Merge pull request #2764 from Jmainguy/mysql_user_ansi

add ansi support
author: Brian Coca <bcoca@ansible.com> 2016-01-12 10:51:00 -0500
committer: Brian Coca <bcoca@ansible.com> 2016-01-12 10:51:00 -0500
commit: 0ef69d19eb891c8f9f5a5be2df43688fcf6d03a8 (patch)
tree: 18f5c36ff94b6f5f0a685d0b1120dbd07c1ff7ff /database
parent: 59f3b82898ae0403a6b66c7c2638ae2f1889c14a (diff)
parent: aebbcd6955a212158f3313b3caa0170a93d9d268 (diff)
download: ansible-modules-core-0ef69d19eb891c8f9f5a5be2df43688fcf6d03a8.tar.gz
1 files changed, 29 insertions, 11 deletions
diff --git a/database/mysql/mysql_user.py b/database/mysql/mysql_user.py
index 8718bae9..982836a0 100644
--- a/database/mysql/mysql_user.py
+++ b/database/mysql/mysql_user.py
@@ -191,6 +191,16 @@ def server_version_check(cursor):
     else:
         return False
 
+def get_mode(cursor):
+    cursor.execute('SELECT @@GLOBAL.sql_mode')
+    result = cursor.fetchone()
+    mode_str = result[0]
+    if 'ANSI' in mode_str:
+        mode = 'ANSI'
+    else:
+        mode = 'NOTANSI'
+    return mode
+
 def user_exists(cursor, user, host, host_all):
     if host_all:
         cursor.execute("SELECT count(*) FROM user WHERE user = %s", user)
@@ -373,7 +383,7 @@ def privileges_get(cursor, user,host):
         output[db] = privileges
     return output
 
-def privileges_unpack(priv):
+def privileges_unpack(priv, mode):
     """ Take a privileges string, typically passed as a parameter, and unserialize
     it into a dictionary, the same format as privileges_get() above. We have this
     custom format to avoid using YAML/JSON strings inside YAML playbooks. Example
@@ -384,6 +394,10 @@ def privileges_unpack(priv):
     The privilege USAGE stands for no privileges, so we add that in on *.* if it's
     not specified in the string, as MySQL will always provide this by default.
     """
+    if mode == 'ANSI':
+        quote = '"'
+    else:
+        quote = '`'
     output = {}
     privs = []
     for item in priv.strip().split('/'):
@@ -391,7 +405,7 @@ def privileges_unpack(priv):
         dbpriv = pieces[0].rsplit(".", 1)
         # Do not escape if privilege is for database '*' (all databases)
         if dbpriv[0].strip('`') != '*':
-            pieces[0] = "`%s`.%s" % (dbpriv[0].strip('`'), dbpriv[1])
+            pieces[0] = '%s%s%s.%s' % (quote, dbpriv[0].strip('`'), quote, dbpriv[1])
 
         if '(' in pieces[1]:
             output[pieces[0]] = re.split(r',\s*(?=[^)]*(?:\(|$))', pieces[1].upper())
@@ -418,12 +432,12 @@ def privileges_revoke(cursor, user,host,db_table,priv,grant_option):
     # Escape '%' since mysql db.execute() uses a format string
     db_table = db_table.replace('%', '%%')
     if grant_option:
-        query = ["REVOKE GRANT OPTION ON %s" % mysql_quote_identifier(db_table, 'table')]
+        query = ["REVOKE GRANT OPTION ON %s" % db_table]
         query.append("FROM %s@%s")
         query = ' '.join(query)
         cursor.execute(query, (user, host))
     priv_string = ",".join([p for p in priv if p not in ('GRANT', 'REQUIRESSL')])
-    query = ["REVOKE %s ON %s" % (priv_string, mysql_quote_identifier(db_table, 'table'))]
+    query = ["REVOKE %s ON %s" % (priv_string, db_table)]
     query.append("FROM %s@%s")
     query = ' '.join(query)
     cursor.execute(query, (user, host))
@@ -433,7 +447,7 @@ def privileges_grant(cursor, user,host,db_table,priv):
     # specification of db and table often use a % (SQL wildcard)
     db_table = db_table.replace('%', '%%')
     priv_string = ",".join([p for p in priv if p not in ('GRANT', 'REQUIRESSL')])
-    query = ["GRANT %s ON %s" % (priv_string, mysql_quote_identifier(db_table, 'table'))]
+    query = ["GRANT %s ON %s" % (priv_string, db_table)]
     query.append("TO %s@%s")
     if 'REQUIRESSL' in priv:
         query.append("REQUIRE SSL")
@@ -493,12 +507,6 @@ def main():
     if not mysqldb_found:
         module.fail_json(msg="the python mysqldb module is required")
 
-    if priv is not None:
-        try:
-            priv = privileges_unpack(priv)
-        except Exception, e:
-            module.fail_json(msg="invalid privileges string: %s" % str(e))
-
     cursor = None
     try:
         if check_implicit_admin:
@@ -512,6 +520,16 @@ def main():
     except Exception, e:
         module.fail_json(msg="unable to connect to database, check login_user and login_password are correct or %s has the credentials. Exception message: %s" % (config_file, e))
 
+    if priv is not None:
+        try:
+            mode = get_mode(cursor)
+        except Exception, e:
+            module.fail_json(msg=str(e))
+        try:
+            priv = privileges_unpack(priv, mode)
+        except Exception, e:
+            module.fail_json(msg="invalid privileges string: %s" % str(e))
+
     if state == "present":
         if user_exists(cursor, user, host, host_all):
             try:
author	Brian Coca <bcoca@ansible.com>	2016-01-12 10:51:00 -0500
committer	Brian Coca <bcoca@ansible.com>	2016-01-12 10:51:00 -0500
commit	0ef69d19eb891c8f9f5a5be2df43688fcf6d03a8 (patch)
tree	18f5c36ff94b6f5f0a685d0b1120dbd07c1ff7ff /database
parent	59f3b82898ae0403a6b66c7c2638ae2f1889c14a (diff)
parent	aebbcd6955a212158f3313b3caa0170a93d9d268 (diff)
download	ansible-modules-core-0ef69d19eb891c8f9f5a5be2df43688fcf6d03a8.tar.gz