opuppet/module-puppetlabs-mysql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Fix regression in username validation

Browse source 
Commit cdd7132ff9 added logic to catch invalid database usernames,
but the regex it uses fails to match usernames with special characters that are properly quoted,
causing errors with usernames that used to work in versions < 3.0.0. This fixes the regex so that
if the username is quoted, anything is allowed between the quotes.

From the docs (http://dev.mysql.com/doc/refman/5.5/en/identifiers.html):
"Permitted characters in quoted identifiers include the full Unicode Basic Multilingual Plane (BMP),
except U+0000"
This commit is contained in:
Mason Malone 2014-11-13 18:18:02 -05:00
parent 89762a7d0c
commit 4f0d4311d9
2 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/puppet/type/mysql_user.rb
View file

@ -13,9 +13,7 @@ Puppet::Type.newtype(:mysql_user) do
# Regex should problably be more like this: /^[`'"]?[^`'"]*[`'"]?@[`'"]?[\w%\.]+[`'"]?$/
# If at least one special char is used, string must be quoted
raise(ArgumentError, "Database user #{value} must be quotted as it contains special characters") if value =~ /^[^'`"].*[^0-9a-zA-Z$_].*[^'`"]@[\w%\.:]+/
# If no special char, quoted is not needed, but allowed
# I don't see any case where this could happen, as it should be covered by previous check
raise(ArgumentError, "Invalid database user #{value}") unless value =~ /^['`"]?[0-9a-zA-Z$_]*['`"]?@[\w%\.:]+/
raise(ArgumentError, "Invalid database user #{value}") unless value =~ /^(?:['`"][^'`"]*['`"]|[0-9a-zA-Z$_]*)@[\w%\.:]+/
username = value.split('@')[0]
if username.size > 16
raise ArgumentError, 'MySQL usernames are limited to a maximum of 16 characters'

10
spec/unit/puppet/type/mysql_user_spec.rb
View file

@ -49,6 +49,16 @@ describe Puppet::Type.type(:mysql_user) do
end
end
context 'using `speci!al#`@localhost' do
before :each do
@user = Puppet::Type.type(:mysql_user).new(:name => '`speci!al#`@localhost', :password_hash => 'pass')
end
it 'should accept a quoted user name with special chatracters' do
expect(@user[:name]).to eq('`speci!al#`@localhost')
end
end
context 'using in-valid@localhost' do
it 'should fail with an unquotted username with special char' do
expect {