Merge "Use newer style mysql syntax for users/passwords"
This commit is contained in:
Zuul
Gerrit Code Review
commit
6c1362dfe5
@ -382,7 +382,7 @@ class SetPassword(object):
|
|||||||
'user_host': self.host,
|
'user_host': self.host,
|
||||||
'new_password': self.new_password}
|
'new_password': self.new_password}
|
||||||
return ("SET PASSWORD FOR '%(user_name)s'@'%(user_host)s' = "
|
return ("SET PASSWORD FOR '%(user_name)s'@'%(user_host)s' = "
|
||||||
"PASSWORD('%(new_password)s');" % properties)
|
"'%(new_password)s';" % properties)
|
||||||
|
|
||||||
|
|
||||||
class DropUser(object):
|
class DropUser(object):
|
||||||
|
|||||||
@ -308,17 +308,16 @@ class BaseMySqlAdmin(object):
|
|||||||
for item in users:
|
for item in users:
|
||||||
user = models.MySQLUser.deserialize(item)
|
user = models.MySQLUser.deserialize(item)
|
||||||
user.check_create()
|
user.check_create()
|
||||||
# TODO(cp16net):Should users be allowed to create users
|
|
||||||
# 'os_admin' or 'debian-sys-maint'
|
cu = sql_query.CreateUser(user.name, host=user.host,
|
||||||
g = sql_query.Grant(user=user.name, host=user.host,
|
clear=user.password)
|
||||||
clear=user.password)
|
t = text(str(cu))
|
||||||
t = text(str(g))
|
client.execute(t, **cu.keyArgs)
|
||||||
client.execute(t)
|
|
||||||
for database in user.databases:
|
for database in user.databases:
|
||||||
mydb = models.MySQLSchema.deserialize(database)
|
mydb = models.MySQLSchema.deserialize(database)
|
||||||
g = sql_query.Grant(permissions='ALL', database=mydb.name,
|
g = sql_query.Grant(permissions='ALL', database=mydb.name,
|
||||||
user=user.name, host=user.host,
|
user=user.name, host=user.host)
|
||||||
clear=user.password)
|
|
||||||
t = text(str(g))
|
t = text(str(g))
|
||||||
client.execute(t)
|
client.execute(t)
|
||||||
|
|
||||||
@ -658,8 +657,22 @@ class BaseMySqlApp(object):
|
|||||||
"""
|
"""
|
||||||
LOG.debug("Creating Trove admin user '%s'.", ADMIN_USER_NAME)
|
LOG.debug("Creating Trove admin user '%s'.", ADMIN_USER_NAME)
|
||||||
host = "127.0.0.1"
|
host = "127.0.0.1"
|
||||||
|
try:
|
||||||
|
cu = sql_query.CreateUser(ADMIN_USER_NAME, host=host,
|
||||||
|
clear=password)
|
||||||
|
t = text(str(cu))
|
||||||
|
client.execute(t, **cu.keyArgs)
|
||||||
|
except (exc.OperationalError, exc.InternalError) as err:
|
||||||
|
# Ignore, user is already created, just reset the password
|
||||||
|
# (user will already exist in a restore from backup)
|
||||||
|
LOG.debug(err)
|
||||||
|
uu = sql_query.SetPassword(ADMIN_USER_NAME, host=host,
|
||||||
|
new_password=password)
|
||||||
|
t = text(str(uu))
|
||||||
|
client.execute(t)
|
||||||
|
|
||||||
g = sql_query.Grant(permissions='ALL', user=ADMIN_USER_NAME,
|
g = sql_query.Grant(permissions='ALL', user=ADMIN_USER_NAME,
|
||||||
host=host, grant_option=True, clear=password)
|
host=host, grant_option=True)
|
||||||
t = text(str(g))
|
t = text(str(g))
|
||||||
client.execute(t)
|
client.execute(t)
|
||||||
LOG.debug("Trove admin user '%s' created.", ADMIN_USER_NAME)
|
LOG.debug("Trove admin user '%s' created.", ADMIN_USER_NAME)
|
||||||
@ -1087,8 +1100,7 @@ class BaseMySqlRootAccess(object):
|
|||||||
g = sql_query.Grant(permissions=CONF.root_grant,
|
g = sql_query.Grant(permissions=CONF.root_grant,
|
||||||
user=user.name,
|
user=user.name,
|
||||||
host=user.host,
|
host=user.host,
|
||||||
grant_option=CONF.root_grant_option,
|
grant_option=CONF.root_grant_option)
|
||||||
clear=user.password)
|
|
||||||
|
|
||||||
t = text(str(g))
|
t = text(str(g))
|
||||||
client.execute(t)
|
client.execute(t)
|
||||||
|
|||||||
@ -39,7 +39,7 @@ class MySQLRestoreMixin(object):
|
|||||||
RESET_ROOT_SLEEP_INTERVAL = 10
|
RESET_ROOT_SLEEP_INTERVAL = 10
|
||||||
|
|
||||||
RESET_ROOT_MYSQL_COMMANDS = ("SET PASSWORD FOR "
|
RESET_ROOT_MYSQL_COMMANDS = ("SET PASSWORD FOR "
|
||||||
"'root'@'localhost'=PASSWORD('');")
|
"'root'@'localhost'='';")
|
||||||
# This is a suffix MySQL appends to the file name given in
|
# This is a suffix MySQL appends to the file name given in
|
||||||
# the '--log-error' startup parameter.
|
# the '--log-error' startup parameter.
|
||||||
_ERROR_LOG_SUFFIX = '.err'
|
_ERROR_LOG_SUFFIX = '.err'
|
||||||
|
|||||||
@ -468,13 +468,13 @@ class MySqlAdminTest(trove_testtools.TestCase):
|
|||||||
|
|
||||||
def test_change_passwords(self):
|
def test_change_passwords(self):
|
||||||
user = [{"name": "test_user", "host": "%", "password": "password"}]
|
user = [{"name": "test_user", "host": "%", "password": "password"}]
|
||||||
expected = ("SET PASSWORD FOR 'test_user'@'%' = PASSWORD('password');")
|
expected = ("SET PASSWORD FOR 'test_user'@'%' = 'password';")
|
||||||
with patch.object(self.mock_client, 'execute') as mock_execute:
|
with patch.object(self.mock_client, 'execute') as mock_execute:
|
||||||
self.mySqlAdmin.change_passwords(user)
|
self.mySqlAdmin.change_passwords(user)
|
||||||
self._assert_execute_call(expected, mock_execute)
|
self._assert_execute_call(expected, mock_execute)
|
||||||
|
|
||||||
def test_update_attributes_password(self):
|
def test_update_attributes_password(self):
|
||||||
expected = ("SET PASSWORD FOR 'test_user'@'%' = PASSWORD('password');")
|
expected = ("SET PASSWORD FOR 'test_user'@'%' = 'password';")
|
||||||
user = MagicMock()
|
user = MagicMock()
|
||||||
user.name = "test_user"
|
user.name = "test_user"
|
||||||
user.host = "%"
|
user.host = "%"
|
||||||
@ -558,14 +558,12 @@ class MySqlAdminTest(trove_testtools.TestCase):
|
|||||||
|
|
||||||
def test_create_user(self):
|
def test_create_user(self):
|
||||||
access_grants_expected = ("GRANT ALL PRIVILEGES ON `testDB`.* TO "
|
access_grants_expected = ("GRANT ALL PRIVILEGES ON `testDB`.* TO "
|
||||||
"`random`@`%` IDENTIFIED BY 'guesswhat';")
|
"`random`@`%`;")
|
||||||
create_user_expected = ("GRANT USAGE ON *.* TO `random`@`%` "
|
|
||||||
"IDENTIFIED BY 'guesswhat';")
|
|
||||||
|
|
||||||
with patch.object(self.mock_client, 'execute') as mock_execute:
|
with patch.object(self.mock_client, 'execute') as mock_execute:
|
||||||
self.mySqlAdmin.create_user(FAKE_USER)
|
self.mySqlAdmin.create_user(FAKE_USER)
|
||||||
self._assert_execute_call(create_user_expected,
|
mock_execute.assert_any_call(TextClauseMatcher('CREATE USER'),
|
||||||
mock_execute, call_idx=0)
|
user='random', host='%')
|
||||||
self._assert_execute_call(access_grants_expected,
|
self._assert_execute_call(access_grants_expected,
|
||||||
mock_execute, call_idx=1)
|
mock_execute, call_idx=1)
|
||||||
|
|
||||||
@ -1411,7 +1409,7 @@ class MySqlAppTest(trove_testtools.TestCase):
|
|||||||
self.mySqlApp.secure_root()
|
self.mySqlApp.secure_root()
|
||||||
update_root_password, _ = self.mock_execute.call_args_list[0]
|
update_root_password, _ = self.mock_execute.call_args_list[0]
|
||||||
update_expected = ("SET PASSWORD FOR 'root'@'localhost' = "
|
update_expected = ("SET PASSWORD FOR 'root'@'localhost' = "
|
||||||
"PASSWORD('some_password');")
|
"'some_password';")
|
||||||
|
|
||||||
remove_root, _ = self.mock_execute.call_args_list[1]
|
remove_root, _ = self.mock_execute.call_args_list[1]
|
||||||
remove_expected = ("DELETE FROM mysql.user WHERE "
|
remove_expected = ("DELETE FROM mysql.user WHERE "
|
||||||
|
|||||||
@ -403,7 +403,7 @@ class SetPasswordTest(QueryTestBase):
|
|||||||
uu = sql_query.SetPassword(user=username, host=hostname,
|
uu = sql_query.SetPassword(user=username, host=hostname,
|
||||||
new_password=new_password)
|
new_password=new_password)
|
||||||
self.assertEqual("SET PASSWORD FOR 'root'@'localhost' = "
|
self.assertEqual("SET PASSWORD FOR 'root'@'localhost' = "
|
||||||
"PASSWORD('new_password');", str(uu))
|
"'new_password';", str(uu))
|
||||||
|
|
||||||
|
|
||||||
class DropUserTest(QueryTestBase):
|
class DropUserTest(QueryTestBase):
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user