From bfe79eda9df57d4ed9126daeb0572f1ec34955ef Mon Sep 17 00:00:00 2001 From: Laurent Indermuehle Date: Wed, 24 Aug 2022 14:25:09 +0200 Subject: [PATCH] Cut tests for method added in v3 --- .../test_mysql_user/tasks/issue-265.yml | 168 ----------------- .../tasks/test_priv_subtract.yml | 173 ------------------ 2 files changed, 341 deletions(-) delete mode 100644 tests/integration/targets/test_mysql_user/tasks/issue-265.yml delete mode 100644 tests/integration/targets/test_mysql_user/tasks/test_priv_subtract.yml diff --git a/tests/integration/targets/test_mysql_user/tasks/issue-265.yml b/tests/integration/targets/test_mysql_user/tasks/issue-265.yml deleted file mode 100644 index 167b69b..0000000 --- a/tests/integration/targets/test_mysql_user/tasks/issue-265.yml +++ /dev/null @@ -1,168 +0,0 @@ ---- -- vars: - mysql_parameters: &mysql_params - login_user: '{{ mysql_user }}' - login_password: '{{ mysql_password }}' - login_host: 127.0.0.1 - login_port: '{{ mysql_primary_port }}' - - block: - - name: Drop mysql user if exists - mysql_user: - <<: *mysql_params - name: '{{ user_name_1 }}' - state: absent - ignore_errors: yes - - # Tests with force_context: yes - # Test user creation - - name: create mysql user {{user_name_1}} - mysql_user: - <<: *mysql_params - name: '{{ user_name_1 }}' - password: '{{ user_password_1 }}' - state: present - force_context: yes - register: result - - - name: assert output message mysql user was created - assert: - that: - - result is changed - - - include: assert_user.yml user_name={{user_name_1}} - - # Test user removal - - name: remove mysql user {{user_name_1}} - mysql_user: - <<: *mysql_params - name: '{{user_name_1}}' - password: '{{user_password_1}}' - state: absent - force_context: yes - register: result - - - name: assert output message mysql user was removed - assert: - that: - - result is changed - - # Test blank user removal - - name: create blank mysql user to be removed later - mysql_user: - <<: *mysql_params - name: "" - state: present - force_context: yes - password: 'KJFDY&D*Sfuydsgf' - - - name: remove blank mysql user with hosts=all (expect changed) - mysql_user: - <<: *mysql_params - user: "" - host_all: true - state: absent - force_context: yes - register: result - - - name: assert changed is true for removing all blank users - assert: - that: - - result is changed - - - name: remove blank mysql user with hosts=all (expect ok) - mysql_user: - <<: *mysql_params - user: "" - host_all: true - force_context: yes - state: absent - register: result - - - name: assert changed is true for removing all blank users - assert: - that: - - result is not changed - - - include: assert_no_user.yml user_name={{user_name_1}} - - # Tests with force_context: no - # Test user creation - - name: Drop mysql user if exists - mysql_user: - <<: *mysql_params - name: '{{ user_name_1 }}' - state: absent - ignore_errors: yes - - # Tests with force_context: yes - # Test user creation - - name: create mysql user {{user_name_1}} - mysql_user: - <<: *mysql_params - name: '{{ user_name_1 }}' - password: '{{ user_password_1 }}' - state: present - force_context: yes - register: result - - - name: assert output message mysql user was created - assert: - that: - - result is changed - - - include: assert_user.yml user_name={{user_name_1}} - - # Test user removal - - name: remove mysql user {{user_name_1}} - mysql_user: - <<: *mysql_params - name: '{{user_name_1}}' - password: '{{user_password_1}}' - state: absent - force_context: no - register: result - - - name: assert output message mysql user was removed - assert: - that: - - result is changed - - # Test blank user removal - - name: create blank mysql user to be removed later - mysql_user: - <<: *mysql_params - name: "" - state: present - force_context: no - password: 'KJFDY&D*Sfuydsgf' - - - name: remove blank mysql user with hosts=all (expect changed) - mysql_user: - <<: *mysql_params - user: "" - host_all: true - state: absent - force_context: no - register: result - - - name: assert changed is true for removing all blank users - assert: - that: - - result is changed - - - name: remove blank mysql user with hosts=all (expect ok) - mysql_user: - <<: *mysql_params - user: "" - host_all: true - force_context: no - state: absent - register: result - - - name: assert changed is true for removing all blank users - assert: - that: - - result is not changed - - - include: assert_no_user.yml user_name={{user_name_1}} diff --git a/tests/integration/targets/test_mysql_user/tasks/test_priv_subtract.yml b/tests/integration/targets/test_mysql_user/tasks/test_priv_subtract.yml deleted file mode 100644 index 7595243..0000000 --- a/tests/integration/targets/test_mysql_user/tasks/test_priv_subtract.yml +++ /dev/null @@ -1,173 +0,0 @@ -# Test code to ensure that subtracting privileges will not result in unnecessary changes. -- vars: - mysql_parameters: &mysql_params - login_user: '{{ mysql_user }}' - login_password: '{{ mysql_password }}' - login_host: 127.0.0.1 - login_port: '{{ mysql_primary_port }}' - - block: - - - name: Create test databases - mysql_db: - <<: *mysql_params - name: '{{ item }}' - state: present - loop: - - data1 - - - name: Create a user with an initial set of privileges - mysql_user: - <<: *mysql_params - name: '{{ user_name_4 }}' - password: '{{ user_password_4 }}' - priv: 'data1.*:SELECT,INSERT' - state: present - - - name: Run command to show privileges for user (expect privileges in stdout) - command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\"" - register: result - - - name: Assert that the initial set of privileges matches what is expected - assert: - that: - - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout" - - - name: Subtract privileges that are not in the current privileges, which should be a no-op - mysql_user: - <<: *mysql_params - name: '{{ user_name_4 }}' - password: '{{ user_password_4 }}' - priv: 'data1.*:DELETE' - subtract_privs: yes - state: present - check_mode: '{{ enable_check_mode }}' - register: result - - - name: Assert that there wasn't a change in permissions - assert: - that: - - result is not changed - - - name: Run command to show privileges for user (expect privileges in stdout) - command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\"" - register: result - - - name: Assert that the permissions still match what was originally granted - assert: - that: - - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout" - - - name: Subtract existing and not-existing privileges, but not all - mysql_user: - <<: *mysql_params - name: '{{ user_name_4 }}' - password: '{{ user_password_4 }}' - priv: 'data1.*:INSERT,DELETE' - subtract_privs: yes - state: present - check_mode: '{{ enable_check_mode }}' - register: result - - - name: Assert that there was a change because permissions were/would be revoked on data1.* - assert: - that: - - result is changed - - - name: Run command to show privileges for user (expect privileges in stdout) - command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\"" - register: result - - - name: Assert that the permissions were not changed if check_mode is set to 'yes' - assert: - that: - - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout" - when: enable_check_mode == 'yes' - - - name: Assert that only DELETE was revoked if check_mode is set to 'no' - assert: - that: - - "'GRANT SELECT ON `data1`.*' in result.stdout" - when: enable_check_mode == 'no' - - - name: Try to subtract invalid privileges - mysql_user: - <<: *mysql_params - name: '{{ user_name_4 }}' - password: '{{ user_password_4 }}' - priv: 'data1.*:INVALID' - subtract_privs: yes - state: present - check_mode: '{{ enable_check_mode }}' - register: result - - - name: Assert that there was no change because invalid permissions are ignored - assert: - that: - - result is not changed - - - name: Run command to show privileges for user (expect privileges in stdout) - command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\"" - register: result - - - name: Assert that the permissions were not changed with check_mode=='yes' - assert: - that: - - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout" - when: enable_check_mode == 'yes' - - - name: Assert that the permissions were not changed with check_mode=='no' - assert: - that: - - "'GRANT SELECT ON `data1`.*' in result.stdout" - when: enable_check_mode == 'no' - - - name: trigger failure by trying to subtract and append privileges at the same time - mysql_user: - <<: *mysql_params - name: '{{ user_name_4 }}' - password: '{{ user_password_4 }}' - priv: 'data1.*:SELECT' - subtract_privs: yes - append_privs: yes - state: present - check_mode: '{{ enable_check_mode }}' - register: result - ignore_errors: true - - - name: Assert the previous execution failed - assert: - that: - - result is failed - - - name: Run command to show privileges for user (expect privileges in stdout) - command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\"" - register: result - - - name: Assert that the permissions stayed the same, with check_mode=='yes' - assert: - that: - - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout" - when: enable_check_mode == 'yes' - - - name: Assert that the permissions stayed the same, with check_mode=='no' - assert: - that: - - "'GRANT SELECT ON `data1`.*' in result.stdout" - when: enable_check_mode == 'no' - - ########## - # Clean up - - name: Drop test databases - mysql_db: - <<: *mysql_params - name: '{{ item }}' - state: present - loop: - - data1 - - - name: Drop test user - mysql_user: - <<: *mysql_params - name: '{{ user_name_4 }}' - state: absent