Merge pull request #40 from simpsora/broken_grant_check

Fix grants to work with wildcard hosts
boxen · Jul 30, 2014 · 9f462c6 · 9f462c6
2 parents 961dfb9 + 6ee4778
commit 9f462c6
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/manifests/user/grant.pp b/manifests/user/grant.pp
@@ -28,7 +28,7 @@
         -e \"grant ${grants} on ${database}.* to '${username}'@'${host}'; \
         flush privileges;\"",
       require => Exec['wait-for-mysql'],
-      unless  => "mysql -uroot -p13306 -e 'SHOW GRANTS FOR ${username}@${host};' \
+      unless  => "mysql -uroot -p13306 -e 'SHOW GRANTS FOR ${username}@'${host}';' \
         --password='' | grep -w '${database}' | grep -w '${grants}'"
     }
   } elsif $ensure == 'absent' {

diff --git a/spec/defines/user_grant_spec.rb b/spec/defines/user_grant_spec.rb
@@ -7,6 +7,8 @@
   let(:title) { 'name' }
   let(:user) { 'user' }
   let(:database) { 'database' }
+  let(:host) { '%' }
+  let(:grants) { 'ALL' }
 
   context "when ensure is present" do
     let(:params) do
@@ -26,6 +28,25 @@
     end
   end
 
+  context "when setting the host" do
+    let(:params) do
+      { :username => user,
+        :database => database,
+        :host     => host }
+    end
+
+    it "properly quotes the host" do
+      should contain_exec("granting #{user} access to #{database}").
+             with(
+               :command => "mysql -uroot -p13306 --password='' \
+        -e \"grant ALL on #{database}.* to '#{user}'@'#{host}'; \
+        flush privileges;\"",
+               :unless  => "mysql -uroot -p13306 -e 'SHOW GRANTS FOR #{user}@'#{host}';' \
+        --password='' | grep -w '#{database}' | grep -w '#{grants}'"
+        )
+    end
+  end
+
 
   context "when ensure is absent" do
     let(:params) do