mirror of
https://github.com/ansible-collections/community.mysql.git
synced 2025-07-23 13:20:25 -07:00
Remove support for REQUIRESSL privilege (#244)
* Remove support for REQUIRESSL privilege * Fix error search string
This commit is contained in:
parent
c74943a737
commit
dd4700989f
5 changed files with 11 additions and 147 deletions
|
@ -37,50 +37,19 @@
|
|||
- "{{ user_name_1 }}"
|
||||
- "{{ user_name_2 }}"
|
||||
|
||||
- name: create user with REQUIRESSL privilege
|
||||
mysql_user:
|
||||
<<: *mysql_params
|
||||
name: "{{ user_name_1 }}"
|
||||
password: "{{ user_password_1 }}"
|
||||
priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
|
||||
|
||||
- name: verify REQUIRESSL is assigned to the user
|
||||
mysql_query:
|
||||
<<: *mysql_params
|
||||
query: "SHOW {{ what }} '{{ user_name_1}}'@'localhost'"
|
||||
register: result
|
||||
vars:
|
||||
what: "{{ 'GRANTS FOR' if old_user_mgmt else 'CREATE USER' }}"
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- result is succeeded and 'REQUIRE SSL' in (result.query_result | string)
|
||||
|
||||
- name: create user with equivalent ssl requirement in tls_requires (expect unchanged)
|
||||
mysql_user:
|
||||
<<: *mysql_params
|
||||
name: "{{ user_name_1 }}"
|
||||
password: "{{ user_password_1 }}"
|
||||
priv: '*.*:SELECT,CREATE USER,GRANT'
|
||||
tls_requires:
|
||||
SSL:
|
||||
register: result
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- result is not changed
|
||||
|
||||
- name: create the same user again, with REQUIRESSL privilege once more
|
||||
- name: create user with REQUIRESSL privilege (expect failure)
|
||||
mysql_user:
|
||||
<<: *mysql_params
|
||||
name: "{{ user_name_1 }}"
|
||||
password: "{{ user_password_1 }}"
|
||||
priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
|
||||
register: result
|
||||
ignore_errors: yes
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- result is not changed
|
||||
- result is failed
|
||||
- result.msg is search('Error granting privileges')
|
||||
|
||||
- name: create user with both REQUIRESSL privilege and an incompatible tls_requires option
|
||||
mysql_user:
|
||||
|
@ -90,19 +59,13 @@
|
|||
priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
|
||||
tls_requires:
|
||||
X509:
|
||||
|
||||
- name: create same user again without REQUIRESSL privilege
|
||||
mysql_user:
|
||||
<<: *mysql_params
|
||||
name: "{{ user_name_1 }}"
|
||||
password: "{{ user_password_1 }}"
|
||||
priv: '*.*:SELECT,CREATE USER,GRANT'
|
||||
tls_requires:
|
||||
X509:
|
||||
register: result
|
||||
ignore_errors: yes
|
||||
|
||||
- assert:
|
||||
that: result is not changed
|
||||
that:
|
||||
- result is failed
|
||||
- result.msg is search('Error granting privileges')
|
||||
|
||||
- name: Drop mysql user
|
||||
mysql_user:
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue