From f92a24ef3d7d89204e6eb2cb953f5c803a723c85 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Wed, 31 Dec 2014 11:50:48 -0800 Subject: [PATCH] MODULES-1520 - update username validation Don't fail on validation where the user isn't quoted with special characters. The providers quote these strings by default. --- lib/puppet/type/mysql_grant.rb | 6 +++--- lib/puppet/type/mysql_user.rb | 6 +++--- spec/acceptance/types/mysql_grant_spec.rb | 22 ++++++++++++++++++++++ spec/acceptance/types/mysql_user_spec.rb | 21 +++++++++++++++++++++ spec/unit/puppet/type/mysql_user_spec.rb | 20 ++++++++++++++++---- 5 files changed, 65 insertions(+), 10 deletions(-) diff --git a/lib/puppet/type/mysql_grant.rb b/lib/puppet/type/mysql_grant.rb index 4c49ff857..5ec23fd16 100644 --- a/lib/puppet/type/mysql_grant.rb +++ b/lib/puppet/type/mysql_grant.rb @@ -70,9 +70,9 @@ def initialize(*args) elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-]+)/.match(value) user_part = matches[1] host_part = matches[2] - elsif matches = /^(?:(?!['`"]).*)([^0-9a-zA-Z$_]).*@.+$/.match(value) - # does not start with a quote, but contains a special character - raise(ArgumentError, "Database user #{value} must be properly quoted, invalid character: '#{matches[1]}'") + elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value) + user_part = matches[1] + host_part = matches[2] else raise(ArgumentError, "Invalid database user #{value}") end diff --git a/lib/puppet/type/mysql_user.rb b/lib/puppet/type/mysql_user.rb index 55a7a3404..c408ccd12 100644 --- a/lib/puppet/type/mysql_user.rb +++ b/lib/puppet/type/mysql_user.rb @@ -19,9 +19,9 @@ elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-]+)/.match(value) user_part = matches[1] host_part = matches[2] - elsif matches = /^(?:(?!['`"]).*)([^0-9a-zA-Z$_]).*@.+$/.match(value) - # does not start with a quote, but contains a special character - raise(ArgumentError, "Database user #{value} must be properly quoted, invalid character: '#{matches[1]}'") + elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value) + user_part = matches[1] + host_part = matches[2] else raise(ArgumentError, "Invalid database user #{value}") end diff --git a/spec/acceptance/types/mysql_grant_spec.rb b/spec/acceptance/types/mysql_grant_spec.rb index e3474c533..d0f94cc33 100644 --- a/spec/acceptance/types/mysql_grant_spec.rb +++ b/spec/acceptance/types/mysql_grant_spec.rb @@ -70,6 +70,28 @@ class { 'mysql::server': } end end + describe 'adding privileges with special character in name' do + it 'should work without errors' do + pp = <<-EOS + mysql_grant { 'test-2@tester/test.*': + ensure => 'present', + table => 'test.*', + user => 'test-2@tester', + privileges => ['SELECT', 'UPDATE'], + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"SHOW GRANTS FOR 'test-2'@tester\"") do |r| + expect(r.stdout).to match(/GRANT SELECT, UPDATE.*TO 'test-2'@'tester'/) + expect(r.stderr).to be_empty + end + end + end + describe 'adding privileges with invalid name' do it 'should fail' do pp = <<-EOS diff --git a/spec/acceptance/types/mysql_user_spec.rb b/spec/acceptance/types/mysql_user_spec.rb index a0fa4f78b..8584a1c3f 100644 --- a/spec/acceptance/types/mysql_user_spec.rb +++ b/spec/acceptance/types/mysql_user_spec.rb @@ -32,6 +32,27 @@ class { 'mysql::server': } end end + context 'using ashp-dash@localhost' do + describe 'adding user' do + it 'should work without errors' do + pp = <<-EOS + mysql_user { 'ashp-dash@localhost': + password_hash => '6f8c114b58f2ce9e', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp-dash@localhost'\"") do |r| + expect(r.stdout).to match(/^1$/) + expect(r.stderr).to be_empty + end + end + end + end + context 'using ashp@LocalHost' do describe 'adding user' do it 'should work without errors' do diff --git a/spec/unit/puppet/type/mysql_user_spec.rb b/spec/unit/puppet/type/mysql_user_spec.rb index 52439f468..be0a9b33a 100644 --- a/spec/unit/puppet/type/mysql_user_spec.rb +++ b/spec/unit/puppet/type/mysql_user_spec.rb @@ -49,6 +49,16 @@ end end + context 'ensure the default \'debian-sys-main\'@localhost user can be parsed' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => '\'debian-sys-maint\'@localhost', :password_hash => 'pass') + end + + it 'should accept a user name' do + expect(@user[:name]).to eq('\'debian-sys-maint\'@localhost') + end + end + context 'using a quoted 16 char username' do before :each do @user = Puppet::Type.type(:mysql_user).new(:name => '"debian-sys-maint"@localhost', :password_hash => 'pass') @@ -78,10 +88,12 @@ end context 'using in-valid@localhost' do - it 'should fail with an unquotted username with special char' do - expect { - Puppet::Type.type(:mysql_user).new(:name => 'in-valid@localhost', :password_hash => 'pass') - }.to raise_error /Database user in-valid@localhost must be properly quoted, invalid character: '-'/ + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => 'in-valid@localhost', :password_hash => 'pass') + end + + it 'should accept a user name with special chatracters' do + expect(@user[:name]).to eq('in-valid@localhost') end end