From f5a78f1c5fde35e522ccd9db4f8ef0eea66fe965 Mon Sep 17 00:00:00 2001
From: Reinhard Vicinus <r.vicinus@metaways.de>
Date: Wed, 11 Dec 2013 13:15:21 +0100
Subject: [PATCH 1/3] mysql_grant bugfix: on table *.* SHOW GRANT can return
 'WITH MAX_QUERIES_PER_HOUR' which breaks the captures on the match

---
 lib/puppet/provider/mysql_grant/mysql.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/puppet/provider/mysql_grant/mysql.rb b/lib/puppet/provider/mysql_grant/mysql.rb
index c633216..2460174 100644
--- a/lib/puppet/provider/mysql_grant/mysql.rb
+++ b/lib/puppet/provider/mysql_grant/mysql.rb
@@ -22,7 +22,7 @@ Puppet::Type.type(:mysql_grant).provide(:mysql, :parent => Puppet::Provider::Mys
             priv == 'ALL PRIVILEGES' ? 'ALL' : priv.lstrip.rstrip
           end
           # Same here, but to remove OPTION leaving just GRANT.
-          options = rest.match(/WITH\s(.*)\sOPTION$/).captures if rest.include?('WITH')
+          options = ['GRANT'] if rest.match(/WITH\sGRANT\sOPTION/)
           # We need to return an array of instances so capture these
           instances << new(
               :name       => "#{user}@#{host}/#{table}",

From 9de42ac43e347aacfbf782ccb9fc5adc9a787edc Mon Sep 17 00:00:00 2001
From: Reinhard Vicinus <r.vicinus@metaways.de>
Date: Wed, 11 Dec 2013 13:16:14 +0100
Subject: [PATCH 2/3] mysql_grant bugfix: REVOKE ALL PRIVILEGES doesn't revoke
 GRANT OPTION

---
 lib/puppet/provider/mysql_grant/mysql.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/puppet/provider/mysql_grant/mysql.rb b/lib/puppet/provider/mysql_grant/mysql.rb
index 2460174..7dabf46 100644
--- a/lib/puppet/provider/mysql_grant/mysql.rb
+++ b/lib/puppet/provider/mysql_grant/mysql.rb
@@ -76,6 +76,11 @@ Puppet::Type.type(:mysql_grant).provide(:mysql, :parent => Puppet::Provider::Mys
 
     query = "REVOKE ALL ON #{table_string} FROM #{user_string}"
     mysql([defaults_file, '-e', query].compact)
+    # revoke grant option needs to be a extra query, because
+    # "REVOKE ALL PRIVILEGES, GRANT OPTION [..]" is only valid mysql syntax
+    # if no ON clause is used.
+    query = "REVOKE GRANT OPTION ON #{table_string} FROM #{user_string}"
+    mysql([defaults_file, '-e', query].compact)
   end
 
   def destroy

From 07c3b76eb9cbca651d693db050eaa647a17537a4 Mon Sep 17 00:00:00 2001
From: Reinhard Vicinus <r.vicinus@metaways.de>
Date: Wed, 11 Dec 2013 13:17:52 +0100
Subject: [PATCH 3/3] mysql_grant bugfix: remove duplicate privileges and GRANT
 privilege, otherwise the resource gets changed every puppet run

---
 lib/puppet/type/mysql_grant.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/puppet/type/mysql_grant.rb b/lib/puppet/type/mysql_grant.rb
index 48a121a..be8dfbc 100644
--- a/lib/puppet/type/mysql_grant.rb
+++ b/lib/puppet/type/mysql_grant.rb
@@ -17,7 +17,7 @@ Puppet::Type.newtype(:mysql_grant) do
     # Sort the privileges array in order to ensure the comparision in the provider
     # self.instances method match.  Otherwise this causes it to keep resetting the
     # privileges.
-    self[:privileges] = Array(self[:privileges]).sort!
+    self[:privileges] = Array(self[:privileges]).map(&:upcase).uniq.reject{|k| k == 'GRANT' or k == 'GRANT OPTION'}.sort!
   end
 
   validate do