Commit graph

241 commits

Author SHA1 Message Date
Guilherme Carlos
e13e369aae Fix login_user on mysql_user
`login_username` was provided but `login_user` is the correct option
2015-07-22 17:55:35 -03:00
Will Thames
47cb92f74f Ensure TEMP privilege gets removed when expanding ALL.
ALL gets expanded to the list of VALID_PRIVS which includes
TEMPORARY and TEMP
The code that replaced TEMP with TEMPORARY didn't work with the
expansion
2015-07-22 13:34:52 +10:00
Will Thames
2a0f6c1cb3 Correct handling of empty role_attr_flags
role_attr_flags is the empty string by default, not None.
2015-07-22 12:05:21 +10:00
Brian Coca
ab5b5e8819 corrected version added 2015-07-11 00:15:02 -04:00
Brian Coca
2b53b92dc2 Merge pull request #1539 from acaveroc/mysql_vars_port_definition
Mysql vars port definition
2015-07-11 00:14:02 -04:00
Matt Martz
5a254e6303 Replace tabbed indentation with spaces for mysql_db module 2015-07-01 09:39:18 -05:00
ToBeReplaced
5e82f7e11e Make ALL_IN_SCHEMA for tables affect views
ALL TABLES is considered to include views, so we must check for reltypes
'r' and 'v', not just 'r'. This bug was introduced due to using a
custom, backwards-compatible version of "ALL TABLES IN SCHEMA".
2015-06-27 11:41:01 -06:00
Bryan Fleming
3b4b065315 fixes #1120 - privileges using columns 2015-06-22 15:09:07 -05:00
acaveroc
e7876df99f Add version_added and type of parameter 2015-06-18 09:43:32 +02:00
acaveroc
7d2a5965bd Assorted minor bug fixes
- Modified data type for port definition from string to integer
- Modified login_host default value for compatibilize with port definition according with MySQL Documentation (https://dev.mysql.com/doc/refman/5.0/en/connecting.html)
2015-06-17 13:53:08 +02:00
acaveroc
5b84b0d136 Add port definition support for mysql_vars module 2015-06-17 10:37:47 +02:00
Sergei Antipov
5465fb8d4f mysql_user | Hide password 2015-06-16 10:08:06 +06:00
Greg DeKoenigsberg
2a5f0bde87 Proper author info for all remaining modules 2015-06-15 15:53:30 -04:00
Louis-Michel Couture
d60d493916 Update example to remove outdated information 2015-06-10 01:56:32 -04:00
Toshio Kuratomi
c700993dd5 Fix a problem introduced with #1101 and optimize privilege handling
* If a db user belonged to a role which had a privilege, the user would
  not have the privilege added as the role gave the appearance that the
  user already had it.  Fixed to always check the privileges specific to
  the user.
* Make fewer db queries to determine if privileges need to be changed
  and change them (was four for each privilege.  Now two for each object
  that has a set of privileges changed).
2015-06-01 15:59:26 -07:00
Toshio Kuratomi
8c10cc20ec Expand tildes and vars in the config file path 2015-06-01 15:24:15 -07:00
Will Thames
167e7c2b81 Perform privilege grants/revokes only when required
Use `has_table_privileges` and `has_database_privileges`
to test whether a user already has a privilege before
granting it, or whether a user doesn't have  a privilege
before revoking it.
2015-06-01 15:15:22 -07:00
Toshio Kuratomi
30fc6f03d6 Allow playbook specified login_user and login_password to override config file settings 2015-06-01 14:53:42 -07:00
Toshio Kuratomi
f8d8af17cd Use a list comprehension instead of map and lambda 2015-05-29 18:55:32 -07:00
Toshio Kuratomi
474b731bcc Merge pull request #1036 from shr3kst3r/strip_spaces
Strip spaces around MySQL privileges before comparing to valid privileges
2015-05-29 18:49:03 -07:00
Toshio Kuratomi
2b5e932cfb Fix for the new import code when password is empty 2015-05-27 20:28:19 -07:00
Brian Coca
7a6f532020 Merge pull request #1423 from ercpe/mysql_db-debugging
Improved output of mysql_db plugin
2015-05-26 18:59:00 -04:00
Jonathan Mainguy
db9ab9b262 escapeds changes
fixed merge conflict

remove uneeded regexs

arrays
2015-05-26 18:23:51 -04:00
Robin Miller
cda7a9be15 Replaced lambda functions with list comprehensions. 2015-05-26 12:56:08 -05:00
Robin Miller
74b7ce9dcf Only revoke actually granted permissions, not 'ALL'.
This prevents errors when the login_user does not have 'ALL'
permissions, and the 'priv' value contains fewer permissions than are
held by an existing user. This is particularly an issue when using an
Amazon Web Services RDS instance, as there is no (accessible) user with
'ALL' permissions on *.*.
2015-05-26 12:56:08 -05:00
Johann Schmitz
8892aa2bf4 Improved output of mysql_db plugin
Show error number and error description on connect error to ease debugging.
2015-05-26 16:13:40 +02:00
Toshio Kuratomi
d74187438f Merge pull request #1417 from fdupoux/mysql-db-use-python-pipelines
Decompress mysql dumps on the fly using python subprocess …
2015-05-25 18:15:54 -07:00
fdupoux
380b122d5a Refactoring to avoid duplication of code which manages the decompression of database dumps in various formats 2015-05-25 20:22:49 +01:00
fdupoux
f634c10636 Simplify code which prepares the decompression command 2015-05-25 20:10:12 +01:00
Toshio Kuratomi
32e609720a Refactor dump compression and use get_bin_path for finding the compressors 2015-05-25 09:22:08 -07:00
fdupoux
1e2ce363f7 Decompress mysql dumps on the fly using python subprocess during an import to simplify operation 2015-05-25 13:40:15 +01:00
Jonathan Mainguy
5a22f052b4 changes hostname to lowercase 2015-05-21 09:32:12 -04:00
Toshio Kuratomi
0c04a54f67 Merge pull request #1368 from ansible/postgresql-user-account-vs-role-fix
Fix a problem introduced with #1101 and optimize privilege handling
2015-05-19 14:17:35 -07:00
Toshio Kuratomi
c9b17136e4 Fix a problem introduced with #1101 and optimize privilege handling
* If a db user belonged to a role which had a privilege, the user would
  not have the privilege added as the role gave the appearance that the
  user already had it.  Fixed to always check the privileges specific to
  the user.
* Make fewer db queries to determine if privileges need to be changed
  and change them (was four for each privilege.  Now two for each object
  that has a set of privileges changed).
2015-05-19 12:57:06 -07:00
Brian Coca
b9dba50372 minor doc fix and made sure check_implicit_admin is true boolean 2015-05-19 10:40:36 -04:00
Toshio Kuratomi
7dd9f57e16 Fix splitting of role_attrs 2015-05-18 12:45:47 -07:00
fdupoux
51ffbda9a1 Add support for xz compression (for dump and import) in mysql_db module 2015-05-12 22:28:18 +01:00
Toshio Kuratomi
ed6b95a0bb Merge pull request #45 from Jmainguy/mysql_db_alldatabases
Adds name=all which allows a user to dump or import all data...
2015-05-12 13:42:12 -07:00
Jonathan Mainguy
f0af9b9ed5 Adds all_databases option which allows a user to dump or import all databases at once, identical to mysqldump --all-databases
fix line 132

Update to name=all

cleaned up all_database per abadger's suggestions
2015-05-12 16:35:38 -04:00
Toshio Kuratomi
8b4e201772 Expand tildes and vars in the config file path 2015-05-08 10:41:01 -07:00
Brian Coca
35703caf6f Merge pull request #1101 from willthames/postgresql_reduce_alter_role
Update postgresql users only when necessary
2015-05-05 08:49:45 -04:00
Pascal Borreli
f29a6ec54d Fixed typos 2015-05-04 12:54:03 +01:00
Toshio Kuratomi
58c8696fc5 Allow playbook specified login_user and login_password to override config file settings 2015-04-30 12:49:32 -07:00
Julia Kreger
35bcd6a965 Set default for mysql_user config_file
The default value set by the module was a value of None for the
config_file parameter, which propogates into the connect method
call overriding the stated default in the method.

Instead, the default should be set with-in the parameter
specification so the file check is not requested to check None.
2015-04-30 11:40:04 -04:00
Brian Coca
8023c60863 minor doc fixes 2015-04-22 15:58:56 -04:00
Sven Schliesing
c53ca2f776 use default value for parameter config_file in connect() 2015-04-22 20:32:39 +02:00
muffl0n
616ac905ff Use MySQLdbs read_default_file 2015-04-22 20:29:21 +02:00
Will Thames
c956c65731 Usage is not a valid database or table privilege
Remove `USAGE` from the `VALID_PRIVS` dict for both database and
table because it is not a valid privilege for either (and
breaks the implementation of `has_table_privilege` and
`has_database_privilege`

See http://www.postgresql.org/docs/9.0/static/sql-grant.html
2015-04-08 13:00:50 +10:00
Will Thames
7d66da35a7 Perform privilege grants/revokes only when required
Use `has_table_privileges` and `has_database_privileges`
to test whether a user already has a privilege before
granting it, or whether a user doesn't have  a privilege
before revoking it.
2015-04-08 12:48:45 +10:00
Will Thames
b4515c8909 Update postgresql users only when necessary
For read-only databases, users should not change when no changes
are required.

Don't issue ALTER ROLE when role attribute flags, users password
or expiry time is not changing.

In certain cases (hashed passwords in the DB, but the password
argument is not hashed) passlib.hash is required to avoid
running ALTER ROLE.
2015-04-08 11:17:11 +10:00