ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-19 17:01:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

mysql_user: fix parsing privs when a user has roles assigned to it (#345)

Browse source
This commit is contained in:
Andrew Klychkov 2022-05-12 15:20:44 +03:00 committed by GitHub
parent 65eb142960
commit cc78846f22
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 133 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
plugins/module_utils/user.py
View file

@ -466,8 +466,19 @@ def privileges_get(cursor, user, host, maria_role=False):
res = re.match("""GRANT (.+) ON (.+) TO (['`"]).*\\3@(['`"]).*\\4( IDENTIFIED BY PASSWORD (['`"]).+\\6)? ?(.*)""", grant[0])
else:
res = re.match("""GRANT (.+) ON (.+) TO (['`"]).*\\3""", grant[0])
if res is None:
# If a user has roles assigned, we'll have one of priv tuples looking like
# GRANT `admin`@`%` TO `user1`@`localhost`
# which will result None as res value.
# As we use the mysql_role module to manipulate roles
# we just ignore such privs below:
res = re.match("""GRANT (.+) TO (['`"]).*""", grant[0])
if not maria_role and res:
continue
raise InvalidPrivsError('unable to parse the MySQL grant string: %s' % grant[0])
privileges = res.group(1).split(",")
privileges = [pick(x.strip()) for x in privileges]