diff options
Diffstat (limited to 'test/integration/targets/mysql_user')
15 files changed, 0 insertions, 844 deletions
diff --git a/test/integration/targets/mysql_user/aliases b/test/integration/targets/mysql_user/aliases deleted file mode 100644 index e93cd86b56..0000000000 --- a/test/integration/targets/mysql_user/aliases +++ /dev/null @@ -1,5 +0,0 @@ -destructive -shippable/posix/group1 -skip/aix -skip/osx -skip/freebsd diff --git a/test/integration/targets/mysql_user/defaults/main.yml b/test/integration/targets/mysql_user/defaults/main.yml deleted file mode 100644 index 7522aba14f..0000000000 --- a/test/integration/targets/mysql_user/defaults/main.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# defaults file for test_mysql_user -db_name: 'data' -user_name_1: 'db_user1' -user_name_2: 'db_user2' -user_name_3: 'db_user3' - -user_password_1: 'gadfFDSdtTU^Sdfuj' -user_password_2: 'jkFKUdfhdso78yi&td' -user_password_3: 'jkFKUdfhdso78yi&tk' - -root_password: 'zevuR6oPh7' - -db_names: - - clientdb - - employeedb - - providerdb - -tmp_dir: '/tmp' diff --git a/test/integration/targets/mysql_user/files/create-function.sql b/test/integration/targets/mysql_user/files/create-function.sql deleted file mode 100644 index dda7bd7fbf..0000000000 --- a/test/integration/targets/mysql_user/files/create-function.sql +++ /dev/null @@ -1,8 +0,0 @@ -USE foo; -DELIMITER ;; -CREATE FUNCTION `function` () RETURNS tinyint(4) -BEGIN - DECLARE NAME_FOUND tinyint DEFAULT 0; - RETURN NAME_FOUND; -END;; -DELIMITER ; diff --git a/test/integration/targets/mysql_user/files/create-procedure.sql b/test/integration/targets/mysql_user/files/create-procedure.sql deleted file mode 100644 index d0d45aa4c3..0000000000 --- a/test/integration/targets/mysql_user/files/create-procedure.sql +++ /dev/null @@ -1,5 +0,0 @@ -USE bar; -DELIMITER ;; -CREATE PROCEDURE `procedure` () -SELECT * FROM bar;; -DELIMITER ; diff --git a/test/integration/targets/mysql_user/meta/main.yml b/test/integration/targets/mysql_user/meta/main.yml deleted file mode 100644 index 1892924b21..0000000000 --- a/test/integration/targets/mysql_user/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: - - setup_mysql_db - - setup_remote_tmp_dir diff --git a/test/integration/targets/mysql_user/tasks/assert_no_user.yml b/test/integration/targets/mysql_user/tasks/assert_no_user.yml deleted file mode 100644 index 0031a6887b..0000000000 --- a/test/integration/targets/mysql_user/tasks/assert_no_user.yml +++ /dev/null @@ -1,25 +0,0 @@ -# test code to assert no mysql user -# (c) 2014, Wayne Rosario <wrosario@ansible.com> - -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. - -# ============================================================ -- name: run command to query for mysql user - command: mysql "-e SELECT User FROM mysql.user where user='{{ user_name }}';" - register: result - -- name: assert mysql user is not present - assert: { that: "'{{ user_name }}' not in result.stdout" } diff --git a/test/integration/targets/mysql_user/tasks/assert_user.yml b/test/integration/targets/mysql_user/tasks/assert_user.yml deleted file mode 100644 index 9ac7cbff13..0000000000 --- a/test/integration/targets/mysql_user/tasks/assert_user.yml +++ /dev/null @@ -1,34 +0,0 @@ -# test code to assert mysql user -# (c) 2014, Wayne Rosario <wrosario@ansible.com> - -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. - -# ============================================================ -- name: run command to query for mysql user - command: mysql "-e SELECT User FROM mysql.user where user='{{ user_name }}';" - register: result - -- name: assert mysql user is present - assert: { that: "'{{ user_name }}' in result.stdout" } - -- name: run command to show privileges for user (expect privileges in stdout) - command: mysql "-e SHOW GRANTS FOR '{{ user_name }}'@'localhost';" - register: result - when: priv is defined - -- name: assert user has giving privileges - assert: { that: "'GRANT {{priv}} ON *.*' in result.stdout" } - when: priv is defined diff --git a/test/integration/targets/mysql_user/tasks/create_user.yml b/test/integration/targets/mysql_user/tasks/create_user.yml deleted file mode 100644 index 15f1eb9dbd..0000000000 --- a/test/integration/targets/mysql_user/tasks/create_user.yml +++ /dev/null @@ -1,29 +0,0 @@ -# test code to create mysql user -# (c) 2014, Wayne Rosario <wrosario@ansible.com> - -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. - -# ============================================================ -- name: create mysql user {{user_name}} - mysql_user: - name: '{{user_name}}' - password: '{{user_password}}' - state: present - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert output message mysql user was created - assert: { that: "result.changed == true" } diff --git a/test/integration/targets/mysql_user/tasks/issue-29511.yaml b/test/integration/targets/mysql_user/tasks/issue-29511.yaml deleted file mode 100644 index fa5d8eddc4..0000000000 --- a/test/integration/targets/mysql_user/tasks/issue-29511.yaml +++ /dev/null @@ -1,78 +0,0 @@ ---- - -- name: Issue test setup - drop database - mysql_db: - name: "{{ item }}" - state: absent - login_unix_socket: '{{ mysql_socket }}' - loop: - - foo - - bar - -- name: Issue test setup - create database - mysql_db: - name: "{{ item }}" - state: present - login_unix_socket: '{{ mysql_socket }}' - loop: - - foo - - bar - -- name: Copy SQL scripts to remote - copy: - src: "{{ item }}" - dest: "{{ remote_tmp_dir }}/{{ item | basename }}" - with_items: - - create-function.sql - - create-procedure.sql - -- name: Create function for test - shell: "mysql < {{ remote_tmp_dir }}/create-function.sql" - -- name: Create procedure for test - shell: "mysql < {{ remote_tmp_dir }}/create-procedure.sql" - -- name: Create user with FUNCTION and PROCEDURE privileges - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - state: present - priv: 'FUNCTION foo.function:EXECUTE/foo.*:SELECT/PROCEDURE bar.procedure:EXECUTE' - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: Assert Create user with FUNCTION and PROCEDURE privileges - assert: - that: - - result is success - - result is changed - -- name: Create user with FUNCTION and PROCEDURE privileges - Idempotent check - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - state: present - priv: 'FUNCTION foo.function:EXECUTE/foo.*:SELECT/PROCEDURE bar.procedure:EXECUTE' - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: Assert Create user with FUNCTION and PROCEDURE privileges - assert: - that: - - result is success - - result is not changed - -- name: Remove user - mysql_user: - name: '{{ user_name_2 }}' - state: absent - login_unix_socket: '{{ mysql_socket }}' - -- name: Issue test teardown - cleanup databases - mysql_db: - name: "{{ item }}" - state: absent - login_unix_socket: '{{ mysql_socket }}' - loop: - - foo - - bar diff --git a/test/integration/targets/mysql_user/tasks/issue-64560.yaml b/test/integration/targets/mysql_user/tasks/issue-64560.yaml deleted file mode 100644 index 3851d859ed..0000000000 --- a/test/integration/targets/mysql_user/tasks/issue-64560.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -- name: Set root password - mysql_user: - name: root - password: '{{ root_password }}' - login_user: root - login_password: '{{ root_password }}' - check_implicit_admin: yes - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert root password is changed - assert: { that: "result.changed == true" } - -- name: Set root password again - mysql_user: - name: root - password: '{{ root_password }}' - login_user: root - login_password: '{{ root_password }}' - check_implicit_admin: yes - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: Assert root password is not changed - assert: { that: "result.changed == false" } diff --git a/test/integration/targets/mysql_user/tasks/main.yml b/test/integration/targets/mysql_user/tasks/main.yml deleted file mode 100644 index 7d2a10c014..0000000000 --- a/test/integration/targets/mysql_user/tasks/main.yml +++ /dev/null @@ -1,220 +0,0 @@ -# test code for the mysql_user module -# (c) 2014, Wayne Rosario <wrosario@ansible.com> - -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 dof the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. - -# ============================================================ -# create mysql user and verify user is added to mysql database -# -- include: create_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} - -- include: assert_user.yml user_name={{user_name_1}} - -- include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} - -- include: assert_no_user.yml user_name={{user_name_1}} - -# ============================================================ -# Create mysql user that already exist on mysql database -# -- include: create_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} - -- name: create mysql user that already exist (expect changed=false) - mysql_user: - name: '{{user_name_1}}' - password: '{{user_password_1}}' - state: present - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert output message mysql user was not created - assert: { that: "result.changed == false" } - -# ============================================================ -# remove mysql user and verify user is removed from mysql database -# -- name: remove mysql user state=absent (expect changed=true) - mysql_user: - name: '{{ user_name_1 }}' - password: '{{ user_password_1 }}' - state: absent - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert output message mysql user was removed - assert: { that: "result.changed == true" } - -- include: assert_no_user.yml user_name={{user_name_1}} - -# ============================================================ -# remove mysql user that does not exist on mysql database -# -- name: remove mysql user that does not exist state=absent (expect changed=false) - mysql_user: - name: '{{ user_name_1 }}' - password: '{{ user_password_1 }}' - state: absent - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert output message mysql user that does not exist - assert: { that: "result.changed == false" } - -- include: assert_no_user.yml user_name={{user_name_1}} - -# ============================================================ -# Create user with no privileges and verify default privileges are assign -# -- name: create user with select privilege state=present (expect changed=true) - mysql_user: - name: '{{ user_name_1 }}' - password: '{{ user_password_1 }}' - state: present - login_unix_socket: '{{ mysql_socket }}' - register: result - -- include: assert_user.yml user_name={{user_name_1}} priv=USAGE - -- include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} - -- include: assert_no_user.yml user_name={{user_name_1}} - -# ============================================================ -# Create user with select privileges and verify select privileges are assign -# -- name: create user with select privilege state=present (expect changed=true) - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - state: present - priv: '*.*:SELECT' - login_unix_socket: '{{ mysql_socket }}' - register: result - -- include: assert_user.yml user_name={{user_name_2}} priv=SELECT - -- include: remove_user.yml user_name={{user_name_2}} user_password={{ user_password_2 }} - -- include: assert_no_user.yml user_name={{user_name_2}} - -# ============================================================ -# Assert user has access to multiple databases -# -- name: give users access to multiple databases - mysql_user: - name: '{{ item[0] }}' - priv: '{{ item[1] }}.*:ALL' - append_privs: yes - password: '{{ user_password_1 }}' - login_unix_socket: '{{ mysql_socket }}' - with_nested: - - [ '{{ user_name_1 }}', '{{ user_name_2 }}'] - - "{{db_names}}" - -- name: show grants access for user1 on multiple database - command: mysql "-e SHOW GRANTS FOR '{{ user_name_1 }}'@'localhost';" - register: result - -- name: assert grant access for user1 on multiple database - assert: { that: "'{{ item }}' in result.stdout" } - with_items: "{{db_names}}" - -- name: show grants access for user2 on multiple database - command: mysql "-e SHOW GRANTS FOR '{{ user_name_2 }}'@'localhost';" - register: result - -- name: assert grant access for user2 on multiple database - assert: { that: "'{{ item }}' in result.stdout" } - with_items: "{{db_names}}" - -- include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} - -- include: remove_user.yml user_name={{user_name_2}} user_password={{ user_password_1 }} - -- name: give user access to database via wildcard - mysql_user: - name: '{{ user_name_1 }}' - priv: '%db.*:SELECT' - append_privs: yes - password: '{{ user_password_1 }}' - login_unix_socket: '{{ mysql_socket }}' - -- name: show grants access for user1 on multiple database - command: mysql "-e SHOW GRANTS FOR '{{ user_name_1 }}'@'localhost';" - register: result - -- name: assert grant access for user1 on multiple database - assert: - that: - - "'%db' in result.stdout" - - "'SELECT' in result.stdout" - -- name: change user access to database via wildcard - mysql_user: - name: '{{ user_name_1 }}' - priv: '%db.*:INSERT' - append_privs: yes - password: '{{ user_password_1 }}' - login_unix_socket: '{{ mysql_socket }}' - -- name: show grants access for user1 on multiple database - command: mysql "-e SHOW GRANTS FOR '{{ user_name_1 }}'@'localhost';" - register: result - -- name: assert grant access for user1 on multiple database - assert: - that: - - "'%db' in result.stdout" - - "'INSERT' in result.stdout" - -- include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} - -# ============================================================ -# Update user password for a user. -# Assert the user password is updated and old password can no longer be used. -# -#- include: user_password_update_test.yml - -# ============================================================ -# Assert create user with SELECT privileges, attempt to create database and update privileges to create database -# -- include: test_privs.yml current_privilege=SELECT current_append_privs=no - -# ============================================================ -# Assert creating user with SELECT privileges, attempt to create database and append privileges to create database -# -- include: test_privs.yml current_privilege=DROP current_append_privs=yes - -# ============================================================ -# Assert create user with SELECT privileges, attempt to create database and update privileges to create database -# -- include: test_privs.yml current_privilege='UPDATE,ALTER' current_append_privs=no - -# ============================================================ -# Assert creating user with SELECT privileges, attempt to create database and append privileges to create database -# -- include: test_privs.yml current_privilege='INSERT,DELETE' current_append_privs=yes - -# Tests for the priv parameter with dict value (https://github.com/ansible/ansible/issues/57533) -- include: test_priv_dict.yml - -- import_tasks: issue-29511.yaml - tags: - - issue-29511 - -- import_tasks: issue-64560.yaml - tags: - - issue-64560 diff --git a/test/integration/targets/mysql_user/tasks/remove_user.yml b/test/integration/targets/mysql_user/tasks/remove_user.yml deleted file mode 100644 index 9546760e17..0000000000 --- a/test/integration/targets/mysql_user/tasks/remove_user.yml +++ /dev/null @@ -1,59 +0,0 @@ -# test code to remove mysql user -# (c) 2014, Wayne Rosario <wrosario@ansible.com> - -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. - -# ============================================================ -- name: remove mysql user {{user_name}} - mysql_user: - name: '{{user_name}}' - password: '{{user_password}}' - state: absent - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert output message mysql user was removed - assert: { that: "result.changed == true" } - -# ============================================================ -- name: create blank mysql user to be removed later - mysql_user: - name: "" - state: present - password: 'KJFDY&D*Sfuydsgf' - login_unix_socket: '{{ mysql_socket }}' - -- name: remove blank mysql user with hosts=all (expect changed) - mysql_user: - user: "" - host_all: true - state: absent - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert changed is true for removing all blank users - assert: { that: "result.changed == true" } - -- name: remove blank mysql user with hosts=all (expect ok) - mysql_user: - user: "" - host_all: true - state: absent - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert changed is true for removing all blank users - assert: { that: "result.changed == false" } diff --git a/test/integration/targets/mysql_user/tasks/test_priv_dict.yml b/test/integration/targets/mysql_user/tasks/test_priv_dict.yml deleted file mode 100644 index a28cc806f6..0000000000 --- a/test/integration/targets/mysql_user/tasks/test_priv_dict.yml +++ /dev/null @@ -1,46 +0,0 @@ -# Tests for priv parameter value passed as a dict -- name: Create test databases - mysql_db: - name: '{{ item }}' - state: present - login_unix_socket: '{{ mysql_socket }}' - loop: - - data1 - - data2 - -- name: Create user with privileges - mysql_user: - name: '{{ user_name_3 }}' - password: '{{ user_password_3 }}' - priv: - "data1.*": "SELECT" - "data2.*": "SELECT" - state: present - login_unix_socket: '{{ mysql_socket }}' - -- name: Run command to show privileges for user (expect privileges in stdout) - command: mysql "-e SHOW GRANTS FOR '{{ user_name_3 }}'@'localhost';" - register: result - -- name: Assert user has giving privileges - assert: - that: - - "'GRANT SELECT ON `data1`.*' in result.stdout" - - "'GRANT SELECT ON `data2`.*' in result.stdout" - -########## -# Clean up -- name: Drop test databases - mysql_db: - name: '{{ item }}' - state: present - login_unix_socket: '{{ mysql_socket }}' - loop: - - data1 - - data2 - -- name: Drop test user - mysql_user: - name: '{{ user_name_3 }}' - state: absent - login_unix_socket: '{{ mysql_socket }}' diff --git a/test/integration/targets/mysql_user/tasks/test_privs.yml b/test/integration/targets/mysql_user/tasks/test_privs.yml deleted file mode 100644 index 70b33c2947..0000000000 --- a/test/integration/targets/mysql_user/tasks/test_privs.yml +++ /dev/null @@ -1,130 +0,0 @@ -# test code for privileges for mysql_user module -# (c) 2014, Wayne Rosario <wrosario@ansible.com> - -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. - -# ============================================================ -- name: create user with basic select privileges - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - priv: '*.*:SELECT' - state: present - login_unix_socket: '{{ mysql_socket }}' - when: current_append_privs == "yes" - -- include: assert_user.yml user_name={{user_name_2}} priv='SELECT' - when: current_append_privs == "yes" - -- name: create user with current privileges (expect changed=true) - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - priv: '*.*:{{current_privilege}}' - append_privs: '{{current_append_privs}}' - state: present - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: assert output message for current privileges - assert: { that: "result.changed == true" } - -- name: run command to show privileges for user (expect privileges in stdout) - command: mysql "-e SHOW GRANTS FOR '{{user_name_2}}'@'localhost';" - register: result - -- name: assert user has correct privileges - assert: { that: "'GRANT {{current_privilege | replace(',', ', ')}} ON *.*' in result.stdout" } - when: current_append_privs == "no" - -- name: assert user has correct privileges - assert: { that: "'GRANT SELECT, {{current_privilege | replace(',', ', ')}} ON *.*' in result.stdout" } - when: current_append_privs == "yes" - -- name: create database using user current privileges - mysql_db: - name: '{{ db_name }}' - state: present - login_user: '{{ user_name_2 }}' - login_password: '{{ user_password_2 }}' - ignore_errors: true - -- name: run command to test that database was not created - command: mysql "-e show databases like '{{ db_name }}';" - register: result - -- name: assert database was not created - assert: { that: "'{{ db_name }}' not in result.stdout" } - -# ============================================================ -- name: Add privs to a specific table (expect changed) - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - priv: 'jmainguy.jmainguy:ALL' - state: present - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: Assert that priv changed - assert: { that: "result.changed == true" } - -- name: Add privs to a specific table (expect ok) - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - priv: 'jmainguy.jmainguy:ALL' - state: present - login_unix_socket: '{{ mysql_socket }}' - register: result - -- name: Assert that priv did not change - assert: { that: "result.changed == false" } - -# ============================================================ -- name: update user with all privileges - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - priv: '*.*:ALL' - state: present - login_unix_socket: '{{ mysql_socket }}' - -- include: assert_user.yml user_name={{user_name_2}} priv='ALL PRIVILEGES' - -- name: create database using user - mysql_db: - name: '{{ db_name }}' - state: present - login_user: '{{ user_name_2 }}' - login_password: '{{ user_password_2 }}' - -- name: run command to test database was created using user new privileges - command: mysql "-e SHOW CREATE DATABASE {{ db_name }};" - -- name: drop database using user - mysql_db: - name: '{{ db_name }}' - state: absent - login_user: '{{ user_name_2 }}' - login_password: '{{ user_password_2 }}' - -- name: remove username - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - state: absent - login_unix_socket: '{{ mysql_socket }}' diff --git a/test/integration/targets/mysql_user/tasks/user_password_update_test.yml b/test/integration/targets/mysql_user/tasks/user_password_update_test.yml deleted file mode 100644 index 1f126c48b5..0000000000 --- a/test/integration/targets/mysql_user/tasks/user_password_update_test.yml +++ /dev/null @@ -1,156 +0,0 @@ -# test code update password for the mysql_user module -# (c) 2014, Wayne Rosario <wrosario@ansible.com> - -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 dof the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. - -# ============================================================ -# Update user password for a user. -# Assert the user password is updated and old password can no longer be used. -# -- name: create user1 state=present with a password - mysql_user: - name: '{{ user_name_1 }}' - password: '{{ user_password_1 }}' - priv: '*.*:ALL' - state: present - login_unix_socket: '{{ mysql_socket }}' - -- name: create user2 state=present with a password - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_2 }}' - priv: '*.*:ALL' - state: present - login_unix_socket: '{{ mysql_socket }}' - -- name: store user2 grants with old password (mysql 5.7.6 and newer) - command: mysql "-e SHOW CREATE USER '{{ user_name_2 }}'@'localhost';" - register: user_password_old_create - ignore_errors: yes - -- name: store user2 grants with old password (mysql 5.7.5 and older) - command: mysql "-e SHOW GRANTS FOR '{{ user_name_2 }}'@'localhost';" - register: user_password_old - when: user_password_old_create is failed - -# FIXME: not sure why this is failing, but it looks like it should expect changed=true -#- name: update user2 state=present with same password (expect changed=false) -# mysql_user: -# name: '{{ user_name_2 }}' -# password: '{{ user_password_2 }}' -# priv: '*.*:ALL' -# state: present -# login_unix_socket: '{{ mysql_socket }}' -# register: result -# -#- name: assert output user2 was not updated -# assert: { that: "result.changed == false" } - -- include: assert_user.yml user_name={{user_name_2}} priv='ALL PRIVILEGES' - -- name: update user2 state=present with a new password (expect changed=true) - mysql_user: - name: '{{ user_name_2 }}' - password: '{{ user_password_1 }}' - state: present - login_unix_socket: '{{ mysql_socket }}' - register: result - -- include: assert_user.yml user_name={{user_name_2}} priv='ALL PRIVILEGES' - -- name: store user2 grants with old password (mysql 5.7.6 and newer) - command: mysql "-e SHOW CREATE USER '{{ user_name_2 }}'@'localhost';" - register: user_password_new_create - ignore_errors: yes - -- name: store user2 grants with new password - command: mysql "-e SHOW GRANTS FOR '{{ user_name_2 }}'@'localhost';" - register: user_password_new - when: user_password_new_create is failed - -- name: assert output message password was update for user2 (mysql 5.7.6 and newer) - assert: { that: "user_password_old_create.stdout != user_password_new_create.stdout" } - when: user_password_new_create is not failed - -- name: assert output message password was update for user2 (mysql 5.7.5 and older) - assert: { that: "user_password_old.stdout != user_password_new.stdout" } - when: user_password_new_create is failed - -- name: create database using user2 and old password - mysql_db: - name: '{{ db_name }}' - state: present - login_user: '{{ user_name_2 }}' - login_password: '{{ user_password_2 }}' - ignore_errors: true - register: result - -- debug: var=result.msg -- name: assert output message that database not create with old password - assert: - that: - - "result.failed == true" - -- name: create database using user2 and new password - mysql_db: - name: '{{ db_name }}' - state: present - login_user: '{{ user_name_2 }}' - login_password: '{{ user_password_1 }}' - register: result - -- name: assert output message that database is created with new password - assert: { that: "result.changed == true" } - -- name: remove database - mysql_db: - name: '{{ db_name }}' - state: absent - login_unix_socket: '{{ mysql_socket }}' - -- include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} - -- include: remove_user.yml user_name={{user_name_2}} user_password={{ user_password_1 }} - -- name: Create user with Fdt8fd^34ds using hash. (expect changed=true) - mysql_user: - name: jmainguy - password: '*0cb5b86f23fdc24db19a29b8854eb860cbc47793' - encrypted: yes - login_unix_socket: '{{ mysql_socket }}' - register: encrypt_result - -- name: Check that the module made a change - assert: - that: - - "encrypt_result.changed == True" - -- name: See if the password needs to be updated. (expect changed=false) - mysql_user: - name: jmainguy - password: 'Fdt8fd^34ds' - login_unix_socket: '{{ mysql_socket }}' - register: plain_result - -- name: Check that the module did not change the password - assert: - that: - - "plain_result.changed == False" - -- name: Remove user (cleanup) - mysql_user: - name: jmainguy - state: absent |