diff --git a/test/integration/targets/mysql_user/files/create-function.sql b/test/integration/targets/mysql_user/files/create-function.sql new file mode 100644 index 00000000000..dda7bd7fbf2 --- /dev/null +++ b/test/integration/targets/mysql_user/files/create-function.sql @@ -0,0 +1,8 @@ +USE foo; +DELIMITER ;; +CREATE FUNCTION `function` () RETURNS tinyint(4) +BEGIN + DECLARE NAME_FOUND tinyint DEFAULT 0; + RETURN NAME_FOUND; +END;; +DELIMITER ; diff --git a/test/integration/targets/mysql_user/files/create-procedure.sql b/test/integration/targets/mysql_user/files/create-procedure.sql new file mode 100644 index 00000000000..d0d45aa4c3c --- /dev/null +++ b/test/integration/targets/mysql_user/files/create-procedure.sql @@ -0,0 +1,5 @@ +USE bar; +DELIMITER ;; +CREATE PROCEDURE `procedure` () +SELECT * FROM bar;; +DELIMITER ; diff --git a/test/integration/targets/mysql_user/tasks/issue-29511.yaml b/test/integration/targets/mysql_user/tasks/issue-29511.yaml new file mode 100644 index 00000000000..b799be6462b --- /dev/null +++ b/test/integration/targets/mysql_user/tasks/issue-29511.yaml @@ -0,0 +1,70 @@ +--- + +- name: Issue test setup - drop database + mysql_db: + name: "{{ item }}" + state: absent + login_unix_socket: '{{ mysql_socket }}' + loop: + - foo + - bar + +- name: Issue test setup - create database + mysql_db: + name: "{{ item }}" + state: present + login_unix_socket: '{{ mysql_socket }}' + loop: + - foo + - bar + +- name: Create function for test + shell: "mysql < {{ role_path }}/files/create-function.sql" + +- name: Create procedure for test + shell: "mysql < {{ role_path }}/files/create-procedure.sql" + +- name: Create user with FUNCTION and PROCEDURE privileges + mysql_user: + name: '{{ user_name_2 }}' + password: '{{ user_password_2 }}' + state: present + priv: 'FUNCTION foo.function:EXECUTE/foo.*:SELECT/PROCEDURE bar.procedure:EXECUTE' + login_unix_socket: '{{ mysql_socket }}' + register: result + +- name: Assert Create user with FUNCTION and PROCEDURE privileges + assert: + that: + - result is success + - result is changed + +- name: Create user with FUNCTION and PROCEDURE privileges - Idempotent check + mysql_user: + name: '{{ user_name_2 }}' + password: '{{ user_password_2 }}' + state: present + priv: 'FUNCTION foo.function:EXECUTE/foo.*:SELECT/PROCEDURE bar.procedure:EXECUTE' + login_unix_socket: '{{ mysql_socket }}' + register: result + +- name: Assert Create user with FUNCTION and PROCEDURE privileges + assert: + that: + - result is success + - result is not changed + +- name: Remove user + mysql_user: + name: '{{ user_name_2 }}' + state: absent + login_unix_socket: '{{ mysql_socket }}' + +- name: Issue test teardown - cleanup databases + mysql_db: + name: "{{ item }}" + state: absent + login_unix_socket: '{{ mysql_socket }}' + loop: + - foo + - bar diff --git a/test/integration/targets/mysql_user/tasks/main.yml b/test/integration/targets/mysql_user/tasks/main.yml index 25a7d39a606..c3d1e7ef12a 100644 --- a/test/integration/targets/mysql_user/tasks/main.yml +++ b/test/integration/targets/mysql_user/tasks/main.yml @@ -207,3 +207,7 @@ # Assert creating user with SELECT privileges, attempt to create database and append privileges to create database # - include: test_privs.yml current_privilege='INSERT,DELETE' current_append_privs=yes + +- import_tasks: issue-29511.yaml + tags: + - issue-29511