Merge pull request #3831 from igalarzab/ticket-3703

Check MySQL password on mysql.user_present state
2024-11-08 01:18:58 +00:00 · 2013-02-24 06:25:22 -08:00 · 2013-02-24 06:25:22 -08:00 · 8307d382f4
commit 8307d382f4
parent d1aa2a2286 0d7e42bba0
2 changed files with 45 additions and 15 deletions
--- a/salt/modules/mysql.py
+++ b/salt/modules/mysql.py
@ -427,18 +427,26 @@ def user_list():
    return results


-def user_exists(user, host='localhost'):
+def user_exists(user, host='localhost', password=None, password_hash=None):
    '''
    Checks if a user exists on the  MySQL server.

    CLI Example::

-        salt '*' mysql.user_exists 'username' 'hostname'
+        salt '*' mysql.user_exists 'username' 'hostname' 'password'
+
+        salt '*' mysql.user_exists 'username' 'hostname' password_hash='hash'
    '''
    dbc = _connect()
    cur = dbc.cursor()
    query = ('SELECT User,Host FROM mysql.user WHERE User = \'{0}\' AND '
             'Host = \'{1}\''.format(user, host))
+
+    if password:
+        query = query + ' AND password = PASSWORD(\'{0}\')'.format(password)
+    elif password_hash:
+        query = query + ' AND password = \'{0}\''.format(password_hash)
+
    log.debug('Doing query: {0}'.format(query))
    cur.execute(query)
    return cur.rowcount == 1
@ -491,7 +499,7 @@ def user_create(user,
    log.debug('Query: {0}'.format(query))
    cur.execute(query)

-    if user_exists(user, host):
+    if user_exists(user, host, password, password_hash):
        log.info('User \'{0}\'@\'{1}\' has been created'.format(user, host))
        return True

--- a/salt/states/mysql_user.py
+++ b/salt/states/mysql_user.py
@ -47,21 +47,43 @@ def present(name,
           'changes': {},
           'result': True,
           'comment': 'User {0}@{1} is already present'.format(name, host)}
-    # check if user exists
-    if __salt__['mysql.user_exists'](name, host):
+
+    # check if user exists with the same password
+    if __salt__['mysql.user_exists'](name, host, password, password_hash):
        return ret

-    # The user is not present, make it!
-    if __opts__['test']:
-        ret['result'] = None
-        ret['comment'] = 'User {0}@{1} is set to be added'.format(name, host)
-        return ret
-    if __salt__['mysql.user_create'](name, host, password, password_hash):
-        ret['comment'] = 'The user {0}@{1} has been added'.format(name, host)
-        ret['changes'][name] = 'Present'
+    # check if user exists with a different password
+    if __salt__['mysql.user_exists'](name, host):
+
+        # The user is present, change the password
+        if __opts__['test']:
+            ret['result'] = None
+            ret['comment'] = ('Password for user {0}@{1} is set '
+                              'to be changed'.format(name, host))
+            return ret
+
+        if __salt__['mysql.user_chpass'](name, host, password, password_hash):
+            ret['comment'] = ('Password for user {0}@{1} has '
+                              'been changed'.format(name, host))
+            ret['changes'][name] = 'Updated'
+        else:
+            ret['comment'] = ('Failed to change password for '
+                              'user {0}@{1}'.format(name, host))
+            ret['result'] = False
    else:
-        ret['comment'] = 'Failed to create user {0}@{1}'.format(name, host)
-        ret['result'] = False
+
+        # The user is not present, make it!
+        if __opts__['test']:
+            ret['result'] = None
+            ret['comment'] = 'User {0}@{1} is set to be added'.format(name, host)
+            return ret
+
+        if __salt__['mysql.user_create'](name, host, password, password_hash):
+            ret['comment'] = 'The user {0}@{1} has been added'.format(name, host)
+            ret['changes'][name] = 'Present'
+        else:
+            ret['comment'] = 'Failed to create user {0}@{1}'.format(name, host)
+            ret['result'] = False

    return ret