backport/2.7/40092 (#51909)

* mysql_user: Match quotes, double quotes and backticks when checking current privileges (cherry picked from commit 1ae0e21383) * Add changelog fragment for PR #40092 (cherry picked from commit 8974ce3c78) * mysql_user: fix malformed regex used to check current privileges
2019-02-22 01:41:26 +01:00 · 2019-02-22 01:41:26 +01:00 · bf7597efe1
commit bf7597efe1
parent fd881d9407
2 changed files with 5 additions and 3 deletions
--- a/changelogs/fragments/40092-mysql_user-match-backticks.yml
+++ b/changelogs/fragments/40092-mysql_user-match-backticks.yml
@ -0,0 +1,2 @@
+bugfixes:
+  - "mysql_user: match backticks, single and double quotes when checking user privileges."
--- a/lib/ansible/modules/database/mysql/mysql_user.py
+++ b/lib/ansible/modules/database/mysql/mysql_user.py
@ -427,14 +427,14 @@ def privileges_get(cursor, user, host):
            return x

    for grant in grants:
-        res = re.match("GRANT (.+) ON (.+) TO '.*'@'.*'( IDENTIFIED BY PASSWORD '.+')? ?(.*)", grant[0])
+        res = re.match("""GRANT (.+) ON (.+) TO (['`"]).*\\3@(['`"]).*\\4( IDENTIFIED BY PASSWORD (['`"]).+\\6)? ?(.*)""", grant[0])
        if res is None:
            raise InvalidPrivsError('unable to parse the MySQL grant string: %s' % grant[0])
        privileges = res.group(1).split(", ")
        privileges = [pick(x) for x in privileges]
-        if "WITH GRANT OPTION" in res.group(4):
+        if "WITH GRANT OPTION" in res.group(7):
            privileges.append('GRANT')
-        if "REQUIRE SSL" in res.group(4):
+        if "REQUIRE SSL" in res.group(7):
            privileges.append('REQUIRESSL')
        db = res.group(2)
        output[db] = privileges