mirror of
https://github.com/ansible-collections/community.mysql.git
synced 2025-07-25 06:10:25 -07:00
Remove support for REQUIRESSL privilege (#244)
* Remove support for REQUIRESSL privilege * Fix error search string
This commit is contained in:
parent
c74943a737
commit
dd4700989f
5 changed files with 11 additions and 147 deletions
|
@ -664,27 +664,6 @@ def convert_priv_dict_to_str(priv):
|
|||
return '/'.join(priv_list)
|
||||
|
||||
|
||||
def handle_requiressl_in_priv_string(module, priv, tls_requires):
|
||||
module.deprecate('The "REQUIRESSL" privilege is deprecated, use the "tls_requires" option instead.',
|
||||
version='3.0.0', collection_name='community.mysql')
|
||||
priv_groups = re.search(r"(.*?)(\*\.\*:)([^/]*)(.*)", priv)
|
||||
if priv_groups.group(3) == "REQUIRESSL":
|
||||
priv = priv_groups.group(1) + priv_groups.group(4) or None
|
||||
else:
|
||||
inner_priv_groups = re.search(r"(.*?),?REQUIRESSL,?(.*)", priv_groups.group(3))
|
||||
priv = '{0}{1}{2}{3}'.format(
|
||||
priv_groups.group(1),
|
||||
priv_groups.group(2),
|
||||
','.join(filter(None, (inner_priv_groups.group(1), inner_priv_groups.group(2)))),
|
||||
priv_groups.group(4)
|
||||
)
|
||||
if not tls_requires:
|
||||
tls_requires = "SSL"
|
||||
else:
|
||||
module.warn('Ignoring "REQUIRESSL" privilege as "tls_requires" is defined and it takes precedence.')
|
||||
return priv, tls_requires
|
||||
|
||||
|
||||
# Alter user is supported since MySQL 5.6 and MariaDB 10.2.0
|
||||
def server_supports_alter_user(cursor):
|
||||
"""Check if the server supports ALTER USER statement or doesn't.
|
||||
|
|
|
@ -198,16 +198,6 @@ EXAMPLES = r'''
|
|||
FUNCTION my_db.my_function: EXECUTE
|
||||
state: present
|
||||
|
||||
# Note that REQUIRESSL is a special privilege that should only apply to *.* by itself.
|
||||
# Setting this privilege in this manner is deprecated.
|
||||
# Use 'tls_requires' instead.
|
||||
- name: Modify user to require SSL connections
|
||||
community.mysql.mysql_user:
|
||||
name: bob
|
||||
append_privs: yes
|
||||
priv: '*.*:REQUIRESSL'
|
||||
state: present
|
||||
|
||||
- name: Modify user to require TLS connection with a valid client certificate
|
||||
community.mysql.mysql_user:
|
||||
name: bob
|
||||
|
@ -315,7 +305,6 @@ from ansible_collections.community.mysql.plugins.module_utils.user import (
|
|||
convert_priv_dict_to_str,
|
||||
get_impl,
|
||||
get_mode,
|
||||
handle_requiressl_in_priv_string,
|
||||
InvalidPrivsError,
|
||||
limit_resources,
|
||||
privileges_unpack,
|
||||
|
@ -388,9 +377,6 @@ def main():
|
|||
if priv and isinstance(priv, dict):
|
||||
priv = convert_priv_dict_to_str(priv)
|
||||
|
||||
if priv and "REQUIRESSL" in priv:
|
||||
priv, tls_requires = handle_requiressl_in_priv_string(module, priv, tls_requires)
|
||||
|
||||
if mysql_driver is None:
|
||||
module.fail_json(msg=mysql_driver_fail_msg)
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue