Remove support for REQUIRESSL privilege (#244)

* Remove support for REQUIRESSL privilege * Fix error search string
2025-07-23 13:20:25 -07:00 · 2021-12-01 07:56:04 +01:00 · 2021-12-01 07:56:04 +01:00 · dd4700989f
commit dd4700989f
parent c74943a737
5 changed files with 11 additions and 147 deletions
--- a/tests/integration/targets/test_mysql_user/tasks/issue-121.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/issue-121.yml
@ -37,50 +37,19 @@
        - "{{ user_name_1 }}"
        - "{{ user_name_2 }}"

-    - name: create user with REQUIRESSL privilege
-      mysql_user:
-        <<: *mysql_params
-        name: "{{ user_name_1 }}"
-        password: "{{ user_password_1 }}"
-        priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
-
-    - name: verify REQUIRESSL is assigned to the user
-      mysql_query:
-        <<: *mysql_params
-        query: "SHOW {{ what }} '{{ user_name_1}}'@'localhost'"
-      register: result
-      vars:
-        what: "{{ 'GRANTS FOR' if old_user_mgmt else 'CREATE USER' }}"
-
-    - assert:
-        that:
-          - result is succeeded and 'REQUIRE SSL' in (result.query_result | string)
-
-    - name: create user with equivalent ssl requirement in tls_requires (expect unchanged)
-      mysql_user:
-        <<: *mysql_params
-        name: "{{ user_name_1 }}"
-        password: "{{ user_password_1 }}"
-        priv: '*.*:SELECT,CREATE USER,GRANT'
-        tls_requires:
-          SSL:
-      register: result
-
-    - assert:
-        that:
-          - result is not changed
-
-    - name: create the same user again, with REQUIRESSL privilege once more
+    - name: create user with REQUIRESSL privilege (expect failure)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        password: "{{ user_password_1 }}"
        priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
      register: result
+      ignore_errors: yes

    - assert:
        that:
-          - result is not changed
+          - result is failed
+          - result.msg is search('Error granting privileges')

    - name: create user with both REQUIRESSL privilege and an incompatible tls_requires option
      mysql_user:
@ -90,19 +59,13 @@
        priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
        tls_requires:
          X509:
-
-    - name: create same user again without REQUIRESSL privilege
-      mysql_user:
-        <<: *mysql_params
-        name: "{{ user_name_1 }}"
-        password: "{{ user_password_1 }}"
-        priv: '*.*:SELECT,CREATE USER,GRANT'
-        tls_requires:
-          X509:
      register: result
+      ignore_errors: yes

    - assert:
-        that: result is not changed
+        that:
+          - result is failed
+          - result.msg is search('Error granting privileges')

    - name: Drop mysql user
      mysql_user: