Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add OceanBase support for creating user and setting password #694

Closed
wants to merge 1 commit into from
Closed

Add OceanBase support for creating user and setting password #694

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion plugins/module_utils/implementations/mysql/user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,10 @@ def use_old_user_mgmt(cursor):

return LooseVersion(version) < LooseVersion("5.7")


def use_oceanbase(cursor):
version = get_server_version(cursor)
return 'oceanbase' in version.lower()

def supports_identified_by_password(cursor):
version = get_server_version(cursor)
return LooseVersion(version) < LooseVersion("8")
Expand Down
12 changes: 11 additions & 1 deletion plugins/module_utils/user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,8 @@
# Determine what user management method server uses
impl = get_user_implementation(cursor)
old_user_mgmt = impl.use_old_user_mgmt(cursor)
# whether the server is oceanbase
use_oceanbase = impl.use_oceanbase(cursor)

mogrify = do_not_mogrify_requires if old_user_mgmt else mogrify_requires

Expand Down Expand Up @@ -202,7 +204,7 @@
else:
query_with_args = "CREATE USER %s@%s IDENTIFIED WITH mysql_native_password AS %s", (user, host, password)
elif password and not encrypted:
if old_user_mgmt:
if old_user_mgmt or use_oceanbase:
query_with_args = "CREATE USER %s@%s IDENTIFIED BY %s", (user, host, password)
else:
cursor.execute("SELECT CONCAT('*', UCASE(SHA1(UNHEX(SHA1(%s)))))", (password,))
Expand Down Expand Up @@ -272,6 +274,8 @@
# Determine what user management method server uses
impl = get_user_implementation(cursor)
old_user_mgmt = impl.use_old_user_mgmt(cursor)
# whether the server is oceanbase
use_oceanbase = impl.use_oceanbase(cursor)

if host_all and not role:
hostnames = user_get_hostnames(cursor, user)
Expand Down Expand Up @@ -321,6 +325,9 @@
else:
cursor.execute("SELECT CONCAT('*', UCASE(SHA1(UNHEX(SHA1(%s)))))", (password,))
encrypted_password = cursor.fetchone()[0]
# oceanbase encrypted password string are stored in lower case, so need to be converted to lower case for comparison
if use_oceanbase:
encrypted_password = encrypted_password.lower()

Check warning on line 330 in plugins/module_utils/user.py

View check run for this annotation

Codecov / codecov/patch

plugins/module_utils/user.py#L330 

Added line #L330 was not covered by tests

if current_pass_hash != encrypted_password:
password_changed = True
Expand All @@ -329,6 +336,9 @@
if old_user_mgmt:
cursor.execute("SET PASSWORD FOR %s@%s = %s", (user, host, encrypted_password))
msg = "Password updated (old style)"
elif use_oceanbase:
cursor.execute("SET PASSWORD FOR %s = PASSWORD(%s)", (user, encrypted_password))
msg = "Password updated (OceanBase style)"

Check warning on line 341 in plugins/module_utils/user.py

View check run for this annotation

Codecov / codecov/patch

plugins/module_utils/user.py#L340-L341 

Added lines #L340 - L341 were not covered by tests
else:
try:
cursor.execute("ALTER USER %s@%s IDENTIFIED WITH mysql_native_password AS %s", (user, host, encrypted_password))
Expand Down
Loading