Fix: mysql_user - permission string with column privileges

MySQL returns privileges on columns as "PRIVILEGES (column)". For permissions to be correctly matched, it must be specified exactly the same in the module argument. A resulting string is like "dbname.dbtable:PRIVILEGES (column)". Thus, the space before the opening parenthesis must also be removed when creating the set of privileges for validation.
2016-05-30 23:59:08 +02:00 · 2016-05-30 23:59:08 +02:00 · a1b3664ec4
commit a1b3664ec4
parent 879feff6b7
1 changed files with 10 additions and 2 deletions
--- a/lib/ansible/modules/database/mysql/mysql_user.py
+++ b/lib/ansible/modules/database/mysql/mysql_user.py
@ -62,7 +62,15 @@ options:
    version_added: "2.1"
  priv:
    description:
-      - "MySQL privileges string in the format: C(db.table:priv1,priv2)"
+      - "MySQL privileges string in the format: C(db.table:priv1,priv2)."
+      - "Multiple privileges can be specified by separating each one using
+        a forward slash: C(db.table:priv/db.table:priv)."
+      - The format is based on MySQL C(GRANT) statement.
+      - Database and table names can be quoted, MySQL-style.
+      - If column privileges are used, the C(priv1,priv2) part must be
+        exactly as returned by a C(SHOW GRANT) statement. If not followed,
+        the module will always report changes. It includes grouping columns
+        by permission (C(SELECT(col1,col2)) instead of C(SELECT(col1),SELECT(col2))).
    required: false
    default: null
  append_privs:
@ -474,7 +482,7 @@ def privileges_unpack(priv, mode):
        if '(' in pieces[1]:
            output[pieces[0]] = re.split(r',\s*(?=[^)]*(?:\(|$))', pieces[1].upper())
            for i in output[pieces[0]]:
-                privs.append(re.sub(r'\(.*\)','',i))
+                privs.append(re.sub(r'\s*\(.*\)','',i))
        else:
            output[pieces[0]] = pieces[1].upper().split(',')
            privs = output[pieces[0]]