Display a more informative error when InvalidPrivsError is raised (an…

…sible-collections#465) - continued adding fragment for changelog and fixing sanity errors.
bizmate · Nov 24, 2022 · d42eadb · d42eadb
1 parent d95435e
commit d42eadb
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 1 deletion.
diff --git a/changelogs/fragments/465-display_more_informative_invalid_priv_exceptiion.yml b/changelogs/fragments/465-display_more_informative_invalid_priv_exceptiion.yml
@@ -0,0 +1,5 @@
+---
+minor_changes:
+  - mysql_user - display a more informative invalid privilege exception.
+    Changes the exception handling of the granting permission logic to show the query executed 
+    and the exception message granting privileges fails` (https://github.com//pull/435).
diff --git a/plugins/module_utils/user.py b/plugins/module_utils/user.py
@@ -725,7 +725,7 @@ def privileges_grant(cursor, user, host, db_table, priv, tls_requires, maria_rol
     try:
         cursor.execute(query, params)
     except (mysql_driver.ProgrammingError, mysql_driver.OperationalError, mysql_driver.InternalError) as e:
-        raise InvalidPrivsError("Error granting privileges, invalid priv string: %s , query: %s , exception: %s." % (priv_string, query, str(e)) )
+        raise InvalidPrivsError("Error granting privileges, invalid priv string: %s , query: %s , exception: %s." % (priv_string, query, str(e)))
 
 
 def convert_priv_dict_to_str(priv):

diff --git a/tests/integration/targets/test_mysql_user/tasks/test_privs_issue_465.yml b/tests/integration/targets/test_mysql_user/tasks/test_privs_issue_465.yml
@@ -0,0 +1,53 @@
+# test code for privileges for mysql_user module - issue 465
+# (c) 2014,  Wayne Rosario <[email protected]>
+
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+- vars:
+    mysql_parameters: &mysql_params
+      login_user: '{{ mysql_user }}'
+      login_password: '{{ mysql_password }}'
+      login_host: 127.0.0.1
+      login_port: '{{ mysql_primary_port }}'
+
+  block:
+
+    # ============================================================
+    - name: create admin user with ALL privs, without GRANT OPTIONS
+      mysql_user:
+        <<: *mysql_params
+        name: '{{ user_name_1 }}'
+        password: '{{ user_password_1 }}'
+        priv: '*.{{ db_name }}:ALL'
+        state: present
+
+    - include: assert_user.yml user_name={{user_name_2}} priv='ALL'
+
+    - name: create consumer user with all privileges using admin user
+      mysql_user:
+        <<: *mysql_params
+        name: '{{ user_name_2 }}'
+        password: '{{ user_password_2 }}'
+        login_user: '{{ user_name_1 }}'
+        login_password: '{{ user_password_1 }}'
+        priv: '*.{{ db_name }}:ALL'
+        state: present
+      register: result
+
+    - name: assert output message for current privileges
+      assert:
+        that:
+          - result is changed