a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,377 Commits
12 Branches
186 Tags
285 MiB
Commit Graph

111 Commits (40948cfcc460cff79cccdf10d09a8d93bce28d25)

Author SHA1 Message Date
Will Thames 34e0e17090 Perform privilege grants/revokes only when required 
Use `has_table_privileges` and `has_database_privileges`
to test whether a user already has a privilege before
granting it, or whether a user doesn't have  a privilege
before revoking it.
 2016-12-08 11:23:03 -05:00
Toshio Kuratomi 4f42e752e6 Allow playbook specified login_user and login_password to override config file settings 2016-12-08 11:23:03 -05:00
Toshio Kuratomi 0af631499a Use a list comprehension instead of map and lambda 2016-12-08 11:23:02 -05:00
Toshio Kuratomi c291c2dfea Fix for the new import code when password is empty 2016-12-08 11:23:02 -05:00
Dennis Rowe 5109628693 Strip spaces around perms 2016-12-08 11:23:02 -05:00
Johann Schmitz 8f8109f1e0 Improved output of mysql_db plugin 
Show error number and error description on connect error to ease debugging.
 2016-12-08 11:23:02 -05:00
Jonathan Mainguy 7ab2ddbe2a escapeds changes 
fixed merge conflict

remove uneeded regexs

arrays
 2016-12-08 11:23:02 -05:00
Robin Miller a2f685a134 Replaced lambda functions with list comprehensions. 2016-12-08 11:23:02 -05:00
Robin Miller 8859a7cf8e Only revoke actually granted permissions, not 'ALL'. 
This prevents errors when the login_user does not have 'ALL'
permissions, and the 'priv' value contains fewer permissions than are
held by an existing user. This is particularly an issue when using an
Amazon Web Services RDS instance, as there is no (accessible) user with
'ALL' permissions on *.*.
 2016-12-08 11:23:01 -05:00
fdupoux e34c7f31dc Refactoring to avoid duplication of code which manages the decompression of database dumps in various formats 2016-12-08 11:23:01 -05:00
fdupoux 9b83311471 Simplify code which prepares the decompression command 2016-12-08 11:23:01 -05:00
Toshio Kuratomi dd4838e4aa Refactor dump compression and use get_bin_path for finding the compressors 2016-12-08 11:23:01 -05:00
fdupoux aa79810cc8 Decompress mysql dumps on the fly using python subprocess during an import to simplify operation 2016-12-08 11:23:01 -05:00
Jonathan Mainguy b25bc20d3d changes hostname to lowercase 2016-12-08 11:23:00 -05:00
Brian Coca 831af880f0 minor doc fix and made sure check_implicit_admin is true boolean 2016-12-08 11:23:00 -05:00
Toshio Kuratomi 5c96c5c9c2 Fix splitting of role_attrs 2016-12-08 11:23:00 -05:00
fdupoux 6f2f07ef51 Add support for xz compression (for dump and import) in mysql_db module 2016-12-08 11:22:59 -05:00
Jonathan Mainguy 1ba2e34ae1 Adds all_databases option which allows a user to dump or import all databases at once, identical to mysqldump --all-databases 
fix line 132

Update to name=all

cleaned up all_database per abadger's suggestions
 2016-12-08 11:22:57 -05:00
Will Thames 9aff204f63 Usage is not a valid database or table privilege 
Remove `USAGE` from the `VALID_PRIVS` dict for both database and
table because it is not a valid privilege for either (and
breaks the implementation of `has_table_privilege` and
`has_database_privilege`

See http://www.postgresql.org/docs/9.0/static/sql-grant.html
 2016-12-08 11:22:57 -05:00
Will Thames 43bad27948 Update postgresql users only when necessary 
For read-only databases, users should not change when no changes
are required.

Don't issue ALTER ROLE when role attribute flags, users password
or expiry time is not changing.

In certain cases (hashed passwords in the DB, but the password
argument is not hashed) passlib.hash is required to avoid
running ALTER ROLE.
 2016-12-08 11:22:56 -05:00
Julia Kreger 6f7cd5c307 Set default for mysql_user config_file 
The default value set by the module was a value of None for the
config_file parameter, which propogates into the connect method
call overriding the stated default in the method.

Instead, the default should be set with-in the parameter
specification so the file check is not requested to check None.
 2016-12-08 11:22:56 -05:00
Sven Schliesing 90d434d66d use default value for parameter config_file in connect() 2016-12-08 11:22:55 -05:00
muffl0n 62bc6f2ba6 Use MySQLdbs read_default_file 2016-12-08 11:22:55 -05:00
tedder 9fd568f655 code review fixes per #957 2016-12-08 11:22:52 -05:00
tedder 35ce9fb095 skip password changes so pg_authid isn't needed 
Some places ([AWS RDS](https://forums.aws.amazon.com/thread.jspa?threadID=151248)) don't have, or don't allow, access to the `pg_authid` table. The only reason that is necessary is to check for a password change.

This flag is a workaround so passwords can only be set at creation time. It isn't as elegant as changing the password down the line, but it fixes the longstanding issue #297 that prevented this from being useful on AWS RDS.
 2016-12-08 11:22:52 -05:00
Solomon Gifford d14bbf514e mysql_user #829: add update_password to mysql_user 2016-12-08 11:22:52 -05:00
Toshio Kuratomi e5ba4e87d8 Fix for int port assignment in a playbook failing 
Ports are integer values but the old code was assuming they were
strings.  When login_port is put into playbook complex_args as an
integer the code would fail.  This update should make the argument
validating make sure we have an integer and then we can send that value
directly to the relevant APIs.

Fixes #818
 2016-12-08 11:22:46 -05:00
Jonathan Mainguy 1608163b26 Now correctly gzip/bzips file back up in case of import failure 
Removed gunzip and bunzip2 dependency
 2016-12-08 11:22:46 -05:00
Toshio Kuratomi b9984b1dfe Fix documentation to have correct param name 2016-12-08 11:22:45 -05:00
David Hummel 63e9de3170 Fix issue #793: mysql_db: for state={absent,present} connections to database mysql fail for users other than root 2016-12-08 11:22:42 -05:00
Johannes Steger 1a440d6a06 Fix function identifier quoting 2016-12-08 11:22:39 -05:00
Toshio Kuratomi e11ea4b402 Also catch mysql errors so we can give the error message back through json rather than tracebacking 2016-12-08 11:22:37 -05:00
Bruce Pennypacker 605a5a5b53 requested changes 2016-12-08 11:22:37 -05:00
Bruce Pennypacker 9cbe3eb8ae Added support for 'REQUIRE SSL' grant option 2016-12-08 11:22:37 -05:00
Michael J. Schultz 588d03db8d Build the db connection on `"postgres"` instead of `"template1"` 
According to the postgresql docs[1], you should not have a connection with
`"template1"` when copying multiple databases.

[1]: http://www.postgresql.org/docs/9.1/static/manage-ag-templatedbs.html
 2016-12-08 11:22:36 -05:00
Jonathan Mainguy 13990e9479 adds error message if socket does not exist 2016-12-08 11:22:35 -05:00
kustodian 8621f9a7cd Fixed postgresql_db failing on Python 2.4 with --check 
This reverts commit 81cbdb6c8cf54c41ba2ee3330c968e2feea05a5c and adds ignoring of the SystemExit exception because of Python 2.4.
 2016-12-08 11:22:33 -05:00
Petros Moisiadis 63b18ae618 mysql_user: Added missing privileges 
Added missing privileges 'CREATE TABLESPACE' and 'PROXY' (see: http://dev.mysql.com/doc/refman/5.5/en/privileges-provided.html).
 2016-12-08 11:22:32 -05:00
Andrew Shults 2390184084 Strip white space to support multiline permissions in YAML 2016-12-08 11:22:32 -05:00
Toshio Kuratomi 9fde3c2dc5 Add USAGE as a valid privilege 2016-12-08 11:22:31 -05:00
Toshio Kuratomi cd7cc07e85 Gixes to doc formatting 2016-12-08 11:22:31 -05:00
Toshio Kuratomi 307116b838 Fix typo so docs will build 2016-12-08 11:22:31 -05:00
Toshio Kuratomi ddc81c7b93 Escape % in db+table names before adding to a format string being passed into db.execute() 
Fixes #416
 2016-12-08 11:22:29 -05:00
Dan fe787f1bc9 Adds a login_unix_socket option to the postgresql_privs module. 2016-12-08 11:22:29 -05:00
Dan ee65c55fb0 Adds a unix_socket/login_unix_socket option to the postgresql_user module. 2016-12-08 11:22:29 -05:00
Dan 789ee410f1 Adds a login_unix_socket option to the postgresql_db module. 2016-12-08 11:22:29 -05:00
Toshio Kuratomi 5734838cd1 Fix module traceback instead of returning an error 2016-12-08 11:22:29 -05:00
Toshio Kuratomi e8081baca9 Fix for single role_attr 2016-12-08 11:22:28 -05:00
Toshio Kuratomi 47b009b001 Add a bare grant to the list of allowed privileges 2016-12-08 11:22:28 -05:00
Devin Christensen b2829cf6b9 Fix user_alter in postgresql_user 2016-12-08 11:22:28 -05:00
Devin Christensen ff7a9eb625 Fix user_add in postgresql_user 2016-12-08 11:22:28 -05:00
Toshio Kuratomi bed60553ca Escape mysql identifiers 2016-12-08 11:22:28 -05:00
Toshio Kuratomi 87b2afc272 Correct new function name 2016-12-08 11:22:28 -05:00
Toshio Kuratomi 3e9771f544 Normalize privs and flags to uppercase so comparisons against allowed names will work 2016-12-08 11:22:28 -05:00
Toshio Kuratomi e0ac340f59 Make sure we quote or confirm good all user provided identifiers 2016-12-08 11:22:28 -05:00
Toshio Kuratomi d3787840a4 Audit escaping of identifiers in the postgresql_user module 2016-12-08 11:22:28 -05:00
Toshio Kuratomi 32aaa07325 More robust quoting of database identifiers 
Note: These aren't database values, those are already using the
appropriate Pyhton DB API method for quoting.
 2016-12-08 11:22:27 -05:00
Michael DeHaan 5d814d9fb2 Some more module categorization. 2016-12-08 11:22:25 -05:00
Michael DeHaan ef2a2b9093 package files 2016-12-08 11:22:22 -05:00
Michael DeHaan 213e518165 file extensions! 2016-12-08 11:22:22 -05:00
Michael DeHaan c7eec45b73 Restructuring. 2016-12-08 11:22:22 -05:00