opuppet/module-puppetlabs-mysql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

(#14316) make privileges case-insensitive

Browse source
This commit is contained in:
Branan Purvine-Riley 2012-05-04 09:58:27 -07:00
parent 3fbb54de6c
commit 6a81a2f687
3 changed files with 27 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
lib/puppet/provider/database_grant/mysql.rb
View file

@ -36,13 +36,13 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
def self.query_user_privs def self.query_user_privs
results = mysql("mysql", "-Be", "describe user") results = mysql("mysql", "-Be", "describe user")
column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] } column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] }
@user_privs = column_names.delete_if { |e| !( e =~/_priv$/) }.map! { |p| p.intern } @user_privs = column_names.delete_if { |e| !( e =~/_priv$/) }
end end
def self.query_db_privs def self.query_db_privs
results = mysql("mysql", "-Be", "describe db") results = mysql("mysql", "-Be", "describe db")
column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] } column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] }
@db_privs = column_names.delete_if { |e| !(e =~/_priv$/) }.map! { |p| p.intern } @db_privs = column_names.delete_if { |e| !(e =~/_priv$/) }
end end
def mysql_flush def mysql_flush
@ -106,8 +106,8 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
when :db when :db
db_privs db_privs
end end
all_privs = all_privs.collect do |p| p.to_s end.sort.join("|") all_privs = all_privs.collect do |p| p.downcase end.sort.join("|")
privs = privileges.collect do |p| p.to_s end.sort.join("|") privs = privileges.collect do |p| p.downcase end.sort.join("|")
all_privs == privs all_privs == privs
end end
@ -133,7 +133,7 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
privs = privs.select do |p| p[0].match(/_priv$/) and p[1] == 'Y' end privs = privs.select do |p| p[0].match(/_priv$/) and p[1] == 'Y' end
end end
privs.collect do |p| symbolize(p[0]) end privs.collect do |p| p[0] end
end end
def privileges=(privs) def privileges=(privs)
@ -157,12 +157,17 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
all_privs = db_privs all_privs = db_privs
end end
if privs[0] == :all if privs[0].downcase == 'all'
privs = all_privs privs = all_privs
end end
# Downcase the requested priviliges for case-insensitive selection
# we don't map! here because the all_privs object has to remain in
# the same case the DB gave it to us in
privs = privs.map { |p| p.downcase }
# puts "stmt:", stmt # puts "stmt:", stmt
set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p) ? 'Y' : 'N'] end.join(', ') set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p.downcase) ? 'Y' : 'N'] end.join(', ')
# puts "set:", set # puts "set:", set
stmt = stmt << set << where stmt = stmt << set << where

7
lib/puppet/type/database_grant.rb
View file

@ -31,16 +31,13 @@ Puppet::Type.newtype(:database_grant) do
newproperty(:privileges, :array_matching => :all) do newproperty(:privileges, :array_matching => :all) do
desc "The privileges the user should have. The possible values are implementation dependent." desc "The privileges the user should have. The possible values are implementation dependent."
munge do |v|
symbolize(v)
end
def should_to_s(newvalue = @should) def should_to_s(newvalue = @should)
if newvalue if newvalue
unless newvalue.is_a?(Array) unless newvalue.is_a?(Array)
newvalue = [ newvalue ] newvalue = [ newvalue ]
end end
newvalue.collect do |v| v.to_s end.sort.join ", " newvalue.collect do |v| v.downcase end.sort.join ", "
else else
nil nil
end end
@ -51,7 +48,7 @@ Puppet::Type.newtype(:database_grant) do
unless currentvalue.is_a?(Array) unless currentvalue.is_a?(Array)
currentvalue = [ currentvalue ] currentvalue = [ currentvalue ]
end end
currentvalue.collect do |v| v.to_s end.sort.join ", " currentvalue.collect do |v| v.downcase end.sort.join ", "
else else
nil nil
end end

19
spec/unit/puppet/provider/database_grant/mysql_spec.rb
View file

@ -7,7 +7,7 @@ provider_class = Puppet::Type.type(:database_grant).provider(:mysql)
describe provider_class do describe provider_class do
before :each do before :each do
@resource = Puppet::Type::Database_grant.new( @resource = Puppet::Type::Database_grant.new(
{ :privileges => 'all"', :provider => 'mysql', :name => 'user@host'} { :privileges => 'all', :provider => 'mysql', :name => 'user@host'}
) )
@provider = provider_class.new(@resource) @provider = provider_class.new(@resource)
end end
@ -30,8 +30,8 @@ Select_priv enum('N','Y') NO N
Insert_priv enum('N','Y') NO N Insert_priv enum('N','Y') NO N
Update_priv enum('N','Y') NO N Update_priv enum('N','Y') NO N
EOT EOT
provider_class.user_privs.should == [ :Select_priv, :Insert_priv, :Update_priv ] provider_class.user_privs.should == [ 'Select_priv', 'Insert_priv', 'Update_priv' ]
provider_class.db_privs.should == [ :Select_priv, :Insert_priv, :Update_priv ] provider_class.db_privs.should == [ 'Select_priv', 'Insert_priv', 'Update_priv' ]
end end
it 'should query set priviliges' do it 'should query set priviliges' do
@ -39,7 +39,7 @@ EOT
Host User Password Select_priv Insert_priv Update_priv Host User Password Select_priv Insert_priv Update_priv
host user Y N Y host user Y N Y
EOT EOT
@provider.privileges.should == [ :Select_priv, :Update_priv ] @provider.privileges.should == [ 'Select_priv', 'Update_priv' ]
end end
it 'should recognize when all priviliges are set' do it 'should recognize when all priviliges are set' do
@ -62,13 +62,20 @@ EOT
provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n" provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n"
provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'Y', Update_priv = 'Y' where user=\"user\" and host=\"host\"") provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'Y', Update_priv = 'Y' where user=\"user\" and host=\"host\"")
provider_class.expects(:mysqladmin).with("flush-privileges") provider_class.expects(:mysqladmin).with("flush-privileges")
@provider.privileges=([:all]) @provider.privileges=(['all'])
end end
it 'should be able to set partial privileges' do it 'should be able to set partial privileges' do
provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n" provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n"
provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'N', Update_priv = 'Y' where user=\"user\" and host=\"host\"") provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'N', Update_priv = 'Y' where user=\"user\" and host=\"host\"")
provider_class.expects(:mysqladmin).with("flush-privileges") provider_class.expects(:mysqladmin).with("flush-privileges")
@provider.privileges=([:Select_priv, :Update_priv]) @provider.privileges=(['Select_priv', 'Update_priv'])
end
it 'should be case insensitive' do
provider_class.expects(:mysql).with('mysql', '-NBe', 'SELECT "1" FROM user WHERE user = \'user\' AND host = \'host\'').returns "1\n"
provider_class.expects(:mysql).with('mysql', '-Be', "update user set Select_priv = 'Y', Insert_priv = 'Y', Update_priv = 'Y' where user=\"user\" and host=\"host\"")
provider_class.expects(:mysqladmin).with('flush-privileges')
@provider.privileges=(['SELECT_PRIV', 'insert_priv', 'UpDaTe_pRiV'])
end end
end end