1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

influxdb_user: allow creation of first user with auth enabled (#2364) (#2368) (#2548)

* influxdb_user: allow creation of first user with auth enabled (#2364)

* handle potential exceptions while parsing influxdb client error

* fix changelog

Co-authored-by: Felix Fontein <felix@fontein.de>

* influxdb_user: use generic exceptions to be compatible with python 2.7

Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b89eb87ad6)

Co-authored-by: Xabier Napal <xabiernapal@pm.me>
This commit is contained in:
patchback[bot] 2021-05-17 19:18:33 +00:00 committed by GitHub
parent 1f7047e725
commit 6e56bae0f3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 2 deletions

View file

@ -0,0 +1,5 @@
bugfixes:
- influxdb_user - allow creation of admin users when InfluxDB authentication
is enabled but no other user exists on the database. In this scenario,
InfluxDB 1.x allows only ``CREATE USER`` queries and rejects any other query
(https://github.com/ansible-collections/community.general/issues/2364).

View file

@ -100,6 +100,8 @@ RETURN = r'''
#only defaults #only defaults
''' '''
import json
from ansible.module_utils.urls import ConnectionError from ansible.module_utils.urls import ConnectionError
from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_native from ansible.module_utils._text import to_native
@ -115,7 +117,7 @@ def find_user(module, client, user_name):
if user['user'] == user_name: if user['user'] == user_name:
user_result = user user_result = user
break break
except (ConnectionError, influx.exceptions.InfluxDBClientError) as e: except ConnectionError as e:
module.fail_json(msg=to_native(e)) module.fail_json(msg=to_native(e))
return user_result return user_result
@ -198,6 +200,9 @@ def set_user_grants(module, client, user_name, grants):
return changed return changed
INFLUX_AUTH_FIRST_USER_REQUIRED = "error authorizing query: create admin user first or disable authentication"
def main(): def main():
argument_spec = influx.InfluxDb.influxdb_argument_spec() argument_spec = influx.InfluxDb.influxdb_argument_spec()
argument_spec.update( argument_spec.update(
@ -219,7 +224,23 @@ def main():
grants = module.params['grants'] grants = module.params['grants']
influxdb = influx.InfluxDb(module) influxdb = influx.InfluxDb(module)
client = influxdb.connect_to_influxdb() client = influxdb.connect_to_influxdb()
user = None
try:
user = find_user(module, client, user_name) user = find_user(module, client, user_name)
except influx.exceptions.InfluxDBClientError as e:
if e.code == 403:
reason = None
try:
msg = json.loads(e.content)
reason = msg["error"]
except (KeyError, ValueError):
module.fail_json(msg=to_native(e))
if reason != INFLUX_AUTH_FIRST_USER_REQUIRED:
module.fail_json(msg=to_native(e))
else:
module.fail_json(msg=to_native(e))
changed = False changed = False