mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
mysql_user: fix overriding user passowrd to the same (#609)
* mysql_user: fix overriding user passowrd to the same * add changelog
This commit is contained in:
parent
74ba307777
commit
5e23f01a76
3 changed files with 23 additions and 13 deletions
|
@ -0,0 +1,2 @@
|
|||
bugfixes:
|
||||
- mysql_user - fix overriding password to the same (https://github.com/ansible-collections/community.general/issues/543).
|
|
@ -367,10 +367,19 @@ def user_add(cursor, user, host, host_all, password, encrypted,
|
|||
if check_mode:
|
||||
return True
|
||||
|
||||
# Determine what user management method server uses
|
||||
old_user_mgmt = use_old_user_mgmt(cursor)
|
||||
|
||||
if password and encrypted:
|
||||
cursor.execute("CREATE USER %s@%s IDENTIFIED BY PASSWORD %s", (user, host, password))
|
||||
elif password and not encrypted:
|
||||
if old_user_mgmt:
|
||||
cursor.execute("CREATE USER %s@%s IDENTIFIED BY %s", (user, host, password))
|
||||
else:
|
||||
cursor.execute("SELECT CONCAT('*', UCASE(SHA1(UNHEX(SHA1(%s)))))", (password,))
|
||||
encrypted_password = cursor.fetchone()[0]
|
||||
cursor.execute("CREATE USER %s@%s IDENTIFIED WITH mysql_native_password AS %s", (user, host, encrypted_password))
|
||||
|
||||
elif plugin and plugin_hash_string:
|
||||
cursor.execute("CREATE USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string))
|
||||
elif plugin and plugin_auth_string:
|
||||
|
|
|
@ -46,18 +46,17 @@
|
|||
register: user_password_old
|
||||
when: user_password_old_create is failed
|
||||
|
||||
# FIXME: not sure why this is failing, but it looks like it should expect changed=true
|
||||
#- name: update user2 state=present with same password (expect changed=false)
|
||||
# mysql_user:
|
||||
# name: '{{ user_name_2 }}'
|
||||
# password: '{{ user_password_2 }}'
|
||||
# priv: '*.*:ALL'
|
||||
# state: present
|
||||
# login_unix_socket: '{{ mysql_socket }}'
|
||||
# register: result
|
||||
#
|
||||
#- name: assert output user2 was not updated
|
||||
# assert: { that: "result.changed == false" }
|
||||
- name: update user2 state=present with same password (expect changed=false)
|
||||
mysql_user:
|
||||
name: '{{ user_name_2 }}'
|
||||
password: '{{ user_password_2 }}'
|
||||
priv: '*.*:ALL'
|
||||
state: present
|
||||
login_unix_socket: '{{ mysql_socket }}'
|
||||
register: result
|
||||
|
||||
- name: assert output user2 was not updated
|
||||
assert: { that: "result.changed == false" }
|
||||
|
||||
- include: assert_user.yml user_name={{user_name_2}} priv='ALL PRIVILEGES'
|
||||
|
||||
|
|
Loading…
Reference in a new issue