Changing the parameter names to be consistent, and adding root user default with empty password, as per mysql standard

reviewable/pr18780/r1
Mark Theunissen 13 years ago
parent 07880e6301
commit f0a9902c25

@ -63,9 +63,9 @@ def load_mycnf():
def main(): def main():
module = AnsibleModule( module = AnsibleModule(
argument_spec = dict( argument_spec = dict(
loginuser=dict(default=None), login_user=dict(default=None),
loginpasswd=dict(default=None), login_password=dict(default=None),
loginhost=dict(default="localhost"), login_host=dict(default="localhost"),
db=dict(required=True), db=dict(required=True),
state=dict(default="present", choices=["absent", "present"]), state=dict(default="present", choices=["absent", "present"]),
) )
@ -80,23 +80,24 @@ def main():
# Either the caller passes both a username and password with which to connect to # Either the caller passes both a username and password with which to connect to
# mysql, or they pass neither and allow this module to read the credentials from # mysql, or they pass neither and allow this module to read the credentials from
# ~/.my.cnf. # ~/.my.cnf.
loginpasswd = module.params["loginpasswd"] login_password = module.params["login_password"]
loginuser = module.params["loginuser"] login_user = module.params["login_user"]
if loginuser is None and loginpasswd is None: if login_user is None and login_password is None:
mycnf_creds = load_mycnf() mycnf_creds = load_mycnf()
if mycnf_creds is False: if mycnf_creds is False:
module.fail_json(msg="incomplete login arguments passed and can't find them in ~/.my.cnf") login_user = "root"
login_password = ""
else: else:
loginuser = mycnf_creds["user"] login_user = mycnf_creds["user"]
loginpasswd = mycnf_creds["passwd"] login_password = mycnf_creds["passwd"]
elif loginpasswd is None or loginuser is None: elif login_password is None or login_user is None:
module.fail_json(msg="when supplying login arguments, both user and pass must be provided") module.fail_json(msg="when supplying login arguments, both login_user and login_password must be provided")
try: try:
db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpasswd, db="mysql") db_connection = MySQLdb.connect(host=module.params["login_host"], user=login_user, passwd=login_password, db="mysql")
cursor = db_connection.cursor() cursor = db_connection.cursor()
except Exception as e: except Exception as e:
module.fail_json(msg="unable to connect to database") module.fail_json(msg="unable to connect, check login_user and login_password are correct, or alternatively check ~/.my.cnf contains credentials")
changed = False changed = False
if db_exists(cursor, db): if db_exists(cursor, db):

@ -35,24 +35,24 @@ def user_exists(cursor, user, host):
count = cursor.fetchone() count = cursor.fetchone()
return count[0] > 0 return count[0] > 0
def user_add(cursor, user, host, passwd, new_priv): def user_add(cursor, user, host, password, new_priv):
cursor.execute("CREATE USER %s@%s IDENTIFIED BY %s", (user,host,passwd)) cursor.execute("CREATE USER %s@%s IDENTIFIED BY %s", (user,host,password))
if new_priv is not None: if new_priv is not None:
for db_table, priv in new_priv.iteritems(): for db_table, priv in new_priv.iteritems():
privileges_grant(cursor, user,host,db_table,priv) privileges_grant(cursor, user,host,db_table,priv)
return True return True
def user_mod(cursor, user, host, passwd, new_priv): def user_mod(cursor, user, host, password, new_priv):
changed = False changed = False
# Handle passwords. # Handle passwords.
if passwd is not None: if password is not None:
cursor.execute("SELECT password FROM user WHERE user = %s AND host = %s", (user,host)) cursor.execute("SELECT password FROM user WHERE user = %s AND host = %s", (user,host))
current_pass_hash = cursor.fetchone() current_pass_hash = cursor.fetchone()
cursor.execute("SELECT PASSWORD(%s)", (passwd,)) cursor.execute("SELECT PASSWORD(%s)", (password,))
new_pass_hash = cursor.fetchone() new_pass_hash = cursor.fetchone()
if current_pass_hash[0] != new_pass_hash[0]: if current_pass_hash[0] != new_pass_hash[0]:
cursor.execute("SET PASSWORD FOR %s@%s = PASSWORD(%s)", (user,host,passwd)) cursor.execute("SET PASSWORD FOR %s@%s = PASSWORD(%s)", (user,host,password))
changed = True changed = True
# Handle privileges. # Handle privileges.
@ -149,7 +149,7 @@ def load_mycnf():
return False return False
try: try:
config.readfp(open(mycnf)) config.readfp(open(mycnf))
creds = dict(user=config.get('client', 'user'),passwd=config.get('client', 'pass')) creds = dict(user=config.get('client', 'user'),password=config.get('client', 'pass'))
except (ConfigParser.NoOptionError, IOError): except (ConfigParser.NoOptionError, IOError):
return False return False
return creds return creds
@ -161,18 +161,18 @@ def load_mycnf():
def main(): def main():
module = AnsibleModule( module = AnsibleModule(
argument_spec = dict( argument_spec = dict(
loginuser=dict(default=None), login_user=dict(default=None),
loginpasswd=dict(default=None), login_password=dict(default=None),
loginhost=dict(default="localhost"), login_host=dict(default="localhost"),
user=dict(required=True), user=dict(required=True),
passwd=dict(default=None), password=dict(default=None),
host=dict(default="localhost"), host=dict(default="localhost"),
state=dict(default="present", choices=["absent", "present"]), state=dict(default="present", choices=["absent", "present"]),
priv=dict(default=None), priv=dict(default=None),
) )
) )
user = module.params["user"] user = module.params["user"]
passwd = module.params["passwd"] password = module.params["password"]
host = module.params["host"] host = module.params["host"]
state = module.params["state"] state = module.params["state"]
priv = module.params["priv"] priv = module.params["priv"]
@ -189,31 +189,32 @@ def main():
# Either the caller passes both a username and password with which to connect to # Either the caller passes both a username and password with which to connect to
# mysql, or they pass neither and allow this module to read the credentials from # mysql, or they pass neither and allow this module to read the credentials from
# ~/.my.cnf. # ~/.my.cnf.
loginpasswd = module.params["loginpasswd"] login_password = module.params["login_password"]
loginuser = module.params["loginuser"] login_user = module.params["login_user"]
if loginuser is None and loginpasswd is None: if login_user is None and login_password is None:
mycnf_creds = load_mycnf() mycnf_creds = load_mycnf()
if mycnf_creds is False: if mycnf_creds is False:
module.fail_json(msg="incomplete login arguments passed and can't find them in ~/.my.cnf") login_user = "root"
login_password = ""
else: else:
loginuser = mycnf_creds["user"] login_user = mycnf_creds["user"]
loginpasswd = mycnf_creds["passwd"] login_password = mycnf_creds["password"]
elif loginpasswd is None or loginuser is None: elif login_password is None or login_user is None:
module.fail_json(msg="when supplying login arguments, both user and pass must be provided") module.fail_json(msg="when supplying login arguments, both login_user and login_password must be provided")
try: try:
db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpasswd, db="mysql") db_connection = MySQLdb.connect(host=module.params["login_host"], user=login_user, passwd=login_password, db="mysql")
cursor = db_connection.cursor() cursor = db_connection.cursor()
except Exception as e: except Exception as e:
module.fail_json(msg="unable to connect to database") module.fail_json(msg="unable to connect to database, check login_user and login_password are correct or ~/.my.cnf has the credentials")
if state == "present": if state == "present":
if user_exists(cursor, user, host): if user_exists(cursor, user, host):
changed = user_mod(cursor, user, host, passwd, priv) changed = user_mod(cursor, user, host, password, priv)
else: else:
if passwd is None: if password is None:
module.fail_json(msg="passwd parameter required when adding a user") module.fail_json(msg="password parameter required when adding a user")
changed = user_add(cursor, user, host, passwd, priv) changed = user_add(cursor, user, host, password, priv)
elif state == "absent": elif state == "absent":
if user_exists(cursor, user, host): if user_exists(cursor, user, host):
changed = user_delete(cursor, user, host) changed = user_delete(cursor, user, host)

Loading…
Cancel
Save