gratan 0.2.6 → 0.2.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -0
- data/bin/gratan +1 -0
- data/lib/gratan/driver.rb +6 -2
- data/lib/gratan/dsl/converter.rb +2 -2
- data/lib/gratan/exporter.rb +1 -0
- data/lib/gratan/version.rb +1 -1
- data/spec/change/change_grants_with_ignore_object_spec.rb +131 -0
- data/spec/create/create_user_with_ignore_object_spec.rb +76 -0
- data/spec/export/export_chunk_spec.rb +5 -5
- data/spec/export/export_with_ignore_object_spec.rb +109 -0
- metadata +9 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d7351dc27969d2d348085464822282e02791aaaf
|
4
|
+
data.tar.gz: 35721b2caab84b866744e7a0dc91f80db3812c7a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3e7aa3056a461b53bcbb3ffbf59edf097327b91e66f05a80051b174339f43ec31cfadf30ac93d6d04400dad37caa2045d11fb3d60d592254fdb2a1ee53293b22
|
7
|
+
data.tar.gz: 3219b8636ed500ca60e34c8bf85b65ac97a41037eb536e2ae37a09c06cba3ddb7bcff102bcf738c2df505d12e94ed8bce26c7637dba5310f492032bae70767b8
|
data/README.md
CHANGED
data/bin/gratan
CHANGED
@@ -42,6 +42,7 @@ ARGV.options do |opt|
|
|
42
42
|
opt.on('-o', '--output FILE') {|v| output_file = v }
|
43
43
|
opt.on('' , '--ignore-user REGEXP') {|v| options[:ignore_user] = Regexp.new(v) }
|
44
44
|
opt.on('' , '--target-user REGEXP') {|v| options[:target_user] = Regexp.new(v) }
|
45
|
+
opt.on('' , '--ignore-object REGEXP') {|v| options[:ignore_object] = Regexp.new(v) }
|
45
46
|
opt.on('' , '--enable-expired') { options[:enable_expired] = true }
|
46
47
|
opt.on('' , '--ignore-not-exist') {|v| options[:ignore_not_exist] = true }
|
47
48
|
opt.on('' , '--no-color') { options[:color] = false }
|
data/lib/gratan/driver.rb
CHANGED
@@ -38,9 +38,13 @@ class Gratan::Driver
|
|
38
38
|
|
39
39
|
def expand_object(object_or_regexp)
|
40
40
|
if object_or_regexp.kind_of?(Regexp)
|
41
|
-
show_all_tables.select {|i| i =~ object_or_regexp }
|
41
|
+
objects = show_all_tables.select {|i| i =~ object_or_regexp }
|
42
42
|
else
|
43
|
-
[object_or_regexp]
|
43
|
+
objects = [object_or_regexp]
|
44
|
+
end
|
45
|
+
|
46
|
+
objects.select do |object|
|
47
|
+
object !~ @options[:ignore_object]
|
44
48
|
end
|
45
49
|
end
|
46
50
|
|
data/lib/gratan/dsl/converter.rb
CHANGED
@@ -38,7 +38,7 @@ end
|
|
38
38
|
end
|
39
39
|
|
40
40
|
def output_objects(objects)
|
41
|
-
objects.map {|object, grant|
|
41
|
+
objects.sort_by {|k, v| k }.map {|object, grant|
|
42
42
|
options = output_object_options(grant)
|
43
43
|
|
44
44
|
<<-EOS
|
@@ -61,7 +61,7 @@ end
|
|
61
61
|
end
|
62
62
|
|
63
63
|
def output_grant(grant)
|
64
|
-
grant[:privs].map {|priv|
|
64
|
+
grant[:privs].sort.map {|priv|
|
65
65
|
<<-EOS
|
66
66
|
grant #{priv.inspect}
|
67
67
|
EOS
|
data/lib/gratan/exporter.rb
CHANGED
data/lib/gratan/version.rb
CHANGED
@@ -0,0 +1,131 @@
|
|
1
|
+
describe 'Gratan::Client#apply' do
|
2
|
+
before(:each) do
|
3
|
+
apply {
|
4
|
+
<<-RUBY
|
5
|
+
user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
|
6
|
+
on '*.*' do
|
7
|
+
grant 'SELECT'
|
8
|
+
grant 'INSERT'
|
9
|
+
end
|
10
|
+
|
11
|
+
on 'test.*' do
|
12
|
+
grant 'UPDATE'
|
13
|
+
grant 'DELETE'
|
14
|
+
end
|
15
|
+
|
16
|
+
on 'mysql.user' do
|
17
|
+
grant 'SELECT (user)'
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
user 'bob', 'localhost' do
|
22
|
+
on '*.*' do
|
23
|
+
grant 'USAGE'
|
24
|
+
end
|
25
|
+
|
26
|
+
on 'test.*' do
|
27
|
+
grant 'ALL PRIVILEGES'
|
28
|
+
end
|
29
|
+
end
|
30
|
+
RUBY
|
31
|
+
}
|
32
|
+
end
|
33
|
+
|
34
|
+
context 'when grant privs with ignore_object' do
|
35
|
+
subject { client(ignore_object: /user/) }
|
36
|
+
|
37
|
+
it do
|
38
|
+
apply(subject) {
|
39
|
+
<<-RUBY
|
40
|
+
user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
|
41
|
+
on '*.*' do
|
42
|
+
grant 'SELECT'
|
43
|
+
grant 'INSERT'
|
44
|
+
grant 'UPDATE'
|
45
|
+
grant 'DELETE'
|
46
|
+
end
|
47
|
+
|
48
|
+
on 'test.*' do
|
49
|
+
grant 'SELECT'
|
50
|
+
grant 'INSERT'
|
51
|
+
grant 'UPDATE'
|
52
|
+
grant 'DELETE'
|
53
|
+
end
|
54
|
+
|
55
|
+
on 'mysql.user' do
|
56
|
+
grant 'SELECT (user)'
|
57
|
+
grant 'UPDATE (host)' # ignore
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
user 'bob', 'localhost' do
|
62
|
+
on '*.*' do
|
63
|
+
grant 'USAGE'
|
64
|
+
end
|
65
|
+
|
66
|
+
on 'test.*' do
|
67
|
+
grant 'ALL PRIVILEGES'
|
68
|
+
end
|
69
|
+
end
|
70
|
+
RUBY
|
71
|
+
}
|
72
|
+
|
73
|
+
expect(show_grants).to match_array [
|
74
|
+
"GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
|
75
|
+
"GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
|
76
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
|
77
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
|
78
|
+
"GRANT USAGE ON *.* TO 'bob'@'localhost'",
|
79
|
+
]
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
context 'when grant privs with ignore_object (2)' do
|
84
|
+
subject { client(ignore_object: /user2/) }
|
85
|
+
|
86
|
+
it do
|
87
|
+
apply(subject) {
|
88
|
+
<<-RUBY
|
89
|
+
user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
|
90
|
+
on '*.*' do
|
91
|
+
grant 'SELECT'
|
92
|
+
grant 'INSERT'
|
93
|
+
grant 'UPDATE'
|
94
|
+
grant 'DELETE'
|
95
|
+
end
|
96
|
+
|
97
|
+
on 'test.*' do
|
98
|
+
grant 'SELECT'
|
99
|
+
grant 'INSERT'
|
100
|
+
grant 'UPDATE'
|
101
|
+
grant 'DELETE'
|
102
|
+
end
|
103
|
+
|
104
|
+
on 'mysql.user' do
|
105
|
+
grant 'SELECT (user)'
|
106
|
+
grant 'UPDATE (host)'
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
user 'bob', 'localhost' do
|
111
|
+
on '*.*' do
|
112
|
+
grant 'USAGE'
|
113
|
+
end
|
114
|
+
|
115
|
+
on 'test.*' do
|
116
|
+
grant 'ALL PRIVILEGES'
|
117
|
+
end
|
118
|
+
end
|
119
|
+
RUBY
|
120
|
+
}
|
121
|
+
|
122
|
+
expect(show_grants).to match_array [
|
123
|
+
"GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
|
124
|
+
"GRANT SELECT (user), UPDATE (host) ON `mysql`.`user` TO 'scott'@'localhost'",
|
125
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
|
126
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
|
127
|
+
"GRANT USAGE ON *.* TO 'bob'@'localhost'",
|
128
|
+
]
|
129
|
+
end
|
130
|
+
end
|
131
|
+
end
|
@@ -0,0 +1,76 @@
|
|
1
|
+
describe 'Gratan::Client#apply' do
|
2
|
+
context 'when user does not exist' do
|
3
|
+
subject { client }
|
4
|
+
|
5
|
+
it do
|
6
|
+
result = apply(subject) { '' }
|
7
|
+
expect(result).to be_falsey
|
8
|
+
expect(show_grants).to match_array []
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
context 'when create user with ignore_object' do
|
13
|
+
subject { client(ignore_object: /test/) }
|
14
|
+
|
15
|
+
it do
|
16
|
+
result = apply(subject) {
|
17
|
+
<<-RUBY
|
18
|
+
user 'scott', 'localhost', identified: 'tiger' do
|
19
|
+
on '*.*' do
|
20
|
+
grant 'SELECT'
|
21
|
+
grant 'INSERT'
|
22
|
+
grant 'UPDATE'
|
23
|
+
grant 'DELETE'
|
24
|
+
end
|
25
|
+
|
26
|
+
on 'test.*' do
|
27
|
+
grant 'SELECT'
|
28
|
+
grant 'INSERT'
|
29
|
+
grant 'UPDATE'
|
30
|
+
grant 'DELETE'
|
31
|
+
end
|
32
|
+
end
|
33
|
+
RUBY
|
34
|
+
}
|
35
|
+
|
36
|
+
expect(result).to be_truthy
|
37
|
+
|
38
|
+
expect(show_grants).to match_array [
|
39
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40'",
|
40
|
+
]
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
context 'when create user with ignore_object (2)' do
|
45
|
+
subject { client(ignore_object: /test2/) }
|
46
|
+
|
47
|
+
it do
|
48
|
+
result = apply(subject) {
|
49
|
+
<<-RUBY
|
50
|
+
user 'scott', 'localhost', identified: 'tiger' do
|
51
|
+
on '*.*' do
|
52
|
+
grant 'SELECT'
|
53
|
+
grant 'INSERT'
|
54
|
+
grant 'UPDATE'
|
55
|
+
grant 'DELETE'
|
56
|
+
end
|
57
|
+
|
58
|
+
on 'test.*' do
|
59
|
+
grant 'SELECT'
|
60
|
+
grant 'INSERT'
|
61
|
+
grant 'UPDATE'
|
62
|
+
grant 'DELETE'
|
63
|
+
end
|
64
|
+
end
|
65
|
+
RUBY
|
66
|
+
}
|
67
|
+
|
68
|
+
expect(result).to be_truthy
|
69
|
+
|
70
|
+
expect(show_grants).to match_array [
|
71
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40'",
|
72
|
+
"GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
|
73
|
+
]
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
@@ -47,14 +47,14 @@ user "scott", ["%", "localhost"] do
|
|
47
47
|
grant "SELECT"
|
48
48
|
end
|
49
49
|
|
50
|
-
on "test3.*" do
|
51
|
-
grant "UPDATE"
|
52
|
-
grant "DELETE"
|
53
|
-
end
|
54
|
-
|
55
50
|
on "test2.*" do
|
56
51
|
grant "INSERT"
|
57
52
|
end
|
53
|
+
|
54
|
+
on "test3.*" do
|
55
|
+
grant "DELETE"
|
56
|
+
grant "UPDATE"
|
57
|
+
end
|
58
58
|
end
|
59
59
|
RUBY
|
60
60
|
end
|
@@ -0,0 +1,109 @@
|
|
1
|
+
describe 'Gratan::Client#export' do
|
2
|
+
context 'when with ignore_object' do
|
3
|
+
let(:grantfile) {
|
4
|
+
<<-RUBY
|
5
|
+
user "scott", "%" do
|
6
|
+
on "*.*" do
|
7
|
+
grant "USAGE"
|
8
|
+
end
|
9
|
+
|
10
|
+
on "test.*" do
|
11
|
+
grant "SELECT"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
user "bob", "localhost" do
|
16
|
+
on "*.*" do
|
17
|
+
grant "USAGE"
|
18
|
+
end
|
19
|
+
|
20
|
+
on "test.*" do
|
21
|
+
grant "SELECT"
|
22
|
+
end
|
23
|
+
end
|
24
|
+
RUBY
|
25
|
+
}
|
26
|
+
|
27
|
+
subject { client(ignore_object: /test/) }
|
28
|
+
|
29
|
+
before do
|
30
|
+
apply(subject) do
|
31
|
+
grantfile
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
it do
|
36
|
+
expect(subject.export.strip).to eq <<-RUBY.strip
|
37
|
+
user "scott", "%" do
|
38
|
+
on "*.*" do
|
39
|
+
grant "USAGE"
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
user "bob", "localhost" do
|
44
|
+
on "*.*" do
|
45
|
+
grant "USAGE"
|
46
|
+
end
|
47
|
+
end
|
48
|
+
RUBY
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
context 'when with ignore_object (2)' do
|
53
|
+
let(:grantfile) {
|
54
|
+
<<-RUBY
|
55
|
+
user "scott", "%" do
|
56
|
+
on "*.*" do
|
57
|
+
grant "USAGE"
|
58
|
+
end
|
59
|
+
|
60
|
+
on "test.*" do
|
61
|
+
grant "SELECT"
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
user "bob", "localhost" do
|
66
|
+
on "*.*" do
|
67
|
+
grant "USAGE"
|
68
|
+
end
|
69
|
+
|
70
|
+
on "test.*" do
|
71
|
+
grant "SELECT"
|
72
|
+
end
|
73
|
+
end
|
74
|
+
RUBY
|
75
|
+
}
|
76
|
+
|
77
|
+
subject { client(ignore_object: /bob/) }
|
78
|
+
|
79
|
+
before do
|
80
|
+
apply(subject) do
|
81
|
+
grantfile
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
it do
|
86
|
+
expect(subject.export.strip).to eq <<-RUBY.strip
|
87
|
+
user "scott", "%" do
|
88
|
+
on "*.*" do
|
89
|
+
grant "USAGE"
|
90
|
+
end
|
91
|
+
|
92
|
+
on "test.*" do
|
93
|
+
grant "SELECT"
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
user "bob", "localhost" do
|
98
|
+
on "*.*" do
|
99
|
+
grant "USAGE"
|
100
|
+
end
|
101
|
+
|
102
|
+
on "test.*" do
|
103
|
+
grant "SELECT"
|
104
|
+
end
|
105
|
+
end
|
106
|
+
RUBY
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gratan
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Genki Sugawara
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-11-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: mysql2
|
@@ -166,17 +166,20 @@ files:
|
|
166
166
|
- spec/change/change_grants_regexp_spec.rb
|
167
167
|
- spec/change/change_grants_spec.rb
|
168
168
|
- spec/change/change_grants_target_spec.rb
|
169
|
+
- spec/change/change_grants_with_ignore_object_spec.rb
|
169
170
|
- spec/create/create_user_2_spec.rb
|
170
171
|
- spec/create/create_user_3_spec.rb
|
171
172
|
- spec/create/create_user_multi_hosts_spec.rb
|
172
173
|
- spec/create/create_user_regexp_spec.rb
|
173
174
|
- spec/create/create_user_spec.rb
|
174
175
|
- spec/create/create_user_target_spec.rb
|
176
|
+
- spec/create/create_user_with_ignore_object_spec.rb
|
175
177
|
- spec/drop/drop_user_2_spec.rb
|
176
178
|
- spec/drop/drop_user_spec.rb
|
177
179
|
- spec/drop/expire_user_spec.rb
|
178
180
|
- spec/export/export_chunk_spec.rb
|
179
181
|
- spec/export/export_spec.rb
|
182
|
+
- spec/export/export_with_ignore_object_spec.rb
|
180
183
|
- spec/misc/misc_spec.rb
|
181
184
|
- spec/misc/require_spec.rb
|
182
185
|
- spec/spec_helper.rb
|
@@ -200,7 +203,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
200
203
|
version: '0'
|
201
204
|
requirements: []
|
202
205
|
rubyforge_project:
|
203
|
-
rubygems_version: 2.
|
206
|
+
rubygems_version: 2.4.1
|
204
207
|
signing_key:
|
205
208
|
specification_version: 4
|
206
209
|
summary: Gratan is a tool to manage MySQL permissions using Ruby DSL.
|
@@ -214,17 +217,20 @@ test_files:
|
|
214
217
|
- spec/change/change_grants_regexp_spec.rb
|
215
218
|
- spec/change/change_grants_spec.rb
|
216
219
|
- spec/change/change_grants_target_spec.rb
|
220
|
+
- spec/change/change_grants_with_ignore_object_spec.rb
|
217
221
|
- spec/create/create_user_2_spec.rb
|
218
222
|
- spec/create/create_user_3_spec.rb
|
219
223
|
- spec/create/create_user_multi_hosts_spec.rb
|
220
224
|
- spec/create/create_user_regexp_spec.rb
|
221
225
|
- spec/create/create_user_spec.rb
|
222
226
|
- spec/create/create_user_target_spec.rb
|
227
|
+
- spec/create/create_user_with_ignore_object_spec.rb
|
223
228
|
- spec/drop/drop_user_2_spec.rb
|
224
229
|
- spec/drop/drop_user_spec.rb
|
225
230
|
- spec/drop/expire_user_spec.rb
|
226
231
|
- spec/export/export_chunk_spec.rb
|
227
232
|
- spec/export/export_spec.rb
|
233
|
+
- spec/export/export_with_ignore_object_spec.rb
|
228
234
|
- spec/misc/misc_spec.rb
|
229
235
|
- spec/misc/require_spec.rb
|
230
236
|
- spec/spec_helper.rb
|