gratan 0.1.0

data/spec/change/change_grants_3_spec.rb

@@ -0,0 +1,164 @@
+describe 'Gratan::Client#apply' do
+  before(:each) do
+    apply {
+      <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+      RUBY
+    }
+  end
+
+  context 'when grant privs' do
+    subject { client(dry_run: true) }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+    grant 'UPDATE (host)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+        "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+        "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when revoke privs' do
+    subject { client(dry_run: true) }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+  end
+
+  on 'mysql.user' do
+    grant 'UPDATE (host)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+        "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+        "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when grant/revoke privs' do
+    subject { client(dry_run: true) }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'mysql.user' do
+    grant 'UPDATE (host)'
+  end
+end
+
+user 'mary', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+        "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+        "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+      ]
+    end
+  end
+end

data/spec/change/change_grants_4_spec.rb

@@ -0,0 +1,37 @@
+describe 'Gratan::Client#apply' do
+  context 'when revoke privs with grant option' do
+    before do
+      apply {
+        <<-RUBY
+user 'scott', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*', with: 'GRANT OPTION' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+        RUBY
+      }
+    end
+
+    subject { client }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT USAGE ON *.* TO 'scott'@'localhost'",
+      ]
+    end
+  end
+end

data/spec/change/change_grants_spec.rb

@@ -0,0 +1,209 @@
+describe 'Gratan::Client#apply' do
+  before(:each) do
+    apply {
+      <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+      RUBY
+    }
+  end
+
+  context 'when grant privs' do
+    subject { client }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+    grant 'UPDATE (host)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+        "GRANT SELECT (user), UPDATE (host) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+        "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when revoke privs' do
+    subject { client }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+  end
+
+  on 'mysql.user' do
+    grant 'UPDATE (host)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+        "GRANT SELECT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT UPDATE (host) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when grant/revoke privs' do
+    subject { client }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'mysql.user' do
+    grant 'UPDATE (host)'
+  end
+end
+
+user 'mary', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON `test`.* TO 'mary'@'localhost'",
+        "GRANT SELECT, INSERT ON `test`.* TO 'scott'@'localhost'",
+        "GRANT UPDATE (host) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT USAGE ON *.* TO 'mary'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when all privileges is normalized' do
+    subject { client }
+
+    it do
+      result = apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL'
+  end
+end
+        RUBY
+      }
+
+      expect(result).to be_falsey
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+        "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+        "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+      ]
+    end
+  end
+end

data/spec/create/create_user_2_spec.rb

@@ -0,0 +1,139 @@
+describe 'Gratan::Client#apply' do
+  context 'when create user with auto identify' do
+    let(:auto_identifier) do
+      identifier = Gratan::Identifier::Auto.new('/dev/null')
+      allow(identifier).to receive(:mkpasswd) { 'foobarzoo' }
+      identifier
+    end
+
+    subject { client(identifier: auto_identifier) }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*6F498C84277BCC2089932690304BD4EDABC74547'",
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when create user with csv identify' do
+    let(:csv_identifier) do
+      identifier = nil
+
+      csv = <<-CSV
+scott@localhost,foobarzoo
+      CSV
+
+      tempfile(csv) do |f|
+        identifier = Gratan::Identifier::CSV.new(f.path)
+      end
+
+      identifier
+    end
+
+    subject { client(identifier: csv_identifier) }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*6F498C84277BCC2089932690304BD4EDABC74547'",
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when create user with csv identify (there is no password)' do
+    let(:logger) do
+      logger = Logger.new('/dev/null')
+      expect(logger).to receive(:warn).with('[WARN] password for `scott@localhost` can not be found')
+      logger
+    end
+
+    let(:csv_identifier) do
+      identifier = nil
+
+      csv = <<-CSV
+scott2@localhost,foobarzoo
+      CSV
+
+      tempfile(csv) do |f|
+        identifier = Gratan::Identifier::CSV.new(f.path, logger: logger)
+      end
+
+      identifier
+    end
+
+    subject do
+      client(
+        identifier: csv_identifier,
+        logger: logger
+      )
+    end
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+      ]
+    end
+  end
+end

data/spec/create/create_user_3_spec.rb

@@ -0,0 +1,115 @@
+describe 'Gratan::Client#apply' do
+  context 'when create user' do
+    subject { client(dry_run: true) }
+
+    it do
+      result = apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+        RUBY
+      }
+
+      expect(result).to be_falsey
+      expect(show_grants).to match_array []
+    end
+  end
+
+  context 'when add user' do
+    before do
+      apply {
+        <<-RUBY
+user 'bob', '%', required: 'SSL' do
+  on '*.*' do
+    grant 'ALL PRIVILEGES'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+  end
+end
+        RUBY
+      }
+    end
+
+    subject { client(dry_run: true) }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'bob', '%', required: 'SSL' do
+  on '*.*' do
+    grant 'ALL PRIVILEGES'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+  end
+end
+
+user 'scott', 'localhost', identified: 'tiger' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array [
+        "GRANT ALL PRIVILEGES ON *.* TO 'bob'@'%' REQUIRE SSL",
+        "GRANT SELECT ON `test`.* TO 'bob'@'%'",
+      ]
+    end
+  end
+
+  context 'when create user with grant option' do
+    subject { client(dry_run: true) }
+
+    it do
+      apply(subject) {
+        <<-RUBY
+user 'scott', 'localhost', identified: 'tiger' do
+  on '*.*', with: 'grant option' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+        RUBY
+      }
+
+      expect(show_grants).to match_array []
+    end
+  end
+end