From 19b52e9fb76d8feaf7dc4dfde59121909a0c3603 Mon Sep 17 00:00:00 2001
From: Jeroen Hoekx <jeroen@hoekx.be>
Date: Thu, 3 Oct 2013 13:00:17 +0200
Subject: [PATCH] Add append_privs parameter to MySQL user module.

This adds the privileges given to the existing list of privileges
instead of overwriting any existing ones.
---
 database/mysql_user | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/database/mysql_user b/database/mysql_user
index 3064df79fa9..a7a11ba003f 100644
--- a/database/mysql_user
+++ b/database/mysql_user
@@ -71,6 +71,14 @@ options:
       - "MySQL privileges string in the format: C(db.table:priv1,priv2)"
     required: false
     default: null
+  append_privs:
+    description:
+      - Append the privileges defined by priv to the existing ones for this
+        user instead of overwriting existing ones.
+    required: false
+    choices: [ "yes", "no" ]
+    default: "no"
+    version_added: "1.4"
   state:
     description:
       - Whether the user should exist.  When C(absent), removes
@@ -148,7 +156,7 @@ def user_add(cursor, user, host, password, new_priv):
             privileges_grant(cursor, user,host,db_table,priv)
     return True
 
-def user_mod(cursor, user, host, password, new_priv):
+def user_mod(cursor, user, host, password, new_priv, append_privs):
     changed = False
     grant_option = False
 
@@ -173,7 +181,7 @@ def user_mod(cursor, user, host, password, new_priv):
             if "GRANT" in priv:
                 grant_option = True
             if db_table not in new_priv:
-                if user != "root" and "PROXY" not in priv:
+                if user != "root" and "PROXY" not in priv and not append_privs:
                     privileges_revoke(cursor, user,host,db_table,grant_option)
                     changed = True
 
@@ -358,6 +366,7 @@ def main():
             host=dict(default="localhost"),
             state=dict(default="present", choices=["absent", "present"]),
             priv=dict(default=None),
+            append_privs=dict(type="bool", default="no"),
             check_implicit_admin=dict(default=False),
         )
     )
@@ -367,6 +376,7 @@ def main():
     state = module.params["state"]
     priv = module.params["priv"]
     check_implicit_admin = module.params['check_implicit_admin']
+    append_privs = module.boolean(module.params["append_privs"])
 
     if not mysqldb_found:
         module.fail_json(msg="the python mysqldb module is required")
@@ -408,7 +418,7 @@ def main():
 
     if state == "present":
         if user_exists(cursor, user, host):
-            changed = user_mod(cursor, user, host, password, priv)
+            changed = user_mod(cursor, user, host, password, priv, append_privs)
         else:
             if password is None:
                 module.fail_json(msg="password parameter required when adding a user")