fix case when user as no other privileges than USAGE

2025-04-06 10:40:36 -07:00 · 2023-09-21 14:01:41 +02:00 · 2023-09-21 14:01:41 +02:00 · ddd3812574
commit ddd3812574
parent 122625c477
2 changed files with 8 additions and 3 deletions
--- a/plugins/modules/mysql_info.py
+++ b/plugins/modules/mysql_info.py
@ -545,9 +545,6 @@ class MySQL_Info(object):

            priv_string = list()
            for db_table, priv in user_priv.items():
-                if db_table == '*.*' and priv == ['USAGE']:
-                    continue
-
                # privileges_get returns "'''@''': 'PROXY,GRANT'". The % is missing
                # and there is too many quotes. So we rewrite this. Also because we
                # wrap the db_table between single quotes, I use backticks to
@ -565,6 +562,10 @@ class MySQL_Info(object):
                unquote_db_table = db_table.replace('`', '').replace("'", '')
                priv_string.append('%s:%s' % (unquote_db_table, ','.join(priv)))

+            # Only keep *.* USAGE if it's the only user privilege given
+            if len(priv_string) > 1 and '*.*:USAGE' in priv_string:
+                priv_string.remove('*.*:USAGE')
+
            resource_limits = get_resource_limits(self.module, self.cursor, user, host)

            copy_ressource_limits = dict.copy(resource_limits)
--- a/tests/integration/targets/test_mysql_info/tasks/filter_users_privs.yml
+++ b/tests/integration/targets/test_mysql_info/tasks/filter_users_privs.yml
@ -75,6 +75,9 @@
          privs:
            'mysql.*': 'SELECT'
            'users_privs_db.*': 'SELECT'
+        - name: users_privs_usage_only
+          priv:
+            '*.*': 'USAGE'

    - name: Mysql_info users_privs | Prepare tests users for MariaDB
      community.mysql.mysql_user:
@ -185,6 +188,7 @@
        - users_privs_table
        - users_privs_col
        - users_privs_proc
+        - users_privs_usage_only

    - name: Mysql_info users_privs | Cleanup sql file for the procedure
      ansible.builtin.file: