From 8e84ef23dd3f6fe5fbf4c19a9efebbb2a2733475 Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Thu, 5 May 2022 16:12:23 +0200 Subject: [PATCH 01/13] mysql_user: prevent password getting set for existing users on on_create when plugin is used --- plugins/modules/mysql_user.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index 9299eafc..3c61f36d 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -456,8 +456,13 @@ def main(): priv, append_privs, subtract_privs, tls_requires, module) else: changed, msg = user_mod(cursor, user, host, host_all, None, encrypted, +<<<<<<< HEAD plugin, plugin_hash_string, plugin_auth_string, priv, append_privs, subtract_privs, tls_requires, module) +======= + None, None, None, + priv, append_privs, tls_requires, module) +>>>>>>> mysql_user: prevent password getting set for existing users on on_create when plugin is used except (SQLParseError, InvalidPrivsError, mysql_driver.Error) as e: module.fail_json(msg=to_native(e)) From bcbb620467d37c923e59eea36989053d3f3c7f2f Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Fri, 6 May 2022 15:45:42 +0200 Subject: [PATCH 02/13] added changelog fragment --- changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml new file mode 100644 index 00000000..7483d899 --- /dev/null +++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml @@ -0,0 +1,4 @@ +bugfixes: + - "mysql_user - fix logicwhen update_password is set to on_create for users using plugin* arguments (https://github.com/ansible-collections/community.mysql/issues/334)." + + From 907892e8ec9895a8f024b003bfb0a5f8416a0c42 Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Wed, 25 May 2022 09:42:07 +0200 Subject: [PATCH 03/13] format fix --- changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml index 7483d899..57626749 100644 --- a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml +++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml @@ -1,4 +1,4 @@ bugfixes: - - "mysql_user - fix logicwhen update_password is set to on_create for users using plugin* arguments (https://github.com/ansible-collections/community.mysql/issues/334)." + - "mysql_user - fix logicwhen ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334)." From 955d27491a0f4063eb508c065594ff7d93de4656 Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Wed, 25 May 2022 12:21:45 +0200 Subject: [PATCH 04/13] added substract_privs, to t list of arguments --- plugins/modules/mysql_user.py | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index 3c61f36d..ca1c457e 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -456,13 +456,8 @@ def main(): priv, append_privs, subtract_privs, tls_requires, module) else: changed, msg = user_mod(cursor, user, host, host_all, None, encrypted, -<<<<<<< HEAD - plugin, plugin_hash_string, plugin_auth_string, - priv, append_privs, subtract_privs, tls_requires, module) -======= None, None, None, - priv, append_privs, tls_requires, module) ->>>>>>> mysql_user: prevent password getting set for existing users on on_create when plugin is used + priv, append_privs, subtract_privs, tls_requires, module) except (SQLParseError, InvalidPrivsError, mysql_driver.Error) as e: module.fail_json(msg=to_native(e)) From df9be2f11b98a177c6e24e55f4e0f2ba77b85bc8 Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Wed, 25 May 2022 13:35:53 +0200 Subject: [PATCH 05/13] clarify the documetation --- .../fragments/334-mysql_user_fix_logic_on_oncreate.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml index 57626749..2f3437a2 100644 --- a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml +++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml @@ -1,4 +1,4 @@ bugfixes: - - "mysql_user - fix logicwhen ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334)." - - + - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334)." + - ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments + - this PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change From 23b1777fa25e24ad38ca44ec48135dd556c5db0d Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Wed, 25 May 2022 15:05:23 +0200 Subject: [PATCH 06/13] additional documentation to password,plugin,plugin_hash_string,plugin_auth_string options, format fix on changelog --- .../fragments/334-mysql_user_fix_logic_on_oncreate.yml | 4 +--- plugins/modules/mysql_user.py | 6 +++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml index 2f3437a2..ec55c7d5 100644 --- a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml +++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml @@ -1,4 +1,2 @@ bugfixes: - - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334)." - - ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments - - this PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change + - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334).". The ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments. This PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index ca1c457e..235883e2 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -22,7 +22,7 @@ required: true password: description: - - Set the user's password. + - Set the user's password. Only for `mysql_native_password` authentication. For other authentication plugins see the combination of plugin, plugin_hash_string, plugin_auth_string. type: str encrypted: description: @@ -115,8 +115,8 @@ default: no update_password: description: - - C(always) will update passwords if they differ. - - C(on_create) will only set the password for newly created users. + - C(always) will update passwords if they differ. This affects password and the combinationi of plugin, plugin_hash_string, plugin_auth_string + - C(on_create) will only set the password or the combination of plugin, plugin_hash_string, plugin_auth_string for newly created users. type: str choices: [ always, on_create ] default: always From 65e56f3a013ca5ea142154102515aa676e343d5a Mon Sep 17 00:00:00 2001 From: hubiongithub <79990207+hubiongithub@users.noreply.github.com> Date: Sat, 28 May 2022 08:07:53 +0200 Subject: [PATCH 07/13] Update plugins/modules/mysql_user.py Co-authored-by: Andrew Klychkov --- plugins/modules/mysql_user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index 235883e2..19e881a3 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -22,7 +22,7 @@ required: true password: description: - - Set the user's password. Only for `mysql_native_password` authentication. For other authentication plugins see the combination of plugin, plugin_hash_string, plugin_auth_string. + - Set the user's password. Only for C(mysql_native_password) authentication. For other authentication plugins see the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). type: str encrypted: description: From 837e2e0f5588293cd0ab386e4a45086e4aeb38e2 Mon Sep 17 00:00:00 2001 From: hubiongithub <79990207+hubiongithub@users.noreply.github.com> Date: Sat, 28 May 2022 08:08:20 +0200 Subject: [PATCH 08/13] Update plugins/modules/mysql_user.py Co-authored-by: Andrew Klychkov --- plugins/modules/mysql_user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index 19e881a3..28b75b6f 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -115,7 +115,7 @@ default: no update_password: description: - - C(always) will update passwords if they differ. This affects password and the combinationi of plugin, plugin_hash_string, plugin_auth_string + - C(always) will update passwords if they differ. This affects I(password) and the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). - C(on_create) will only set the password or the combination of plugin, plugin_hash_string, plugin_auth_string for newly created users. type: str choices: [ always, on_create ] From ce1a404f6af3c9a4f78306c7a7d0e4fe58086346 Mon Sep 17 00:00:00 2001 From: hubiongithub <79990207+hubiongithub@users.noreply.github.com> Date: Sat, 28 May 2022 08:08:35 +0200 Subject: [PATCH 09/13] Update plugins/modules/mysql_user.py Co-authored-by: Andrew Klychkov --- plugins/modules/mysql_user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index 28b75b6f..67e0ffa6 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -116,7 +116,7 @@ update_password: description: - C(always) will update passwords if they differ. This affects I(password) and the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). - - C(on_create) will only set the password or the combination of plugin, plugin_hash_string, plugin_auth_string for newly created users. + - C(on_create) will only set the password or the combination of plugin, plugin_hash_string, plugin_auth_string for newly created users. type: str choices: [ always, on_create ] default: always From a0aa029f674848100c7931a21a9599bbe4481dab Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Mon, 30 May 2022 11:19:55 +0200 Subject: [PATCH 10/13] linting --- changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml index ec55c7d5..2d120af5 100644 --- a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml +++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml @@ -1,2 +1,2 @@ bugfixes: - - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334).". The ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments. This PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change + - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334).. The ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments. This PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change" From b931cd70a7764ab3ad36e800684b09d76a881ccb Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Mon, 30 May 2022 11:28:23 +0200 Subject: [PATCH 11/13] linting --- changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml index 2d120af5..4ac88a15 100644 --- a/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml +++ b/changelogs/fragments/334-mysql_user_fix_logic_on_oncreate.yml @@ -1,2 +1,2 @@ bugfixes: - - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334).. The ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments. This PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change" + - "mysql_user - fix logic when ``update_password`` is set to ``on_create`` for users using ``plugin*`` arguments (https://github.com/ansible-collections/community.mysql/issues/334). The ``on_create`` sets ``password`` to None for old mysql_native_authentication but not for authentiation methods which uses the ``plugin*`` arguments. This PR changes this so ``on_create`` also exchange ``plugin``, ``plugin_hash_string``, ``plugin_auth_string`` to None in the list of arguments to change" From 4d6cacb761ed8e0fc419edbf704c3001baac612f Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Mon, 30 May 2022 14:36:53 +0200 Subject: [PATCH 12/13] linting --- plugins/modules/mysql_user.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index 67e0ffa6..be3c595b 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -22,7 +22,8 @@ required: true password: description: - - Set the user's password. Only for C(mysql_native_password) authentication. For other authentication plugins see the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). + - Set the user's password. Only for C(mysql_native_password) authentication. + For other authentication plugins see the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). type: str encrypted: description: From f7cc26de96d2256e08c8001ac880855effc8720d Mon Sep 17 00:00:00 2001 From: Hubertus Krogmann Date: Mon, 30 May 2022 15:53:45 +0200 Subject: [PATCH 13/13] linting --- plugins/modules/mysql_user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/mysql_user.py b/plugins/modules/mysql_user.py index be3c595b..292179a5 100644 --- a/plugins/modules/mysql_user.py +++ b/plugins/modules/mysql_user.py @@ -22,7 +22,7 @@ required: true password: description: - - Set the user's password. Only for C(mysql_native_password) authentication. + - Set the user's password. Only for C(mysql_native_password) authentication. For other authentication plugins see the combination of I(plugin), I(plugin_hash_string), I(plugin_auth_string). type: str encrypted: