gratan 0.1.8 → 0.1.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -1
- data/bin/gratan +18 -18
- data/lib/gratan/client.rb +10 -0
- data/lib/gratan/version.rb +1 -1
- data/spec/change/change_grants_target_spec.rb +132 -0
- data/spec/create/create_user_target_spec.rb +81 -0
- metadata +6 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f8629e3700e4f0fe06c6bd8bf9280c9cf02ea02e
|
4
|
+
data.tar.gz: 6f7907b86cd2ce4542fec2fb280fcd9500cc8e58
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8c3138738f653f0054c5945e2cf59f8797eea7d6a15e0318b286b05a31830346544200f95af02ca1382e23955c050779e69094496ab56521b3b7ec312ad84790
|
7
|
+
data.tar.gz: 9a32dedcd234244f009bf6be01556c68fc7049240444b10745c8c62e0281c82b54441fa8b97613c8e102e7854f4d2de2d42f955ff264d52f98b8b7007feebc1a
|
data/README.md
CHANGED
data/bin/gratan
CHANGED
@@ -26,24 +26,24 @@ options = {
|
|
26
26
|
|
27
27
|
ARGV.options do |opt|
|
28
28
|
begin
|
29
|
-
opt.on('' , '--host HOST')
|
30
|
-
opt.on('' , '--port PORT', Integer)
|
31
|
-
opt.on('' , '--socket SOCKET')
|
32
|
-
opt.on('' , '--username USERNAME')
|
33
|
-
opt.on('' , '--password PASSWORD')
|
34
|
-
opt.on('' , '--database DATABASE')
|
35
|
-
opt.on('-a', '--apply')
|
36
|
-
opt.on('-f', '--file FILE')
|
37
|
-
opt.on('' , '--dry-run')
|
38
|
-
opt.on('-e', '--export')
|
39
|
-
opt.on('' , '--with-identifier')
|
40
|
-
opt.on('' , '--
|
41
|
-
opt.on(''
|
42
|
-
opt.on('
|
43
|
-
opt.on('' , '--
|
44
|
-
opt.on('' , '--
|
45
|
-
opt.on('' , '--
|
46
|
-
|
29
|
+
opt.on('' , '--host HOST') {|v| mysql_options[:host] = v }
|
30
|
+
opt.on('' , '--port PORT', Integer) {|v| mysql_options[:port] = v }
|
31
|
+
opt.on('' , '--socket SOCKET') {|v| mysql_options[:socket] = v }
|
32
|
+
opt.on('' , '--username USERNAME') {|v| mysql_options[:username] = v }
|
33
|
+
opt.on('' , '--password PASSWORD') {|v| mysql_options[:password] = v }
|
34
|
+
opt.on('' , '--database DATABASE') {|v| mysql_options[:database] = v }
|
35
|
+
opt.on('-a', '--apply') { mode = :apply }
|
36
|
+
opt.on('-f', '--file FILE') {|v| file = v }
|
37
|
+
opt.on('' , '--dry-run') { options[:dry_run] = true }
|
38
|
+
opt.on('-e', '--export') { mode = :export }
|
39
|
+
opt.on('' , '--with-identifier') { options[:with_identifier] = true }
|
40
|
+
opt.on('' , '--split') { split = true }
|
41
|
+
opt.on('-o', '--output FILE') {|v| output_file = v }
|
42
|
+
opt.on('' , '--ignore-user REGEXP') {|v| options[:ignore_user] = Regexp.new(v) }
|
43
|
+
opt.on('' , '--target-user REGEXP') {|v| options[:target_user] = Regexp.new(v) }
|
44
|
+
opt.on('' , '--enable-expired') { options[:enable_expired] = true }
|
45
|
+
opt.on('' , '--no-color') { options[:color] = false }
|
46
|
+
opt.on('' , '--debug') { options[:debug] = true }
|
47
47
|
opt.on('' , '--auto-identify OUTPUT') {|v| options[:identifier] = Gratan::Identifier::Auto.new(v, options) }
|
48
48
|
opt.on('' , '--csv-identify CSV') {|v| options[:identifier] = Gratan::Identifier::CSV.new(v, options) }
|
49
49
|
|
data/lib/gratan/client.rb
CHANGED
@@ -43,6 +43,11 @@ class Gratan::Client
|
|
43
43
|
|
44
44
|
expected.each do |user_host, expected_attrs|
|
45
45
|
next if user_host[0] =~ options[:ignore_user]
|
46
|
+
|
47
|
+
if options[:target_user]
|
48
|
+
next unless user_host[0] =~ options[:target_user]
|
49
|
+
end
|
50
|
+
|
46
51
|
actual_attrs = actual.delete(user_host)
|
47
52
|
|
48
53
|
if actual_attrs
|
@@ -54,6 +59,11 @@ class Gratan::Client
|
|
54
59
|
|
55
60
|
actual.each do |user_host, attrs|
|
56
61
|
next if user_host[0] =~ options[:ignore_user]
|
62
|
+
|
63
|
+
if options[:target_user]
|
64
|
+
next unless user_host[0] =~ options[:target_user]
|
65
|
+
end
|
66
|
+
|
57
67
|
drop_user(*user_host)
|
58
68
|
end
|
59
69
|
end
|
data/lib/gratan/version.rb
CHANGED
@@ -0,0 +1,132 @@
|
|
1
|
+
describe 'Gratan::Client#apply' do
|
2
|
+
before(:each) do
|
3
|
+
apply {
|
4
|
+
<<-RUBY
|
5
|
+
user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
|
6
|
+
on '*.*' do
|
7
|
+
grant 'SELECT'
|
8
|
+
grant 'INSERT'
|
9
|
+
end
|
10
|
+
|
11
|
+
on 'test.*' do
|
12
|
+
grant 'UPDATE'
|
13
|
+
grant 'DELETE'
|
14
|
+
end
|
15
|
+
|
16
|
+
on 'mysql.user' do
|
17
|
+
grant 'SELECT (user)'
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
user 'bob', 'localhost' do
|
22
|
+
on '*.*' do
|
23
|
+
grant 'USAGE'
|
24
|
+
end
|
25
|
+
|
26
|
+
on 'test.*' do
|
27
|
+
grant 'ALL PRIVILEGES'
|
28
|
+
end
|
29
|
+
end
|
30
|
+
RUBY
|
31
|
+
}
|
32
|
+
end
|
33
|
+
|
34
|
+
context 'when grant privs with target' do
|
35
|
+
subject { client(target_user: /bob/) }
|
36
|
+
|
37
|
+
it do
|
38
|
+
apply(subject) {
|
39
|
+
<<-RUBY
|
40
|
+
user 'scott', 'localhost', required: 'SSL' do
|
41
|
+
on '*.*' do
|
42
|
+
grant 'SELECT'
|
43
|
+
grant 'INSERT'
|
44
|
+
grant 'UPDATE'
|
45
|
+
grant 'DELETE'
|
46
|
+
end
|
47
|
+
|
48
|
+
on 'test.*' do
|
49
|
+
grant 'SELECT'
|
50
|
+
grant 'INSERT'
|
51
|
+
grant 'UPDATE'
|
52
|
+
grant 'DELETE'
|
53
|
+
end
|
54
|
+
|
55
|
+
on 'mysql.user' do
|
56
|
+
grant 'SELECT (user)'
|
57
|
+
grant 'UPDATE (host)'
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
user 'bob', 'localhost' do
|
62
|
+
on '*.*' do
|
63
|
+
grant 'USAGE'
|
64
|
+
end
|
65
|
+
|
66
|
+
on 'test.*' do
|
67
|
+
grant 'SELECT'
|
68
|
+
end
|
69
|
+
end
|
70
|
+
RUBY
|
71
|
+
}
|
72
|
+
|
73
|
+
expect(show_grants).to match_array [
|
74
|
+
"GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
|
75
|
+
"GRANT SELECT ON `test`.* TO 'bob'@'localhost'",
|
76
|
+
"GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
|
77
|
+
"GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
|
78
|
+
"GRANT USAGE ON *.* TO 'bob'@'localhost'",
|
79
|
+
]
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
context 'when grant privs with target (no change)' do
|
84
|
+
subject { client(target_user: /mary/) }
|
85
|
+
|
86
|
+
it do
|
87
|
+
dsl = <<-RUBY
|
88
|
+
user 'scott', 'localhost', required: 'SSL' do
|
89
|
+
on '*.*' do
|
90
|
+
grant 'SELECT'
|
91
|
+
grant 'INSERT'
|
92
|
+
grant 'UPDATE'
|
93
|
+
grant 'DELETE'
|
94
|
+
end
|
95
|
+
|
96
|
+
on 'test.*' do
|
97
|
+
grant 'SELECT'
|
98
|
+
grant 'INSERT'
|
99
|
+
grant 'UPDATE'
|
100
|
+
grant 'DELETE'
|
101
|
+
end
|
102
|
+
|
103
|
+
on 'mysql.user' do
|
104
|
+
grant 'SELECT (user)'
|
105
|
+
grant 'UPDATE (host)'
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
user 'bob', 'localhost' do
|
110
|
+
on '*.*' do
|
111
|
+
grant 'USAGE'
|
112
|
+
end
|
113
|
+
|
114
|
+
on 'test.*' do
|
115
|
+
grant 'SELECT'
|
116
|
+
end
|
117
|
+
end
|
118
|
+
RUBY
|
119
|
+
|
120
|
+
result = apply(subject) { dsl }
|
121
|
+
expect(result).to be_falsey
|
122
|
+
|
123
|
+
expect(show_grants).to match_array [
|
124
|
+
"GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
|
125
|
+
"GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
|
126
|
+
"GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
|
127
|
+
"GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
|
128
|
+
"GRANT USAGE ON *.* TO 'bob'@'localhost'",
|
129
|
+
]
|
130
|
+
end
|
131
|
+
end
|
132
|
+
end
|
@@ -0,0 +1,81 @@
|
|
1
|
+
describe 'Gratan::Client#apply' do
|
2
|
+
context 'when create user with target' do
|
3
|
+
subject { client(target_user: /scott/) }
|
4
|
+
|
5
|
+
it do
|
6
|
+
apply(subject) {
|
7
|
+
<<-RUBY
|
8
|
+
user 'scott', 'localhost', identified: 'tiger' do
|
9
|
+
on '*.*' do
|
10
|
+
grant 'SELECT'
|
11
|
+
grant 'INSERT'
|
12
|
+
grant 'UPDATE'
|
13
|
+
grant 'DELETE'
|
14
|
+
end
|
15
|
+
|
16
|
+
on 'test.*' do
|
17
|
+
grant 'SELECT'
|
18
|
+
grant 'INSERT'
|
19
|
+
grant 'UPDATE'
|
20
|
+
grant 'DELETE'
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
user 'bob', '%', required: 'SSL' do
|
25
|
+
on '*.*' do
|
26
|
+
grant 'ALL PRIVILEGES'
|
27
|
+
end
|
28
|
+
|
29
|
+
on 'test.*' do
|
30
|
+
grant 'SELECT'
|
31
|
+
end
|
32
|
+
end
|
33
|
+
RUBY
|
34
|
+
}
|
35
|
+
|
36
|
+
expect(show_grants).to match_array [
|
37
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40'",
|
38
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
|
39
|
+
]
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
context 'when create user with target (no change)' do
|
44
|
+
subject { client(target_user: /mary/) }
|
45
|
+
|
46
|
+
it do
|
47
|
+
dsl = <<-RUBY
|
48
|
+
user 'scott', 'localhost', identified: 'tiger' do
|
49
|
+
on '*.*' do
|
50
|
+
grant 'SELECT'
|
51
|
+
grant 'INSERT'
|
52
|
+
grant 'UPDATE'
|
53
|
+
grant 'DELETE'
|
54
|
+
end
|
55
|
+
|
56
|
+
on 'test.*' do
|
57
|
+
grant 'SELECT'
|
58
|
+
grant 'INSERT'
|
59
|
+
grant 'UPDATE'
|
60
|
+
grant 'DELETE'
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
user 'bob', '%', required: 'SSL' do
|
65
|
+
on '*.*' do
|
66
|
+
grant 'ALL PRIVILEGES'
|
67
|
+
end
|
68
|
+
|
69
|
+
on 'test.*' do
|
70
|
+
grant 'SELECT'
|
71
|
+
end
|
72
|
+
end
|
73
|
+
RUBY
|
74
|
+
|
75
|
+
result = apply(subject) { dsl }
|
76
|
+
expect(result).to be_falsey
|
77
|
+
|
78
|
+
expect(show_grants).to match_array []
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gratan
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Genki Sugawara
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-10-
|
11
|
+
date: 2014-10-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: mysql2
|
@@ -150,11 +150,13 @@ files:
|
|
150
150
|
- spec/change/change_grants_multi_hosts_spec.rb
|
151
151
|
- spec/change/change_grants_regexp_spec.rb
|
152
152
|
- spec/change/change_grants_spec.rb
|
153
|
+
- spec/change/change_grants_target_spec.rb
|
153
154
|
- spec/create/create_user_2_spec.rb
|
154
155
|
- spec/create/create_user_3_spec.rb
|
155
156
|
- spec/create/create_user_multi_hosts_spec.rb
|
156
157
|
- spec/create/create_user_regexp_spec.rb
|
157
158
|
- spec/create/create_user_spec.rb
|
159
|
+
- spec/create/create_user_target_spec.rb
|
158
160
|
- spec/drop/drop_user_2_spec.rb
|
159
161
|
- spec/drop/drop_user_spec.rb
|
160
162
|
- spec/drop/expire_user_spec.rb
|
@@ -194,11 +196,13 @@ test_files:
|
|
194
196
|
- spec/change/change_grants_multi_hosts_spec.rb
|
195
197
|
- spec/change/change_grants_regexp_spec.rb
|
196
198
|
- spec/change/change_grants_spec.rb
|
199
|
+
- spec/change/change_grants_target_spec.rb
|
197
200
|
- spec/create/create_user_2_spec.rb
|
198
201
|
- spec/create/create_user_3_spec.rb
|
199
202
|
- spec/create/create_user_multi_hosts_spec.rb
|
200
203
|
- spec/create/create_user_regexp_spec.rb
|
201
204
|
- spec/create/create_user_spec.rb
|
205
|
+
- spec/create/create_user_target_spec.rb
|
202
206
|
- spec/drop/drop_user_2_spec.rb
|
203
207
|
- spec/drop/drop_user_spec.rb
|
204
208
|
- spec/drop/expire_user_spec.rb
|