Skip to content

Commit bb03bd4

Browse files
Farid Uyarfuyar
Farid Uyar
authored and
fuyar
committed
Combine multiple grants into one while checking state
1 parent 7a026a9 commit bb03bd4

File tree

2 files changed

+47
-13
lines changed

2 files changed

+47
-13
lines changed

lib/puppet/provider/mysql_grant/mysql.rb

+30-13
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
commands mysql_raw: 'mysql'
88

99
def self.instances
10-
instances = []
10+
instance_configs = {}
1111
users.map do |user|
1212
user_string = cmd_user(user)
1313
query = "SHOW GRANTS FOR #{user_string};"
@@ -45,13 +45,6 @@ def self.instances
4545
(priv == 'ALL PRIVILEGES') ? 'ALL' : priv.strip
4646
end
4747
end
48-
sorted_privileges = stripped_privileges.sort
49-
if newer_than('mysql' => '8.0.0') && sorted_privileges == ['ALTER', 'ALTER ROUTINE', 'CREATE', 'CREATE ROLE', 'CREATE ROUTINE', 'CREATE TABLESPACE', 'CREATE TEMPORARY TABLES', 'CREATE USER',
50-
'CREATE VIEW', 'DELETE', 'DROP', 'DROP ROLE', 'EVENT', 'EXECUTE', 'FILE', 'INDEX', 'INSERT', 'LOCK TABLES', 'PROCESS', 'REFERENCES',
51-
'RELOAD', 'REPLICATION CLIENT', 'REPLICATION SLAVE', 'SELECT', 'SHOW DATABASES', 'SHOW VIEW', 'SHUTDOWN', 'SUPER', 'TRIGGER',
52-
'UPDATE']
53-
sorted_privileges = ['ALL']
54-
end
5548
# Same here, but to remove OPTION leaving just GRANT.
5649
options = if %r{WITH\sGRANT\sOPTION}.match?(rest)
5750
['GRANT']
@@ -61,16 +54,40 @@ def self.instances
6154
# fix double backslash that MySQL prints, so resources match
6255
table.gsub!('\\\\', '\\')
6356
# We need to return an array of instances so capture these
64-
instances << new(
65-
name: "#{user}@#{host}/#{table}",
66-
ensure: :present,
57+
name = "#{user}@#{host}/#{table}"
58+
if instance_configs.key?(name)
59+
instance_config = instance_configs[name]
60+
stripped_privileges.concat instance_config[:privileges]
61+
options.concat instance_config[:options]
62+
end
63+
64+
sorted_privileges = stripped_privileges.uniq.sort
65+
if newer_than('mysql' => '8.0.0') && sorted_privileges == ['ALTER', 'ALTER ROUTINE', 'CREATE', 'CREATE ROLE', 'CREATE ROUTINE', 'CREATE TABLESPACE', 'CREATE TEMPORARY TABLES', 'CREATE USER',
66+
'CREATE VIEW', 'DELETE', 'DROP', 'DROP ROLE', 'EVENT', 'EXECUTE', 'FILE', 'INDEX', 'INSERT', 'LOCK TABLES', 'PROCESS', 'REFERENCES',
67+
'RELOAD', 'REPLICATION CLIENT', 'REPLICATION SLAVE', 'SELECT', 'SHOW DATABASES', 'SHOW VIEW', 'SHUTDOWN', 'SUPER', 'TRIGGER',
68+
'UPDATE']
69+
sorted_privileges = ['ALL']
70+
end
71+
72+
instance_configs[name] = {
6773
privileges: sorted_privileges,
6874
table: table,
6975
user: "#{user}@#{host}",
70-
options: options,
71-
)
76+
options: options.uniq,
77+
}
7278
end
7379
end
80+
instances = []
81+
instance_configs.map do |name, config|
82+
instances << new(
83+
name: name,
84+
ensure: :present,
85+
privileges: config[:privileges],
86+
table: config[:table],
87+
user: config[:user],
88+
options: config[:options],
89+
)
90+
end
7491
instances
7592
end
7693

spec/acceptance/types/mysql_grant_spec.rb

+17
Original file line numberDiff line numberDiff line change
@@ -698,4 +698,21 @@ class { 'mysql::server': override_options => { 'root_password' => 'password' } }
698698
expect(result.exit_code).to be_zero
699699
end
700700
end
701+
702+
describe 'multiple lines privileges', if: Gem::Version.new(mysql_version) > Gem::Version.new('8.0.0') && Gem::Version.new(mysql_version) < Gem::Version.new('10.0.0') do
703+
pp = <<-MANIFEST
704+
mysql_user { 'multi@localhost':
705+
ensure => present,
706+
}
707+
mysql_grant { 'multi@localhost/*.*':
708+
user => 'multi@localhost',
709+
privileges => ['SELECT', 'INSERT', 'UPDATE', 'BACKUP_ADMIN', 'FLUSH_TABLES'],
710+
table => '*.*',
711+
require => Mysql_user['multi@localhost'],
712+
}
713+
MANIFEST
714+
it 'check idempotency in MySQL 8' do
715+
idempotent_apply(pp)
716+
end
717+
end
701718
end

0 commit comments

Comments
 (0)