opuppet/module-puppetlabs-mysql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

MODULES-1520 - update username validation

Browse source 
Don't fail on validation where the user isn't quoted with special
characters. The providers quote these strings by default.
This commit is contained in:
Morgan Haskel 2014-12-31 11:50:48 -08:00
parent 4203867c01
commit f92a24ef3d
5 changed files with 65 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/puppet/type/mysql_grant.rb
View file

@ -70,9 +70,9 @@ Puppet::Type.newtype(:mysql_grant) do
elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-]+)/.match(value) elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-]+)/.match(value)
user_part = matches[1] user_part = matches[1]
host_part = matches[2] host_part = matches[2]
elsif matches = /^(?:(?!['`"]).*)([^0-9a-zA-Z$_]).*@.+$/.match(value) elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value)
# does not start with a quote, but contains a special character user_part = matches[1]
raise(ArgumentError, "Database user #{value} must be properly quoted, invalid character: '#{matches[1]}'") host_part = matches[2]
else else
raise(ArgumentError, "Invalid database user #{value}") raise(ArgumentError, "Invalid database user #{value}")
end end

6
lib/puppet/type/mysql_user.rb
View file

@ -19,9 +19,9 @@ Puppet::Type.newtype(:mysql_user) do
elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-]+)/.match(value) elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-]+)/.match(value)
user_part = matches[1] user_part = matches[1]
host_part = matches[2] host_part = matches[2]
elsif matches = /^(?:(?!['`"]).*)([^0-9a-zA-Z$_]).*@.+$/.match(value) elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value)
# does not start with a quote, but contains a special character user_part = matches[1]
raise(ArgumentError, "Database user #{value} must be properly quoted, invalid character: '#{matches[1]}'") host_part = matches[2]
else else
raise(ArgumentError, "Invalid database user #{value}") raise(ArgumentError, "Invalid database user #{value}")
end end

22
spec/acceptance/types/mysql_grant_spec.rb
View file

@ -70,6 +70,28 @@ describe 'mysql_grant' do
end end
end end
describe 'adding privileges with special character in name' do
it 'should work without errors' do
pp = <<-EOS
mysql_grant { 'test-2@tester/test.*':
ensure => 'present',
table => 'test.*',
user => 'test-2@tester',
privileges => ['SELECT', 'UPDATE'],
}
EOS
apply_manifest(pp, :catch_failures => true)
end
it 'should find the user' do
shell("mysql -NBe \"SHOW GRANTS FOR 'test-2'@tester\"") do |r|
expect(r.stdout).to match(/GRANT SELECT, UPDATE.*TO 'test-2'@'tester'/)
expect(r.stderr).to be_empty
end
end
end
describe 'adding privileges with invalid name' do describe 'adding privileges with invalid name' do
it 'should fail' do it 'should fail' do
pp = <<-EOS pp = <<-EOS

21
spec/acceptance/types/mysql_user_spec.rb
View file

@ -32,6 +32,27 @@ describe 'mysql_user' do
end end
end end
context 'using ashp-dash@localhost' do
describe 'adding user' do
it 'should work without errors' do
pp = <<-EOS
mysql_user { 'ashp-dash@localhost':
password_hash => '6f8c114b58f2ce9e',
}
EOS
apply_manifest(pp, :catch_failures => true)
end
it 'should find the user' do
shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp-dash@localhost'\"") do |r|
expect(r.stdout).to match(/^1$/)
expect(r.stderr).to be_empty
end
end
end
end
context 'using ashp@LocalHost' do context 'using ashp@LocalHost' do
describe 'adding user' do describe 'adding user' do
it 'should work without errors' do it 'should work without errors' do

20
spec/unit/puppet/type/mysql_user_spec.rb
View file

@ -49,6 +49,16 @@ describe Puppet::Type.type(:mysql_user) do
end end
end end
context 'ensure the default \'debian-sys-main\'@localhost user can be parsed' do
before :each do
@user = Puppet::Type.type(:mysql_user).new(:name => '\'debian-sys-maint\'@localhost', :password_hash => 'pass')
end
it 'should accept a user name' do
expect(@user[:name]).to eq('\'debian-sys-maint\'@localhost')
end
end
context 'using a quoted 16 char username' do context 'using a quoted 16 char username' do
before :each do before :each do
@user = Puppet::Type.type(:mysql_user).new(:name => '"debian-sys-maint"@localhost', :password_hash => 'pass') @user = Puppet::Type.type(:mysql_user).new(:name => '"debian-sys-maint"@localhost', :password_hash => 'pass')
@ -78,10 +88,12 @@ describe Puppet::Type.type(:mysql_user) do
end end
context 'using in-valid@localhost' do context 'using in-valid@localhost' do
it 'should fail with an unquotted username with special char' do before :each do
expect { @user = Puppet::Type.type(:mysql_user).new(:name => 'in-valid@localhost', :password_hash => 'pass')
Puppet::Type.type(:mysql_user).new(:name => 'in-valid@localhost', :password_hash => 'pass') end
}.to raise_error /Database user in-valid@localhost must be properly quoted, invalid character: '-'/
it 'should accept a user name with special chatracters' do
expect(@user[:name]).to eq('in-valid@localhost')
end end
end end