From 6a81a2f6871957e4a412ab892197b19300a590cb Mon Sep 17 00:00:00 2001 From: Branan Purvine-Riley Date: Fri, 4 May 2012 09:58:27 -0700 Subject: [PATCH] (#14316) make privileges case-insensitive --- lib/puppet/provider/database_grant/mysql.rb | 19 ++++++++++++------- lib/puppet/type/database_grant.rb | 7 ++----- .../provider/database_grant/mysql_spec.rb | 19 +++++++++++++------ 3 files changed, 27 insertions(+), 18 deletions(-) diff --git a/lib/puppet/provider/database_grant/mysql.rb b/lib/puppet/provider/database_grant/mysql.rb index 28d718c..df3c79c 100644 --- a/lib/puppet/provider/database_grant/mysql.rb +++ b/lib/puppet/provider/database_grant/mysql.rb @@ -36,13 +36,13 @@ Puppet::Type.type(:database_grant).provide(:mysql) do def self.query_user_privs results = mysql("mysql", "-Be", "describe user") column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] } - @user_privs = column_names.delete_if { |e| !( e =~/_priv$/) }.map! { |p| p.intern } + @user_privs = column_names.delete_if { |e| !( e =~/_priv$/) } end def self.query_db_privs results = mysql("mysql", "-Be", "describe db") column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] } - @db_privs = column_names.delete_if { |e| !(e =~/_priv$/) }.map! { |p| p.intern } + @db_privs = column_names.delete_if { |e| !(e =~/_priv$/) } end def mysql_flush @@ -106,8 +106,8 @@ Puppet::Type.type(:database_grant).provide(:mysql) do when :db db_privs end - all_privs = all_privs.collect do |p| p.to_s end.sort.join("|") - privs = privileges.collect do |p| p.to_s end.sort.join("|") + all_privs = all_privs.collect do |p| p.downcase end.sort.join("|") + privs = privileges.collect do |p| p.downcase end.sort.join("|") all_privs == privs end @@ -133,7 +133,7 @@ Puppet::Type.type(:database_grant).provide(:mysql) do privs = privs.select do |p| p[0].match(/_priv$/) and p[1] == 'Y' end end - privs.collect do |p| symbolize(p[0]) end + privs.collect do |p| p[0] end end def privileges=(privs) @@ -157,12 +157,17 @@ Puppet::Type.type(:database_grant).provide(:mysql) do all_privs = db_privs end - if privs[0] == :all + if privs[0].downcase == 'all' privs = all_privs end + # Downcase the requested priviliges for case-insensitive selection + # we don't map! here because the all_privs object has to remain in + # the same case the DB gave it to us in + privs = privs.map { |p| p.downcase } + # puts "stmt:", stmt - set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p) ? 'Y' : 'N'] end.join(', ') + set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p.downcase) ? 'Y' : 'N'] end.join(', ') # puts "set:", set stmt = stmt << set << where diff --git a/lib/puppet/type/database_grant.rb b/lib/puppet/type/database_grant.rb index 7c1ab02..965695b 100644 --- a/lib/puppet/type/database_grant.rb +++ b/lib/puppet/type/database_grant.rb @@ -31,16 +31,13 @@ Puppet::Type.newtype(:database_grant) do newproperty(:privileges, :array_matching => :all) do desc "The privileges the user should have. The possible values are implementation dependent." - munge do |v| - symbolize(v) - end def should_to_s(newvalue = @should) if newvalue unless newvalue.is_a?(Array) newvalue = [ newvalue ] end - newvalue.collect do |v| v.to_s end.sort.join ", " + newvalue.collect do |v| v.downcase end.sort.join ", " else nil end @@ -51,7 +48,7 @@ Puppet::Type.newtype(:database_grant) do unless currentvalue.is_a?(Array) currentvalue = [ currentvalue ] end - currentvalue.collect do |v| v.to_s end.sort.join ", " + currentvalue.collect do |v| v.downcase end.sort.join ", " else nil end diff --git a/spec/unit/puppet/provider/database_grant/mysql_spec.rb b/spec/unit/puppet/provider/database_grant/mysql_spec.rb index 2547359..58a64ea 100644 --- a/spec/unit/puppet/provider/database_grant/mysql_spec.rb +++ b/spec/unit/puppet/provider/database_grant/mysql_spec.rb @@ -7,7 +7,7 @@ provider_class = Puppet::Type.type(:database_grant).provider(:mysql) describe provider_class do before :each do @resource = Puppet::Type::Database_grant.new( - { :privileges => 'all"', :provider => 'mysql', :name => 'user@host'} + { :privileges => 'all', :provider => 'mysql', :name => 'user@host'} ) @provider = provider_class.new(@resource) end @@ -30,8 +30,8 @@ Select_priv enum('N','Y') NO N Insert_priv enum('N','Y') NO N Update_priv enum('N','Y') NO N EOT - provider_class.user_privs.should == [ :Select_priv, :Insert_priv, :Update_priv ] - provider_class.db_privs.should == [ :Select_priv, :Insert_priv, :Update_priv ] + provider_class.user_privs.should == [ 'Select_priv', 'Insert_priv', 'Update_priv' ] + provider_class.db_privs.should == [ 'Select_priv', 'Insert_priv', 'Update_priv' ] end it 'should query set priviliges' do @@ -39,7 +39,7 @@ EOT Host User Password Select_priv Insert_priv Update_priv host user Y N Y EOT - @provider.privileges.should == [ :Select_priv, :Update_priv ] + @provider.privileges.should == [ 'Select_priv', 'Update_priv' ] end it 'should recognize when all priviliges are set' do @@ -62,13 +62,20 @@ EOT provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n" provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'Y', Update_priv = 'Y' where user=\"user\" and host=\"host\"") provider_class.expects(:mysqladmin).with("flush-privileges") - @provider.privileges=([:all]) + @provider.privileges=(['all']) end it 'should be able to set partial privileges' do provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n" provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'N', Update_priv = 'Y' where user=\"user\" and host=\"host\"") provider_class.expects(:mysqladmin).with("flush-privileges") - @provider.privileges=([:Select_priv, :Update_priv]) + @provider.privileges=(['Select_priv', 'Update_priv']) + end + + it 'should be case insensitive' do + provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n" + provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'Y', Update_priv = 'Y' where user=\"user\" and host=\"host\"") + provider_class.expects(:mysqladmin).with('flush-privileges') + @provider.privileges=(['SELECT_PRIV', 'insert_priv', 'UpDaTe_pRiV']) end end