ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-06 10:40:36 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

change filter name to user_accounts

Browse source
This commit is contained in:
Laurent Indermuehle 2023-10-12 16:44:14 +02:00
parent 71abdd7567
commit db43c34f63
No known key found for this signature in database
GPG key ID: 93FA944C9F34DD09
5 changed files with 98 additions and 98 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/lie_mysql_info_users_privs.yml
View file

@ -2,4 +2,4 @@
minor_changes: minor_changes:
- mysql_info - add filter ``users_privs`` (https://github.com/ansible-collections/community.mysql/pull/572). - mysql_info - add filter ``user_accounts`` (https://github.com/ansible-collections/community.mysql/pull/572).

34
plugins/modules/mysql_info.py
View file

@ -19,7 +19,7 @@ options:
description: description:
- Limit the collected information by comma separated string or YAML list. - Limit the collected information by comma separated string or YAML list.
- Allowable values are C(version), C(databases), C(settings), C(global_status), - Allowable values are C(version), C(databases), C(settings), C(global_status),
C(users), C(users_privs), C(engines), C(master_status), C(slave_status), C(slave_hosts). C(users), C(user_accounts), C(engines), C(master_status), C(slave_status), C(slave_hosts).
- By default, collects all subsets. - By default, collects all subsets.
- You can use '!' before value (for example, C(!settings)) to exclude it from the information. - You can use '!' before value (for example, C(!settings)) to exclude it from the information.
- If you pass including and excluding values to the filter, for example, I(filter=!settings,version), - If you pass including and excluding values to the filter, for example, I(filter=!settings,version),
@ -75,7 +75,7 @@ EXAMPLES = r'''
# ansible mysql-hosts -m mysql_info -a 'filter=databases,users' # ansible mysql-hosts -m mysql_info -a 'filter=databases,users'
# Display all users privileges: # Display all users privileges:
# ansible mysql-hosts -m mysql_info -a 'filter=users_privs' # ansible mysql-hosts -m mysql_info -a 'filter=user_accounts'
# Display only slave status: # Display only slave status:
# ansible standby -m mysql_info -a 'filter=slave_status' # ansible standby -m mysql_info -a 'filter=slave_status'
@ -133,7 +133,7 @@ EXAMPLES = r'''
delegate_to: server_source delegate_to: server_source
community.mysql.mysql_info: community.mysql.mysql_info:
filter: filter:
- users_privs - user_accounts
register: result register: result
# Step 2 # Step 2
@ -150,7 +150,7 @@ EXAMPLES = r'''
resource_limits: "{{ item.resource_limits | default(omit) }}" resource_limits: "{{ item.resource_limits | default(omit) }}"
column_case_sensitive: true column_case_sensitive: true
state: present state: present
loop: "{{ result.users_privs }}" loop: "{{ result.user_accounts }}"
loop_control: loop_control:
label: "{{ item.name }}@{{ item.host }}" label: "{{ item.name }}@{{ item.host }}"
when: when:
@ -221,7 +221,7 @@ users:
type: dict type: dict
sample: sample:
- { "localhost": { "root": { "Alter_priv": "Y", "Alter_routine_priv": "Y" } } } - { "localhost": { "root": { "Alter_priv": "Y", "Alter_routine_priv": "Y" } } }
users_privs: user_accounts:
description: description:
- Information about users accounts. - Information about users accounts.
- The output can be used as an input of the M(community.mysql.mysql_user) plugin. - The output can be used as an input of the M(community.mysql.mysql_user) plugin.
@ -334,7 +334,7 @@ class MySQL_Info(object):
'global_status': {}, 'global_status': {},
'engines': {}, 'engines': {},
'users': {}, 'users': {},
'users_privs': {}, 'user_accounts': {},
'master_status': {}, 'master_status': {},
'slave_hosts': {}, 'slave_hosts': {},
'slave_status': {}, 'slave_status': {},
@ -403,8 +403,8 @@ class MySQL_Info(object):
if 'users' in wanted: if 'users' in wanted:
self.__get_users() self.__get_users()
if 'users_privs' in wanted: if 'user_accounts' in wanted:
self.__get_users_privs() self.__get_user_accounts()
if 'master_status' in wanted: if 'master_status' in wanted:
self.__get_master_status() self.__get_master_status()
@ -544,23 +544,23 @@ class MySQL_Info(object):
if vname not in ('Host', 'User'): if vname not in ('Host', 'User'):
self.info['users'][host][user][vname] = self.__convert(val) self.info['users'][host][user][vname] = self.__convert(val)
def __get_users_privs(self): def __get_user_accounts(self):
"""Get user privileges. """Get user privileges, passwords, resources_limits, ...
Query the server to get all the users and return a string Query the server to get all the users and return a string
of privileges that can be used by the mysql_user plugin. of privileges that can be used by the mysql_user plugin.
For instance: For instance:
"users_privs": [ "user_accounts": [
{ {
"host": "users_privs.com", "host": "user_accounts.com",
"priv": "*.*: ALL,GRANT", "priv": "*.*: ALL,GRANT",
"name": "users_privs_adm" "name": "user_accounts_adm"
}, },
{ {
"host": "users_privs.com", "host": "user_accounts.com",
"priv": "`mysql`.*: SELECT/`users_privs_db`.*: SELECT", "priv": "`mysql`.*: SELECT/`user_accounts_db`.*: SELECT",
"name": "users_privs_multi" "name": "user_accounts_multi"
} }
] ]
""" """
@ -622,7 +622,7 @@ class MySQL_Info(object):
output.append(output_dict) output.append(output_dict)
self.info['users_privs'] = output self.info['user_accounts'] = output
def __get_databases(self, exclude_fields, return_empty_dbs): def __get_databases(self, exclude_fields, return_empty_dbs):
"""Get info about databases.""" """Get info about databases."""

6
tests/integration/targets/test_mysql_info/files/users_privs_create_procedure.sql
View file

@ -1,7 +1,7 @@
DELIMITER // DELIMITER //
DROP PROCEDURE IF EXISTS users_privs_db.get_all_items; DROP PROCEDURE IF EXISTS user_accounts_db.get_all_items;
CREATE PROCEDURE users_privs_db.get_all_items() CREATE PROCEDURE user_accounts_db.get_all_items()
BEGIN BEGIN
SELECT * from users_privs_db.t1; SELECT * from user_accounts_db.t1;
END // END //
DELIMITER ; DELIMITER ;

150
tests/integration/targets/test_mysql_info/tasks/filter_users_privs.yml → tests/integration/targets/test_mysql_info/tasks/filter_user_accounts.yml
View file

@ -13,35 +13,35 @@
block: block:
# ================================ Prepare ============================== # ================================ Prepare ==============================
- name: Mysql_info users_privs | Create databases - name: Mysql_info user_accounts | Create databases
community.mysql.mysql_db: community.mysql.mysql_db:
name: name:
- users_privs_db - user_accounts_db
- users_privs_db2 - user_accounts_db2
- users_privs_db3 - user_accounts_db3
state: present state: present
- name: Mysql_info users_privs | Create tables - name: Mysql_info user_accounts | Create tables
community.mysql.mysql_query: community.mysql.mysql_query:
query: query:
- >- - >-
CREATE TABLE IF NOT EXISTS users_privs_db.t1 CREATE TABLE IF NOT EXISTS user_accounts_db.t1
(id int, name varchar(9)) (id int, name varchar(9))
- >- - >-
CREATE TABLE IF NOT EXISTS users_privs_db.T_UPPER CREATE TABLE IF NOT EXISTS user_accounts_db.T_UPPER
(id int, name1 varchar(9), NAME2 varchar(9), Name3 varchar(9)) (id int, name1 varchar(9), NAME2 varchar(9), Name3 varchar(9))
# I failed to create a procedure using community.mysql.mysql_query. # I failed to create a procedure using community.mysql.mysql_query.
# Maybe it's because we must changed the delimiter. # Maybe it's because we must changed the delimiter.
- name: Mysql_info users_privs | Create procedure SQL file - name: Mysql_info user_accounts | Create procedure SQL file
ansible.builtin.template: ansible.builtin.template:
src: files/users_privs_create_procedure.sql src: files/user_accounts_create_procedure.sql
dest: /root/create_procedure.sql dest: /root/create_procedure.sql
owner: root owner: root
group: root group: root
mode: '0700' mode: '0700'
- name: Mysql_info users_privs | Create a procedure - name: Mysql_info user_accounts | Create a procedure
community.mysql.mysql_db: community.mysql.mysql_db:
name: all name: all
state: import state: import
@ -49,108 +49,108 @@
# Use a query instead of mysql_user, because we want to caches differences # Use a query instead of mysql_user, because we want to caches differences
# at the end and a bug in mysql_user would be invisible to this tests # at the end and a bug in mysql_user would be invisible to this tests
- name: Mysql_info users_privs | Prepare common tests users - name: Mysql_info user_accounts | Prepare common tests users
community.mysql.mysql_query: community.mysql.mysql_query:
query: query:
- >- - >-
CREATE USER users_privs_adm@'users_privs.com' IDENTIFIED WITH CREATE USER user_accounts_adm@'user_accounts.com' IDENTIFIED WITH
mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747' mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- > - >
GRANT ALL ON *.* to users_privs_adm@'users_privs.com' WITH GRANT GRANT ALL ON *.* to user_accounts_adm@'user_accounts.com' WITH GRANT
OPTION OPTION
- >- - >-
CREATE USER users_privs_schema@'users_privs.com' IDENTIFIED WITH CREATE USER user_accounts_schema@'user_accounts.com' IDENTIFIED WITH
mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747' mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- >- - >-
GRANT SELECT, INSERT, UPDATE, DELETE ON users_privs_db.* TO GRANT SELECT, INSERT, UPDATE, DELETE ON user_accounts_db.* TO
users_privs_schema@'users_privs.com' user_accounts_schema@'user_accounts.com'
- >- - >-
CREATE USER users_privs_table@'users_privs.com' IDENTIFIED WITH CREATE USER user_accounts_table@'user_accounts.com' IDENTIFIED WITH
mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747' mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- >- - >-
GRANT SELECT, INSERT, UPDATE ON users_privs_db.t1 TO GRANT SELECT, INSERT, UPDATE ON user_accounts_db.t1 TO
users_privs_table@'users_privs.com' user_accounts_table@'user_accounts.com'
- >- - >-
CREATE USER users_privs_col@'users_privs.com' IDENTIFIED WITH CREATE USER user_accounts_col@'user_accounts.com' IDENTIFIED WITH
mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747' mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
WITH MAX_USER_CONNECTIONS 100 WITH MAX_USER_CONNECTIONS 100
- >- - >-
GRANT SELECT (id) ON users_privs_db.t1 TO GRANT SELECT (id) ON user_accounts_db.t1 TO
users_privs_col@'users_privs.com' user_accounts_col@'user_accounts.com'
- >- - >-
CREATE USER users_privs_proc@'users_privs.com' IDENTIFIED WITH CREATE USER user_accounts_proc@'user_accounts.com' IDENTIFIED WITH
mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747' mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
WITH MAX_USER_CONNECTIONS 2 MAX_CONNECTIONS_PER_HOUR 60 WITH MAX_USER_CONNECTIONS 2 MAX_CONNECTIONS_PER_HOUR 60
- >- - >-
GRANT EXECUTE ON PROCEDURE users_privs_db.get_all_items TO GRANT EXECUTE ON PROCEDURE user_accounts_db.get_all_items TO
users_privs_proc@'users_privs.com' user_accounts_proc@'user_accounts.com'
- >- - >-
CREATE USER users_privs_multi@'users_privs.com' IDENTIFIED WITH CREATE USER user_accounts_multi@'user_accounts.com' IDENTIFIED WITH
mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747' mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- >- - >-
GRANT SELECT ON mysql.* TO GRANT SELECT ON mysql.* TO
users_privs_multi@'users_privs.com' user_accounts_multi@'user_accounts.com'
- >- - >-
GRANT ALL ON users_privs_db.* TO GRANT ALL ON user_accounts_db.* TO
users_privs_multi@'users_privs.com' user_accounts_multi@'user_accounts.com'
- >- - >-
GRANT ALL ON users_privs_db2.* TO GRANT ALL ON user_accounts_db2.* TO
users_privs_multi@'users_privs.com' user_accounts_multi@'user_accounts.com'
- >- - >-
GRANT ALL ON users_privs_db3.* TO GRANT ALL ON user_accounts_db3.* TO
users_privs_multi@'users_privs.com' user_accounts_multi@'user_accounts.com'
- >- - >-
CREATE USER users_privs_usage_only@'users_privs.com' IDENTIFIED WITH CREATE USER user_accounts_usage_only@'user_accounts.com' IDENTIFIED WITH
mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747' mysql_native_password AS '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- >- - >-
GRANT USAGE ON *.* TO GRANT USAGE ON *.* TO
users_privs_usage_only@'users_privs.com' user_accounts_usage_only@'user_accounts.com'
- >- - >-
CREATE USER users_privs_columns_uppercase@'users_privs.com' CREATE USER user_accounts_columns_uppercase@'user_accounts.com'
IDENTIFIED WITH mysql_native_password AS IDENTIFIED WITH mysql_native_password AS
'*6C387FC3893DBA1E3BA155E74754DA6682D04747' '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- >- - >-
GRANT SELECT,UPDATE(name1,NAME2,Name3) ON users_privs_db.T_UPPER TO GRANT SELECT,UPDATE(name1,NAME2,Name3) ON user_accounts_db.T_UPPER TO
users_privs_columns_uppercase@'users_privs.com' user_accounts_columns_uppercase@'user_accounts.com'
- >- - >-
CREATE USER users_privs_multi_hosts@'%' CREATE USER user_accounts_multi_hosts@'%'
IDENTIFIED WITH mysql_native_password AS IDENTIFIED WITH mysql_native_password AS
'*6C387FC3893DBA1E3BA155E74754DA6682D04747' '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- GRANT SELECT ON users_privs_db.* TO users_privs_multi_hosts@'%' - GRANT SELECT ON user_accounts_db.* TO user_accounts_multi_hosts@'%'
- >- - >-
CREATE USER users_privs_multi_hosts@'localhost' CREATE USER user_accounts_multi_hosts@'localhost'
IDENTIFIED WITH mysql_native_password AS IDENTIFIED WITH mysql_native_password AS
'*6C387FC3893DBA1E3BA155E74754DA6682D04747' '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- >- - >-
GRANT SELECT ON users_privs_db.* TO GRANT SELECT ON user_accounts_db.* TO
users_privs_multi_hosts@'localhost' user_accounts_multi_hosts@'localhost'
- >- - >-
CREATE USER users_privs_multi_hosts@'host1' CREATE USER user_accounts_multi_hosts@'host1'
IDENTIFIED WITH mysql_native_password AS IDENTIFIED WITH mysql_native_password AS
'*6C387FC3893DBA1E3BA155E74754DA6682D04747' '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
- GRANT SELECT ON users_privs_db.* TO users_privs_multi_hosts@'host1' - GRANT SELECT ON user_accounts_db.* TO user_accounts_multi_hosts@'host1'
# Different password than the others users_privs_multi_hosts # Different password than the others user_accounts_multi_hosts
- >- - >-
CREATE USER users_privs_multi_hosts@'host2' CREATE USER user_accounts_multi_hosts@'host2'
IDENTIFIED WITH mysql_native_password AS IDENTIFIED WITH mysql_native_password AS
'*CB3326D5279DE7915FE5D743232165EE887883CA' '*CB3326D5279DE7915FE5D743232165EE887883CA'
- GRANT SELECT ON users_privs_db.* TO users_privs_multi_hosts@'host2' - GRANT SELECT ON user_accounts_db.* TO user_accounts_multi_hosts@'host2'
- name: Mysql_info users_privs | Prepare tests users for MariaDB - name: Mysql_info user_accounts | Prepare tests users for MariaDB
community.mysql.mysql_user: community.mysql.mysql_user:
name: "{{ item.name }}" name: "{{ item.name }}"
host: "users_privs.com" host: "user_accounts.com"
plugin: "{{ item.plugin | default(omit) }}" plugin: "{{ item.plugin | default(omit) }}"
plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}" plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}"
plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}" plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}"
@ -160,17 +160,17 @@
column_case_sensitive: true column_case_sensitive: true
state: present state: present
loop: loop:
- name: users_privs_socket # Only for MariaDB - name: user_accounts_socket # Only for MariaDB
priv: priv:
'*.*': 'ALL' '*.*': 'ALL'
plugin: 'unix_socket' plugin: 'unix_socket'
when: when:
- db_engine == 'mariadb' - db_engine == 'mariadb'
- name: Mysql_info users_privs | Prepare tests users for MySQL - name: Mysql_info user_accounts | Prepare tests users for MySQL
community.mysql.mysql_user: community.mysql.mysql_user:
name: "{{ item.name }}" name: "{{ item.name }}"
host: "users_privs.com" host: "user_accounts.com"
plugin: "{{ item.plugin | default(omit) }}" plugin: "{{ item.plugin | default(omit) }}"
plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}" plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}"
plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}" plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}"
@ -180,7 +180,7 @@
column_case_sensitive: true column_case_sensitive: true
state: present state: present
loop: loop:
- name: users_privs_sha256 # Only for MySQL - name: user_accounts_sha256 # Only for MySQL
priv: priv:
'*.*': 'ALL' '*.*': 'ALL'
plugin_auth_string: plugin_auth_string:
@ -189,10 +189,10 @@
when: when:
- db_engine == 'mysql' - db_engine == 'mysql'
- name: Mysql_info users_privs | Prepare tests users for MySQL 8+ - name: Mysql_info user_accounts | Prepare tests users for MySQL 8+
community.mysql.mysql_user: community.mysql.mysql_user:
name: "{{ item.name }}" name: "{{ item.name }}"
host: "users_privs.com" host: "user_accounts.com"
plugin: "{{ item.plugin | default(omit) }}" plugin: "{{ item.plugin | default(omit) }}"
plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}" plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}"
plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}" plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}"
@ -202,7 +202,7 @@
column_case_sensitive: true column_case_sensitive: true
state: present state: present
loop: loop:
- name: users_privs_caching_sha2 # Only for MySQL 8+ - name: user_accounts_caching_sha2 # Only for MySQL 8+
priv: priv:
'*.*': 'ALL' '*.*': 'ALL'
plugin_auth_string: plugin_auth_string:
@ -214,13 +214,13 @@
# ================================== Tests ============================== # ================================== Tests ==============================
- name: Mysql_info users_privs | Collect users_privs - name: Mysql_info user_accounts | Collect user_accounts
community.mysql.mysql_info: community.mysql.mysql_info:
filter: filter:
- users_privs - user_accounts
register: result register: result
- name: Recreate users from mysql_info users_privs result - name: Recreate users from mysql_info user_accounts result
community.mysql.mysql_user: community.mysql.mysql_user:
name: "{{ item.name }}" name: "{{ item.name }}"
host: "{{ item.host }}" host: "{{ item.host }}"
@ -232,7 +232,7 @@
resource_limits: "{{ item.resource_limits | default(omit) }}" resource_limits: "{{ item.resource_limits | default(omit) }}"
column_case_sensitive: true column_case_sensitive: true
state: present state: present
loop: "{{ result.users_privs }}" loop: "{{ result.user_accounts }}"
loop_control: loop_control:
label: "{{ item.name }}@{{ item.host }}" label: "{{ item.name }}@{{ item.host }}"
register: recreate_users_result register: recreate_users_result
@ -248,30 +248,30 @@
# ================================== Cleanup ============================ # ================================== Cleanup ============================
- name: Mysql_info users_privs | Cleanup users_privs - name: Mysql_info user_accounts | Cleanup user_accounts
community.mysql.mysql_user: community.mysql.mysql_user:
name: "{{ item }}" name: "{{ item }}"
host: "users_privs.com" host: "user_accounts.com"
column_case_sensitive: true column_case_sensitive: true
state: absent state: absent
loop: loop:
- users_privs_adm - user_accounts_adm
- users_privs_schema - user_accounts_schema
- users_privs_table - user_accounts_table
- users_privs_col - user_accounts_col
- users_privs_proc - user_accounts_proc
- users_privs_usage_only - user_accounts_usage_only
- users_privs_columns_uppercase - user_accounts_columns_uppercase
- name: Mysql_info users_privs | Cleanup databases - name: Mysql_info user_accounts | Cleanup databases
community.mysql.mysql_db: community.mysql.mysql_db:
name: name:
- users_privs_db - user_accounts_db
- users_privs_db2 - user_accounts_db2
- users_privs_db3 - user_accounts_db3
state: absent state: absent
- name: Mysql_info users_privs | Cleanup sql file for the procedure - name: Mysql_info user_accounts | Cleanup sql file for the procedure
ansible.builtin.file: ansible.builtin.file:
path: /root/create_procedure.sql path: /root/create_procedure.sql
state: absent state: absent

4
tests/integration/targets/test_mysql_info/tasks/main.yml
View file

@ -220,6 +220,6 @@
that: that:
- result.databases.allviews.size == 0 - result.databases.allviews.size == 0
- name: Import tasks file to tests users_privs filter - name: Import tasks file to tests user_accounts filter
ansible.builtin.import_tasks: ansible.builtin.import_tasks:
file: filter_users_privs.yml file: filter_user_accounts.yml