opuppet/module-puppetlabs-mysql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #873 from bmjen/fix-grants

Browse source 
Fix mysql_grant acceptance tests.
This commit is contained in:
TP Honey 2016-08-10 16:05:11 +01:00 committed by GitHub
commit a183846166
3 changed files with 162 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

108
spec/acceptance/types/mysql_grant_spec.rb
View file

@ -15,10 +15,14 @@ describe 'mysql_grant' do
describe 'missing privileges for user' do describe 'missing privileges for user' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test1@tester':
ensure => present,
}
mysql_grant { 'test1@tester/test.*': mysql_grant { 'test1@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test1@tester', user => 'test1@tester',
require => Mysql_user['test1@tester'],
} }
EOS EOS
@ -33,10 +37,14 @@ describe 'mysql_grant' do
describe 'missing table for user' do describe 'missing table for user' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'atest@tester':
ensure => present,
}
mysql_grant { 'atest@tester/test.*': mysql_grant { 'atest@tester/test.*':
ensure => 'present', ensure => 'present',
user => 'atest@tester', user => 'atest@tester',
privileges => ['ALL'], privileges => ['ALL'],
require => Mysql_user['atest@tester'],
} }
EOS EOS
@ -51,11 +59,15 @@ describe 'mysql_grant' do
describe 'adding privileges' do describe 'adding privileges' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test2@tester':
ensure => present,
}
mysql_grant { 'test2@tester/test.*': mysql_grant { 'test2@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test2@tester', user => 'test2@tester',
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test2@tester'],
} }
EOS EOS
@ -73,11 +85,15 @@ describe 'mysql_grant' do
describe 'adding privileges with special character in name' do describe 'adding privileges with special character in name' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test-2@tester':
ensure => present,
}
mysql_grant { 'test-2@tester/test.*': mysql_grant { 'test-2@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test-2@tester', user => 'test-2@tester',
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test-2@tester'],
} }
EOS EOS
@ -95,11 +111,15 @@ describe 'mysql_grant' do
describe 'adding privileges with invalid name' do describe 'adding privileges with invalid name' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test2@tester':
ensure => present,
}
mysql_grant { 'test': mysql_grant { 'test':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test2@tester', user => 'test2@tester',
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test2@tester'],
} }
EOS EOS
@ -110,12 +130,16 @@ describe 'mysql_grant' do
describe 'adding option' do describe 'adding option' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test3@tester':
ensure => present,
}
mysql_grant { 'test3@tester/test.*': mysql_grant { 'test3@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test3@tester', user => 'test3@tester',
options => ['GRANT'], options => ['GRANT'],
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test3@tester'],
} }
EOS EOS
@ -133,11 +157,15 @@ describe 'mysql_grant' do
describe 'adding all privileges without table' do describe 'adding all privileges without table' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test4@tester':
ensure => present,
}
mysql_grant { 'test4@tester/test.*': mysql_grant { 'test4@tester/test.*':
ensure => 'present', ensure => 'present',
user => 'test4@tester', user => 'test4@tester',
options => ['GRANT'], options => ['GRANT'],
privileges => ['SELECT', 'UPDATE', 'ALL'], privileges => ['SELECT', 'UPDATE', 'ALL'],
require => Mysql_user['test4@tester'],
} }
EOS EOS
@ -148,12 +176,16 @@ describe 'mysql_grant' do
describe 'adding all privileges' do describe 'adding all privileges' do
it 'should only try to apply ALL' do it 'should only try to apply ALL' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test4@tester':
ensure => present,
}
mysql_grant { 'test4@tester/test.*': mysql_grant { 'test4@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test4@tester', user => 'test4@tester',
options => ['GRANT'], options => ['GRANT'],
privileges => ['SELECT', 'UPDATE', 'ALL'], privileges => ['SELECT', 'UPDATE', 'ALL'],
require => Mysql_user['test4@tester'],
} }
EOS EOS
@ -172,35 +204,55 @@ describe 'mysql_grant' do
describe 'short hostname' do describe 'short hostname' do
it 'should apply' do it 'should apply' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@short':
ensure => present,
}
mysql_grant { 'test@short/test.*': mysql_grant { 'test@short/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@short', user => 'test@short',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@short'],
}
mysql_user { 'test@long.hostname.com':
ensure => present,
} }
mysql_grant { 'test@long.hostname.com/test.*': mysql_grant { 'test@long.hostname.com/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@long.hostname.com', user => 'test@long.hostname.com',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@long.hostname.com'],
}
mysql_user { 'test@192.168.5.6':
ensure => present,
} }
mysql_grant { 'test@192.168.5.6/test.*': mysql_grant { 'test@192.168.5.6/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@192.168.5.6', user => 'test@192.168.5.6',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@192.168.5.6'],
}
mysql_user { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004':
ensure => present,
} }
mysql_grant { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004/test.*': mysql_grant { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@2607:f0d0:1002:0051:0000:0000:0000:0004', user => 'test@2607:f0d0:1002:0051:0000:0000:0000:0004',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@2607:f0d0:1002:0051:0000:0000:0000:0004'],
}
mysql_user { 'test@::1/128':
ensure => present,
} }
mysql_grant { 'test@::1/128/test.*': mysql_grant { 'test@::1/128/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@::1/128', user => 'test@::1/128',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@::1/128'],
} }
EOS EOS
@ -263,30 +315,58 @@ describe 'mysql_grant' do
require => [ Mysql_database['foo'], Exec['mysql-create-table'] ], require => [ Mysql_database['foo'], Exec['mysql-create-table'] ],
} }
mysql_user { "user1@${dbSubnet}":
ensure => present,
}
mysql_grant { "user1@${dbSubnet}/*.*": mysql_grant { "user1@${dbSubnet}/*.*":
user => "user1@${dbSubnet}", user => "user1@${dbSubnet}",
require => Mysql_user["user1@${dbSubnet}"],
}
mysql_user { "user2@${dbSubnet}":
ensure => present,
} }
mysql_grant { "user2@${dbSubnet}/foo.bar": mysql_grant { "user2@${dbSubnet}/foo.bar":
privileges => ['SELECT', 'INSERT', 'UPDATE'], privileges => ['SELECT', 'INSERT', 'UPDATE'],
user => "user2@${dbSubnet}", user => "user2@${dbSubnet}",
table => 'foo.bar', table => 'foo.bar',
require => Mysql_user["user2@${dbSubnet}"],
}
mysql_user { "user3@${dbSubnet}":
ensure => present,
} }
mysql_grant { "user3@${dbSubnet}/foo.*": mysql_grant { "user3@${dbSubnet}/foo.*":
privileges => ['SELECT', 'INSERT', 'UPDATE'], privileges => ['SELECT', 'INSERT', 'UPDATE'],
user => "user3@${dbSubnet}", user => "user3@${dbSubnet}",
table => 'foo.*', table => 'foo.*',
require => Mysql_user["user3@${dbSubnet}"],
}
mysql_user { 'web@%':
ensure => present,
} }
mysql_grant { 'web@%/*.*': mysql_grant { 'web@%/*.*':
user => 'web@%', user => 'web@%',
require => Mysql_user['web@%'],
}
mysql_user { "web@${dbSubnet}":
ensure => present,
} }
mysql_grant { "web@${dbSubnet}/*.*": mysql_grant { "web@${dbSubnet}/*.*":
user => "web@${dbSubnet}", user => "web@${dbSubnet}",
require => Mysql_user["web@${dbSubnet}"],
}
mysql_user { "web@${fqdn}":
ensure => present,
} }
mysql_grant { "web@${fqdn}/*.*": mysql_grant { "web@${fqdn}/*.*":
user => "web@${fqdn}", user => "web@${fqdn}",
require => Mysql_user["web@${fqdn}"],
}
mysql_user { 'web@localhost':
ensure => present,
} }
mysql_grant { 'web@localhost/*.*': mysql_grant { 'web@localhost/*.*':
user => 'web@localhost', user => 'web@localhost',
require => Mysql_user['web@localhost'],
} }
EOS EOS
@ -298,10 +378,14 @@ describe 'mysql_grant' do
describe 'lower case privileges' do describe 'lower case privileges' do
it 'create ALL privs' do it 'create ALL privs' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'lowercase@localhost':
ensure => present,
}
mysql_grant { 'lowercase@localhost/*.*': mysql_grant { 'lowercase@localhost/*.*':
user => 'lowercase@localhost', user => 'lowercase@localhost',
privileges => 'ALL', privileges => 'ALL',
table => '*.*', table => '*.*',
require => Mysql_user['lowercase@localhost'],
} }
EOS EOS
@ -310,10 +394,14 @@ describe 'mysql_grant' do
it 'create lowercase all privs' do it 'create lowercase all privs' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'lowercase@localhost':
ensure => present,
}
mysql_grant { 'lowercase@localhost/*.*': mysql_grant { 'lowercase@localhost/*.*':
user => 'lowercase@localhost', user => 'lowercase@localhost',
privileges => 'all', privileges => 'all',
table => '*.*', table => '*.*',
require => Mysql_user['lowercase@localhost'],
} }
EOS EOS
@ -324,11 +412,15 @@ describe 'mysql_grant' do
describe 'adding procedure privileges' do describe 'adding procedure privileges' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test2@tester':
ensure => present,
}
mysql_grant { 'test2@tester/PROCEDURE test.simpleproc': mysql_grant { 'test2@tester/PROCEDURE test.simpleproc':
ensure => 'present', ensure => 'present',
table => 'PROCEDURE test.simpleproc', table => 'PROCEDURE test.simpleproc',
user => 'test2@tester', user => 'test2@tester',
privileges => ['EXECUTE'], privileges => ['EXECUTE'],
require => Mysql_user['test2@tester'],
} }
EOS EOS
@ -359,17 +451,25 @@ describe 'mysql_grant' do
it 'should apply' do it 'should apply' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@fqdn.com':
ensure => present,
}
mysql_grant { 'test@fqdn.com/test.*': mysql_grant { 'test@fqdn.com/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@fqdn.com', user => 'test@fqdn.com',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@fqdn.com'],
}
mysql_user { 'test@192.168.5.7':
ensure => present,
} }
mysql_grant { 'test@192.168.5.7/test.*': mysql_grant { 'test@192.168.5.7/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@192.168.5.7', user => 'test@192.168.5.7',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@192.168.5.7'],
} }
EOS EOS
@ -388,11 +488,15 @@ describe 'mysql_grant' do
it 'should fail to execute while applying' do it 'should fail to execute while applying' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@fqdn.com':
ensure => present,
}
mysql_grant { 'test@fqdn.com/test.*': mysql_grant { 'test@fqdn.com/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@fqdn.com', user => 'test@fqdn.com',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@fqdn.com'],
} }
EOS EOS
@ -425,10 +529,14 @@ describe 'mysql_grant' do
it 'creates grant on missing table will fail' do it 'creates grant on missing table will fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@localhost':
ensure => present,
}
mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table':
user => 'test@localhost', user => 'test@localhost',
privileges => ['SELECT'], privileges => ['SELECT'],
table => 'grant_spec_db.grant_spec_table', table => 'grant_spec_db.grant_spec_table',
require => Mysql_user['test@localhost'],
} }
EOS EOS
expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Table 'grant_spec_db\.grant_spec_table' doesn't exist/) expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Table 'grant_spec_db\.grant_spec_table' doesn't exist/)

4
spec/acceptance/types/mysql_plugin_spec.rb
View file

@ -27,6 +27,10 @@ elsif fact('osfamily') =~ /Debian/
if fact('operatingsystemrelease') =~ /^10\.04/ if fact('operatingsystemrelease') =~ /^10\.04/
# Only available plugin is innodb which is already loaded and not unload- or reload-able # Only available plugin is innodb which is already loaded and not unload- or reload-able
plugin = nil plugin = nil
elsif fact('operatingsystemrelease') =~ /^16\.04/
# On Xenial running 5.7.12, the example plugin does not appear to be available.
plugin = 'validate_password'
plugin_lib = 'validate_password.so'
else else
plugin = 'example' plugin = 'example'
plugin_lib = 'ha_example.so' plugin_lib = 'ha_example.so'

6
spec/acceptance/types/mysql_user_spec.rb
View file

@ -16,7 +16,7 @@ describe 'mysql_user' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'ashp@localhost': mysql_user { 'ashp@localhost':
password_hash => '6f8c114b58f2ce9e', password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5',
} }
EOS EOS
@ -37,7 +37,7 @@ describe 'mysql_user' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'ashp-dash@localhost': mysql_user { 'ashp-dash@localhost':
password_hash => '6f8c114b58f2ce9e', password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5',
} }
EOS EOS
@ -58,7 +58,7 @@ describe 'mysql_user' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'ashp@LocalHost': mysql_user { 'ashp@LocalHost':
password_hash => '6f8c114b58f2ce9e', password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5',
} }
EOS EOS