From a1121c5a84da6d23a6bd3d463b9cf7269dd5b78d Mon Sep 17 00:00:00 2001
From: David Wilson <dw@botanicus.net>
Date: Tue, 29 Jan 2019 02:53:21 +0000
Subject: [PATCH] issue #499: respect C.BECOME_ALLOW_SAME_USER.

---
 ansible_mitogen/connection.py                 |  3 +-
 tests/ansible/hosts/become_same_user.hosts    |  4 +++
 tests/ansible/integration/connection/all.yml  |  1 +
 .../connection/become_same_user.yml           | 35 +++++++++++++++++++
 4 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 tests/ansible/hosts/become_same_user.hosts
 create mode 100644 tests/ansible/integration/connection/become_same_user.yml

diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py
index bf1b0747..8bfbb51d 100644
--- a/ansible_mitogen/connection.py
+++ b/ansible_mitogen/connection.py
@@ -587,7 +587,8 @@ class Connection(ansible.plugins.connection.ConnectionBase):
             )
 
         stack += (CONNECTION_METHOD[spec.transport()](spec),)
-        if spec.become():
+        if spec.become() and ((spec.become_user() != spec.remote_user()) or
+                              C.BECOME_ALLOW_SAME_USER):
             stack += (CONNECTION_METHOD[spec.become_method()](spec),)
 
         return stack
diff --git a/tests/ansible/hosts/become_same_user.hosts b/tests/ansible/hosts/become_same_user.hosts
new file mode 100644
index 00000000..a18b90d2
--- /dev/null
+++ b/tests/ansible/hosts/become_same_user.hosts
@@ -0,0 +1,4 @@
+
+# become_same_user.yml
+bsu-joe ansible_user=joe
+
diff --git a/tests/ansible/integration/connection/all.yml b/tests/ansible/integration/connection/all.yml
index 7565b003..4211f1b3 100644
--- a/tests/ansible/integration/connection/all.yml
+++ b/tests/ansible/integration/connection/all.yml
@@ -1,5 +1,6 @@
 ---
 
+- include: become_same_user.yml
 - include: disconnect_during_module.yml
 - include: disconnect_resets_connection.yml
 - include: exec_command.yml
diff --git a/tests/ansible/integration/connection/become_same_user.yml b/tests/ansible/integration/connection/become_same_user.yml
new file mode 100644
index 00000000..440d6105
--- /dev/null
+++ b/tests/ansible/integration/connection/become_same_user.yml
@@ -0,0 +1,35 @@
+# issue #499: ensure C.BECOME_ALLOW_SAME_USER is respected.
+---
+
+- name: integration/connection/become_same_user.yml
+  hosts: bsu-joe
+  gather_facts: no
+  any_errors_fatal: true
+  tasks:
+
+  # bsu-joe's login user is joe, so become should be ignored.
+  - mitogen_get_stack:
+    become: true
+    become_user: joe
+    register: out
+
+  - assert:
+      that:
+      - out.result[0].method == "ssh"
+      - out.result[0].kwargs.username == "joe"
+      - out.result|length == 1  # no sudo
+
+
+  # Now try with a different account.
+  - mitogen_get_stack:
+    become: true
+    become_user: james
+    register: out
+
+  - assert:
+      that:
+      - out.result[0].method == "ssh"
+      - out.result[0].kwargs.username == "joe"
+      - out.result[1].method == "sudo"
+      - out.result[1].kwargs.username == "james"
+      - out.result|length == 2  # no sudo