diff --git a/changelogs/fragments/465-display_more_informative_invalid_priv_exceptiion.yml b/changelogs/fragments/465-display_more_informative_invalid_priv_exceptiion.yml new file mode 100644 index 0000000..88b3d5f --- /dev/null +++ b/changelogs/fragments/465-display_more_informative_invalid_priv_exceptiion.yml @@ -0,0 +1,5 @@ +--- +minor_changes: + - mysql_user - display a more informative invalid privilege exception. + Changes the exception handling of the granting permission logic to show the query executed + and the exception message granting privileges fails` (https://github.com//pull/435). \ No newline at end of file diff --git a/plugins/module_utils/user.py b/plugins/module_utils/user.py index de3967c..5c0e0c5 100644 --- a/plugins/module_utils/user.py +++ b/plugins/module_utils/user.py @@ -725,7 +725,7 @@ def privileges_grant(cursor, user, host, db_table, priv, tls_requires, maria_rol try: cursor.execute(query, params) except (mysql_driver.ProgrammingError, mysql_driver.OperationalError, mysql_driver.InternalError) as e: - raise InvalidPrivsError("Error granting privileges, invalid priv string: %s , query: %s , exception: %s." % (priv_string, query, str(e)) ) + raise InvalidPrivsError("Error granting privileges, invalid priv string: %s , query: %s , exception: %s." % (priv_string, query, str(e))) def convert_priv_dict_to_str(priv): diff --git a/tests/integration/targets/test_mysql_user/tasks/test_privs_issue_465.yml b/tests/integration/targets/test_mysql_user/tasks/test_privs_issue_465.yml new file mode 100644 index 0000000..0cfbb4b --- /dev/null +++ b/tests/integration/targets/test_mysql_user/tasks/test_privs_issue_465.yml @@ -0,0 +1,53 @@ +# test code for privileges for mysql_user module - issue 465 +# (c) 2014, Wayne Rosario + +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +- vars: + mysql_parameters: &mysql_params + login_user: '{{ mysql_user }}' + login_password: '{{ mysql_password }}' + login_host: 127.0.0.1 + login_port: '{{ mysql_primary_port }}' + + block: + + # ============================================================ + - name: create admin user with ALL privs, without GRANT OPTIONS + mysql_user: + <<: *mysql_params + name: '{{ user_name_1 }}' + password: '{{ user_password_1 }}' + priv: '*.{{ db_name }}:ALL' + state: present + + - include: assert_user.yml user_name={{user_name_2}} priv='ALL' + + - name: create consumer user with all privileges using admin user + mysql_user: + <<: *mysql_params + name: '{{ user_name_2 }}' + password: '{{ user_password_2 }}' + login_user: '{{ user_name_1 }}' + login_password: '{{ user_password_1 }}' + priv: '*.{{ db_name }}:ALL' + state: present + register: result + + - name: assert output message for current privileges + assert: + that: + - result is changed