opuppet/module-puppetlabs-mysql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #873 from bmjen/fix-grants

Browse source 
Fix mysql_grant acceptance tests.
This commit is contained in:
TP Honey 2016-08-10 16:05:11 +01:00 committed by GitHub
commit a183846166
3 changed files with 162 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

202
spec/acceptance/types/mysql_grant_spec.rb
View file

@ -15,10 +15,14 @@ describe 'mysql_grant' do
describe 'missing privileges for user' do describe 'missing privileges for user' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test1@tester':
ensure => present,
}
mysql_grant { 'test1@tester/test.*': mysql_grant { 'test1@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test1@tester', user => 'test1@tester',
require => Mysql_user['test1@tester'],
} }
EOS EOS
@ -33,10 +37,14 @@ describe 'mysql_grant' do
describe 'missing table for user' do describe 'missing table for user' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'atest@tester':
ensure => present,
}
mysql_grant { 'atest@tester/test.*': mysql_grant { 'atest@tester/test.*':
ensure => 'present', ensure => 'present',
user => 'atest@tester', user => 'atest@tester',
privileges => ['ALL'], privileges => ['ALL'],
require => Mysql_user['atest@tester'],
} }
EOS EOS
@ -51,11 +59,15 @@ describe 'mysql_grant' do
describe 'adding privileges' do describe 'adding privileges' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test2@tester':
ensure => present,
}
mysql_grant { 'test2@tester/test.*': mysql_grant { 'test2@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test2@tester', user => 'test2@tester',
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test2@tester'],
} }
EOS EOS
@ -73,11 +85,15 @@ describe 'mysql_grant' do
describe 'adding privileges with special character in name' do describe 'adding privileges with special character in name' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test-2@tester':
ensure => present,
}
mysql_grant { 'test-2@tester/test.*': mysql_grant { 'test-2@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test-2@tester', user => 'test-2@tester',
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test-2@tester'],
} }
EOS EOS
@ -95,11 +111,15 @@ describe 'mysql_grant' do
describe 'adding privileges with invalid name' do describe 'adding privileges with invalid name' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test2@tester':
ensure => present,
}
mysql_grant { 'test': mysql_grant { 'test':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test2@tester', user => 'test2@tester',
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test2@tester'],
} }
EOS EOS
@ -110,12 +130,16 @@ describe 'mysql_grant' do
describe 'adding option' do describe 'adding option' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test3@tester':
ensure => present,
}
mysql_grant { 'test3@tester/test.*': mysql_grant { 'test3@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test3@tester', user => 'test3@tester',
options => ['GRANT'], options => ['GRANT'],
privileges => ['SELECT', 'UPDATE'], privileges => ['SELECT', 'UPDATE'],
require => Mysql_user['test3@tester'],
} }
EOS EOS
@ -133,11 +157,15 @@ describe 'mysql_grant' do
describe 'adding all privileges without table' do describe 'adding all privileges without table' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test4@tester':
ensure => present,
}
mysql_grant { 'test4@tester/test.*': mysql_grant { 'test4@tester/test.*':
ensure => 'present', ensure => 'present',
user => 'test4@tester', user => 'test4@tester',
options => ['GRANT'], options => ['GRANT'],
privileges => ['SELECT', 'UPDATE', 'ALL'], privileges => ['SELECT', 'UPDATE', 'ALL'],
require => Mysql_user['test4@tester'],
} }
EOS EOS
@ -148,12 +176,16 @@ describe 'mysql_grant' do
describe 'adding all privileges' do describe 'adding all privileges' do
it 'should only try to apply ALL' do it 'should only try to apply ALL' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test4@tester':
ensure => present,
}
mysql_grant { 'test4@tester/test.*': mysql_grant { 'test4@tester/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test4@tester', user => 'test4@tester',
options => ['GRANT'], options => ['GRANT'],
privileges => ['SELECT', 'UPDATE', 'ALL'], privileges => ['SELECT', 'UPDATE', 'ALL'],
require => Mysql_user['test4@tester'],
} }
EOS EOS
@ -172,35 +204,55 @@ describe 'mysql_grant' do
describe 'short hostname' do describe 'short hostname' do
it 'should apply' do it 'should apply' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@short':
ensure => present,
}
mysql_grant { 'test@short/test.*': mysql_grant { 'test@short/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@short', user => 'test@short',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@short'],
}
mysql_user { 'test@long.hostname.com':
ensure => present,
} }
mysql_grant { 'test@long.hostname.com/test.*': mysql_grant { 'test@long.hostname.com/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@long.hostname.com', user => 'test@long.hostname.com',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@long.hostname.com'],
}
mysql_user { 'test@192.168.5.6':
ensure => present,
} }
mysql_grant { 'test@192.168.5.6/test.*': mysql_grant { 'test@192.168.5.6/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@192.168.5.6', user => 'test@192.168.5.6',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@192.168.5.6'],
}
mysql_user { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004':
ensure => present,
} }
mysql_grant { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004/test.*': mysql_grant { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@2607:f0d0:1002:0051:0000:0000:0000:0004', user => 'test@2607:f0d0:1002:0051:0000:0000:0000:0004',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@2607:f0d0:1002:0051:0000:0000:0000:0004'],
}
mysql_user { 'test@::1/128':
ensure => present,
} }
mysql_grant { 'test@::1/128/test.*': mysql_grant { 'test@::1/128/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@::1/128', user => 'test@::1/128',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@::1/128'],
} }
EOS EOS
@ -242,52 +294,80 @@ describe 'mysql_grant' do
describe 'complex test' do describe 'complex test' do
it 'setup mysql::server' do it 'setup mysql::server' do
pp = <<-EOS pp = <<-EOS
$dbSubnet = '10.10.10.%' $dbSubnet = '10.10.10.%'
mysql_database { 'foo': mysql_database { 'foo':
ensure => present, ensure => present,
} }
exec { 'mysql-create-table': exec { 'mysql-create-table':
command => '/usr/bin/mysql -NBe "CREATE TABLE foo.bar (name VARCHAR(20))"', command => '/usr/bin/mysql -NBe "CREATE TABLE foo.bar (name VARCHAR(20))"',
environment => "HOME=${::root_home}", environment => "HOME=${::root_home}",
unless => '/usr/bin/mysql -NBe "SELECT 1 FROM foo.bar LIMIT 1;"', unless => '/usr/bin/mysql -NBe "SELECT 1 FROM foo.bar LIMIT 1;"',
require => Mysql_database['foo'], require => Mysql_database['foo'],
} }
Mysql_grant { Mysql_grant {
ensure => present, ensure => present,
options => ['GRANT'], options => ['GRANT'],
privileges => ['ALL'], privileges => ['ALL'],
table => '*.*', table => '*.*',
require => [ Mysql_database['foo'], Exec['mysql-create-table'] ], require => [ Mysql_database['foo'], Exec['mysql-create-table'] ],
} }
mysql_grant { "user1@${dbSubnet}/*.*": mysql_user { "user1@${dbSubnet}":
ensure => present,
}
mysql_grant { "user1@${dbSubnet}/*.*":
user => "user1@${dbSubnet}", user => "user1@${dbSubnet}",
} require => Mysql_user["user1@${dbSubnet}"],
mysql_grant { "user2@${dbSubnet}/foo.bar": }
mysql_user { "user2@${dbSubnet}":
ensure => present,
}
mysql_grant { "user2@${dbSubnet}/foo.bar":
privileges => ['SELECT', 'INSERT', 'UPDATE'], privileges => ['SELECT', 'INSERT', 'UPDATE'],
user => "user2@${dbSubnet}", user => "user2@${dbSubnet}",
table => 'foo.bar', table => 'foo.bar',
} require => Mysql_user["user2@${dbSubnet}"],
mysql_grant { "user3@${dbSubnet}/foo.*": }
mysql_user { "user3@${dbSubnet}":
ensure => present,
}
mysql_grant { "user3@${dbSubnet}/foo.*":
privileges => ['SELECT', 'INSERT', 'UPDATE'], privileges => ['SELECT', 'INSERT', 'UPDATE'],
user => "user3@${dbSubnet}", user => "user3@${dbSubnet}",
table => 'foo.*', table => 'foo.*',
} require => Mysql_user["user3@${dbSubnet}"],
mysql_grant { 'web@%/*.*': }
mysql_user { 'web@%':
ensure => present,
}
mysql_grant { 'web@%/*.*':
user => 'web@%', user => 'web@%',
} require => Mysql_user['web@%'],
mysql_grant { "web@${dbSubnet}/*.*": }
mysql_user { "web@${dbSubnet}":
ensure => present,
}
mysql_grant { "web@${dbSubnet}/*.*":
user => "web@${dbSubnet}", user => "web@${dbSubnet}",
} require => Mysql_user["web@${dbSubnet}"],
mysql_grant { "web@${fqdn}/*.*": }
mysql_user { "web@${fqdn}":
ensure => present,
}
mysql_grant { "web@${fqdn}/*.*":
user => "web@${fqdn}", user => "web@${fqdn}",
} require => Mysql_user["web@${fqdn}"],
mysql_grant { 'web@localhost/*.*': }
mysql_user { 'web@localhost':
ensure => present,
}
mysql_grant { 'web@localhost/*.*':
user => 'web@localhost', user => 'web@localhost',
} require => Mysql_user['web@localhost'],
}
EOS EOS
apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_failures => true)
@ -298,11 +378,15 @@ describe 'mysql_grant' do
describe 'lower case privileges' do describe 'lower case privileges' do
it 'create ALL privs' do it 'create ALL privs' do
pp = <<-EOS pp = <<-EOS
mysql_grant { 'lowercase@localhost/*.*': mysql_user { 'lowercase@localhost':
ensure => present,
}
mysql_grant { 'lowercase@localhost/*.*':
user => 'lowercase@localhost', user => 'lowercase@localhost',
privileges => 'ALL', privileges => 'ALL',
table => '*.*', table => '*.*',
} require => Mysql_user['lowercase@localhost'],
}
EOS EOS
apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_failures => true)
@ -310,11 +394,15 @@ describe 'mysql_grant' do
it 'create lowercase all privs' do it 'create lowercase all privs' do
pp = <<-EOS pp = <<-EOS
mysql_grant { 'lowercase@localhost/*.*': mysql_user { 'lowercase@localhost':
ensure => present,
}
mysql_grant { 'lowercase@localhost/*.*':
user => 'lowercase@localhost', user => 'lowercase@localhost',
privileges => 'all', privileges => 'all',
table => '*.*', table => '*.*',
} require => Mysql_user['lowercase@localhost'],
}
EOS EOS
expect(apply_manifest(pp, :catch_failures => true).exit_code).to eq(0) expect(apply_manifest(pp, :catch_failures => true).exit_code).to eq(0)
@ -323,14 +411,18 @@ describe 'mysql_grant' do
describe 'adding procedure privileges' do describe 'adding procedure privileges' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_grant { 'test2@tester/PROCEDURE test.simpleproc': mysql_user { 'test2@tester':
ensure => 'present', ensure => present,
table => 'PROCEDURE test.simpleproc', }
user => 'test2@tester', mysql_grant { 'test2@tester/PROCEDURE test.simpleproc':
privileges => ['EXECUTE'], ensure => 'present',
} table => 'PROCEDURE test.simpleproc',
EOS user => 'test2@tester',
privileges => ['EXECUTE'],
require => Mysql_user['test2@tester'],
}
EOS
apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_failures => true)
end end
@ -359,17 +451,25 @@ describe 'mysql_grant' do
it 'should apply' do it 'should apply' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@fqdn.com':
ensure => present,
}
mysql_grant { 'test@fqdn.com/test.*': mysql_grant { 'test@fqdn.com/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@fqdn.com', user => 'test@fqdn.com',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@fqdn.com'],
}
mysql_user { 'test@192.168.5.7':
ensure => present,
} }
mysql_grant { 'test@192.168.5.7/test.*': mysql_grant { 'test@192.168.5.7/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@192.168.5.7', user => 'test@192.168.5.7',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@192.168.5.7'],
} }
EOS EOS
@ -388,11 +488,15 @@ describe 'mysql_grant' do
it 'should fail to execute while applying' do it 'should fail to execute while applying' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@fqdn.com':
ensure => present,
}
mysql_grant { 'test@fqdn.com/test.*': mysql_grant { 'test@fqdn.com/test.*':
ensure => 'present', ensure => 'present',
table => 'test.*', table => 'test.*',
user => 'test@fqdn.com', user => 'test@fqdn.com',
privileges => 'ALL', privileges => 'ALL',
require => Mysql_user['test@fqdn.com'],
} }
EOS EOS
@ -425,10 +529,14 @@ describe 'mysql_grant' do
it 'creates grant on missing table will fail' do it 'creates grant on missing table will fail' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'test@localhost':
ensure => present,
}
mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table':
user => 'test@localhost', user => 'test@localhost',
privileges => ['SELECT'], privileges => ['SELECT'],
table => 'grant_spec_db.grant_spec_table', table => 'grant_spec_db.grant_spec_table',
require => Mysql_user['test@localhost'],
} }
EOS EOS
expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Table 'grant_spec_db\.grant_spec_table' doesn't exist/) expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Table 'grant_spec_db\.grant_spec_table' doesn't exist/)

4
spec/acceptance/types/mysql_plugin_spec.rb
View file

@ -27,6 +27,10 @@ elsif fact('osfamily') =~ /Debian/
if fact('operatingsystemrelease') =~ /^10\.04/ if fact('operatingsystemrelease') =~ /^10\.04/
# Only available plugin is innodb which is already loaded and not unload- or reload-able # Only available plugin is innodb which is already loaded and not unload- or reload-able
plugin = nil plugin = nil
elsif fact('operatingsystemrelease') =~ /^16\.04/
# On Xenial running 5.7.12, the example plugin does not appear to be available.
plugin = 'validate_password'
plugin_lib = 'validate_password.so'
else else
plugin = 'example' plugin = 'example'
plugin_lib = 'ha_example.so' plugin_lib = 'ha_example.so'

6
spec/acceptance/types/mysql_user_spec.rb
View file

@ -16,7 +16,7 @@ describe 'mysql_user' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'ashp@localhost': mysql_user { 'ashp@localhost':
password_hash => '6f8c114b58f2ce9e', password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5',
} }
EOS EOS
@ -37,7 +37,7 @@ describe 'mysql_user' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'ashp-dash@localhost': mysql_user { 'ashp-dash@localhost':
password_hash => '6f8c114b58f2ce9e', password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5',
} }
EOS EOS
@ -58,7 +58,7 @@ describe 'mysql_user' do
it 'should work without errors' do it 'should work without errors' do
pp = <<-EOS pp = <<-EOS
mysql_user { 'ashp@LocalHost': mysql_user { 'ashp@LocalHost':
password_hash => '6f8c114b58f2ce9e', password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5',
} }
EOS EOS