ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-08-29 01:11:46 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

mysql_user: fix parsing privs when a user has roles assigned to it

Browse source
This commit is contained in:
Andrew Klychkov 2022-05-12 10:02:46 +02:00
commit d6276fcfdc
5 changed files with 115 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
plugins/modules/mysql_user.py
View file

@ -750,8 +750,19 @@ def privileges_get(cursor, user, host):
for grant in grants:
res = re.match("""GRANT (.+) ON (.+) TO (['`"]).*\\3@(['`"]).*\\4( IDENTIFIED BY PASSWORD (['`"]).+\\6)? ?(.*)""", grant[0])
if res is None:
# If a user has roles assigned, we'll have one of priv tuples looking like
# GRANT `admin`@`%` TO `user1`@`localhost`
# which will result None as res value.
# As we use the mysql_role module (community.mysql 2.0.0+) to manipulate roles
# we just ignore such privs below:
res = re.match("""GRANT (.+) TO (['`"]).*""", grant[0])
if res:
continue
raise InvalidPrivsError('unable to parse the MySQL grant string: %s' % grant[0])
privileges = res.group(1).split(",")
privileges = [pick(x.strip()) for x in privileges]