From 4d93c440b94720e2f8849f6ccba52833a71aa9b8 Mon Sep 17 00:00:00 2001
From: plumbeo <plumbeo@users.noreply.github.com>
Date: Wed, 6 Feb 2019 15:20:43 +0100
Subject: [PATCH] =?UTF-8?q?mysql=5Fuser:=20Match=20both=20single=20quotes?=
 =?UTF-8?q?=20and=20backticks=20when=20checking=20curr=E2=80=A6=20(#40092)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* mysql_user: Match quotes, double quotes and backticks when checking current privileges

* Add changelog fragment for PR #40092
---
 changelogs/fragments/40092-mysql_user-match-backticks.yml | 2 ++
 lib/ansible/modules/database/mysql/mysql_user.py          | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/fragments/40092-mysql_user-match-backticks.yml

diff --git a/changelogs/fragments/40092-mysql_user-match-backticks.yml b/changelogs/fragments/40092-mysql_user-match-backticks.yml
new file mode 100644
index 00000000000..c1ee42f2355
--- /dev/null
+++ b/changelogs/fragments/40092-mysql_user-match-backticks.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - "mysql_user: match backticks, single and double quotes when checking user privileges."
diff --git a/lib/ansible/modules/database/mysql/mysql_user.py b/lib/ansible/modules/database/mysql/mysql_user.py
index d7057ffac2d..349157ee5bd 100644
--- a/lib/ansible/modules/database/mysql/mysql_user.py
+++ b/lib/ansible/modules/database/mysql/mysql_user.py
@@ -427,14 +427,14 @@ def privileges_get(cursor, user, host):
             return x
 
     for grant in grants:
-        res = re.match("GRANT (.+) ON (.+) TO '.*'@'.*'( IDENTIFIED BY PASSWORD '.+')? ?(.*)", grant[0])
+        res = re.match("""GRANT (.+) ON (.+) TO (['`"]).*\\3@(['`"]).*\\4( IDENTIFIED BY PASSWORD (['`"]).+\5)? ?(.*)""", grant[0])
         if res is None:
             raise InvalidPrivsError('unable to parse the MySQL grant string: %s' % grant[0])
         privileges = res.group(1).split(", ")
         privileges = [pick(x) for x in privileges]
-        if "WITH GRANT OPTION" in res.group(4):
+        if "WITH GRANT OPTION" in res.group(7):
             privileges.append('GRANT')
-        if "REQUIRE SSL" in res.group(4):
+        if "REQUIRE SSL" in res.group(7):
             privileges.append('REQUIRESSL')
         db = res.group(2)
         output[db] = privileges