present
loop:
- data1
- name: Create a user with an initial set of privileges
mysql_user:
<<: *mysql_params
name: '{{ user_name_4 }}'
password: '{{ user_password_4 }}'
priv: 'data1.*:SELECT,INSERT'
state: present
- name: Run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
register: result
- name: Assert that the initial set of privileges matches what is expected
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
- name: Subtract privileges that are not in the current privileges, which should be a no-op
mysql_user:
<<: *mysql_params
name: '{{ user_name_4 }}'
password: '{{ user_password_4 }}'
priv: 'data1.*:DELETE'
subtract_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
- name: Assert that there wasn't a change in permissions
assert:
that:
- result is not changed
- name: Run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
register: result
- name: Assert that the permissions still match what was originally granted
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
- name: Subtract existing and not-existing privileges, but not all
mysql_user:
<<: *mysql_params
name: '{{ user_name_4 }}'
password: '{{ user_password_4 }}'
priv: 'data1.*:INSERT,DELETE'
subtract_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
- name: Assert that there was a change because permissions were/would be revoked on data1.*
assert:
that:
- result is changed
- name: Run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
register: result
- name: Assert that the permissions were not changed if check_mode is set to 'yes'
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'yes'
- name: Assert that only DELETE was revoked if check_mode is set to 'no'
assert:
that:
- "'GRANT SELECT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'no'
- name: Try to subtract invalid privileges
mysql_user:
<<: *mysql_params
name: '{{ user_name_4 }}'
password: '{{ user_password_4 }}'
priv: 'data1.*:INVALID'
subtract_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
- name: Assert that there was no change because invalid permissions are ignored
assert:
that:
- result is not changed
- name: Run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
register: result
- name: Assert that the permissions were not changed with check_mode=='yes'
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'yes'
- name: Assert that the permissions were not changed with check_mode=='no'
assert:
that:
- "'GRANT SELECT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'no'
- name: trigger failure by trying to subtract and append privileges at the same time
mysql_user:
<<: *mysql_params
name: '{{ user_name_4 }}'
password: '{{ user_password_4 }}'
priv: 'data1.*:SELECT'
subtract_privs: yes
append_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
ignore_errors: true
- name: Assert the previous execution failed
assert:
that:
- result is failed
- name: Run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
register: result
- name: Assert that the permissions stayed the same, with check_mode=='yes'
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'yes'
- name: Assert that the permissions stayed the same, with check_mode=='no'
assert:
that:
- "'GRANT SELECT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'no'
##########
# Clean up
- name: Drop test databases
mysql_db:
<<: *mysql_params
name: '{{ item }}'
state: present
loop:
- data1
- name: Drop test user
mysql_user:
<<: *mysql_params
name: '{{ user_name_4 }}'
state: absent