summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKIKUCHI Koichiro <koichiro@hataki.jp>2016-01-07 15:23:13 +0900
committerKIKUCHI Koichiro <koichiro@hataki.jp>2016-01-07 15:23:13 +0900
commit76905bc345ee3c056d93bdf6a00dc4326e8701df (patch)
tree2bb989b6b56216232817f2e80fcf09ad1b220919
parent8dec2045c058c3ecfef53138202469ff500c8c1f (diff)
downloadansible-modules-core-76905bc345ee3c056d93bdf6a00dc4326e8701df.tar.gz
Add check_mode support to mysql_user.
-rw-r--r--database/mysql/mysql_user.py33
1 files changed, 25 insertions, 8 deletions
diff --git a/database/mysql/mysql_user.py b/database/mysql/mysql_user.py
index 3ca952ca..9b22935f 100644
--- a/database/mysql/mysql_user.py
+++ b/database/mysql/mysql_user.py
@@ -200,11 +200,14 @@ def user_exists(cursor, user, host, host_all):
count = cursor.fetchone()
return count[0] > 0
-def user_add(cursor, user, host, host_all, password, encrypted, new_priv):
+def user_add(cursor, user, host, host_all, password, encrypted, new_priv, check_mode):
# we cannot create users without a proper hostname
if host_all:
return False
+ if check_mode:
+ return True
+
if password and encrypted:
cursor.execute("CREATE USER %s@%s IDENTIFIED BY PASSWORD %s", (user,host,password))
elif password and not encrypted:
@@ -222,7 +225,7 @@ def is_hash(password):
ishash = True
return ishash
-def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append_privs):
+def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append_privs, check_mode):
changed = False
grant_option = False
@@ -247,6 +250,8 @@ def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append
encrypted_string = (password)
if is_hash(password):
if current_pass_hash[0] != encrypted_string:
+ if check_mode:
+ return True
if old_user_mgmt:
cursor.execute("SET PASSWORD FOR %s@%s = %s", (user, host, password))
else:
@@ -261,6 +266,8 @@ def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append
cursor.execute("SELECT CONCAT('*', UCASE(SHA1(UNHEX(SHA1(%s)))))", (password,))
new_pass_hash = cursor.fetchone()
if current_pass_hash[0] != new_pass_hash[0]:
+ if check_mode:
+ return True
if old_user_mgmt:
cursor.execute("SET PASSWORD FOR %s@%s = PASSWORD(%s)", (user, host, password))
else:
@@ -279,6 +286,8 @@ def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append
grant_option = True
if db_table not in new_priv:
if user != "root" and "PROXY" not in priv and not append_privs:
+ if check_mode:
+ return True
privileges_revoke(cursor, user,host,db_table,priv,grant_option)
changed = True
@@ -286,6 +295,8 @@ def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append
# we can perform a straight grant operation.
for db_table, priv in new_priv.iteritems():
if db_table not in curr_priv:
+ if check_mode:
+ return True
privileges_grant(cursor, user,host,db_table,priv)
changed = True
@@ -295,6 +306,8 @@ def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append
for db_table in db_table_intersect:
priv_diff = set(new_priv[db_table]) ^ set(curr_priv[db_table])
if (len(priv_diff) > 0):
+ if check_mode:
+ return True
if not append_privs:
privileges_revoke(cursor, user,host,db_table,curr_priv[db_table],grant_option)
privileges_grant(cursor, user,host,db_table,new_priv[db_table])
@@ -302,7 +315,10 @@ def user_mod(cursor, user, host, host_all, password, encrypted, new_priv, append
return changed
-def user_delete(cursor, user, host, host_all):
+def user_delete(cursor, user, host, host_all, check_mode):
+ if module.check_mode:
+ changed = True
+
if host_all:
hostnames = user_get_hostnames(cursor, user)
@@ -452,7 +468,8 @@ def main():
ssl_cert=dict(default=None),
ssl_key=dict(default=None),
ssl_ca=dict(default=None),
- )
+ ),
+ supports_check_mode=True
)
login_user = module.params["login_user"]
login_password = module.params["login_password"]
@@ -499,9 +516,9 @@ def main():
if user_exists(cursor, user, host, host_all):
try:
if update_password == 'always':
- changed = user_mod(cursor, user, host, host_all, password, encrypted, priv, append_privs)
+ changed = user_mod(cursor, user, host, host_all, password, encrypted, priv, append_privs, module.check_mode)
else:
- changed = user_mod(cursor, user, host, host_all, None, encrypted, priv, append_privs)
+ changed = user_mod(cursor, user, host, host_all, None, encrypted, priv, append_privs, module.check_mode)
except (SQLParseError, InvalidPrivsError, MySQLdb.Error), e:
module.fail_json(msg=str(e))
@@ -511,12 +528,12 @@ def main():
if host_all:
module.fail_json(msg="host_all parameter cannot be used when adding a user")
try:
- changed = user_add(cursor, user, host, host_all, password, encrypted, priv)
+ changed = user_add(cursor, user, host, host_all, password, encrypted, priv, module.check_mode)
except (SQLParseError, InvalidPrivsError, MySQLdb.Error), e:
module.fail_json(msg=str(e))
elif state == "absent":
if user_exists(cursor, user, host, host_all):
- changed = user_delete(cursor, user, host, host_all)
+ changed = user_delete(cursor, user, host, host_all, module.check_mode)
else:
changed = False
module.exit_json(changed=changed, user=user)