Expanded priv append tests to cover additional case

2025-04-06 10:40:36 -07:00 · 2020-12-15 19:35:33 -05:00 · 2020-12-15 19:35:33 -05:00 · eb7ce97f61
commit eb7ce97f61
parent 0c68410d16
2 changed files with 41 additions and 7 deletions
--- a/tests/integration/targets/test_mysql_user/tasks/main.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/main.yml
@ -263,8 +263,8 @@

    # Test that append_privs will not attempt to make a change where current privileges are a superset of new privileges
    # (https://github.com/ansible-collections/community.mysql/issues/69)
-    - include: test_priv_append_no_change.yml enable_check_mode=no
-    - include: test_priv_append_no_change.yml enable_check_mode=yes
+    - include: test_priv_append.yml enable_check_mode=no
+    - include: test_priv_append.yml enable_check_mode=yes

    # Tests for the TLS requires dictionary
    - include: tls_requirements.yml
--- a/tests/integration/targets/test_mysql_user/tasks/test_priv_append_no_change.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_priv_append_no_change.yml
@ -18,7 +18,7 @@
      - data1
      - data2

-    - name: Create user with privileges
+    - name: Create a user with an initial set of privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
@ -30,7 +30,7 @@
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
      register: result

-    - name: Assert user given privileges
+    - name: Assert that the initial set of privileges matches what is expected
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
@ -47,21 +47,55 @@
      check_mode: '{{ enable_check_mode }}'
      register: result

-    - name: Assert that there wasn't a change and that the permissions are still the same
+    - name: Assert that there wasn't a change in permissions
      assert:
        that:
          - "result.changed == false"

-    - name: Run command to show privileges for user once more (expect privileges in stdout)
+    - name: Run command to show privileges for user (expect privileges in stdout)
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
      register: result

-    - name: Assert user given privileges once more
+    - name: Assert that the permissions still match what was originally granted
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
          - "'GRANT SELECT, DELETE ON `data2`.*' in result.stdout"

+    - name: Append privileges that are not included in the current set of privileges to test that privileges are updated
+      mysql_user:
+        <<: *mysql_params
+        name: '{{ user_name_4 }}'
+        password: '{{ user_password_4 }}'
+        priv: 'data1.*:DELETE/data2.*:SELECT'
+        append_privs: yes
+        state: present
+      check_mode: '{{ enable_check_mode }}'
+      register: result
+
+    - name: Assert that there was a change because permissions were added to data1.*
+      assert:
+        that:
+          - "result.changed == true"
+
+    - name: Run command to show privileges for user (expect privileges in stdout)
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      register: result
+
+    - name: Assert that the permissions were changed as expected if check_mode is set to 'no'
+      assert:
+        that:
+          - "'GRANT SELECT, INSERT, DELETE ON `data1`.*' in result.stdout"
+          - "'GRANT SELECT, DELETE ON `data2`.*' in result.stdout"
+      when: enable_check_mode == 'no'
+
+    - name: Assert that the permissions were not actually changed if check_mode is set to 'yes'
+      assert:
+        that:
+          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
+          - "'GRANT SELECT, DELETE ON `data2`.*' in result.stdout"
+      when: enable_check_mode == 'yes'
+
    ##########
    # Clean up
    - name: Drop test databases