]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/mysql/providers/database.rb
Rework firewall rule handling
[chef.git] / cookbooks / mysql / providers / database.rb
index 556e40454673f27c1a6ebf8c2cf4c394198094ac..0e7e9091af6f394b88666178974c26d924d7a65a 100644 (file)
 # limitations under the License.
 #
 
 # limitations under the License.
 #
 
+use_inline_resources
+
 def load_current_resource
   @mysql = Chef::MySQL.new
 
   @current_resource = Chef::Resource::MysqlDatabase.new(new_resource.name)
   @current_resource.database(new_resource.database)
 def load_current_resource
   @mysql = Chef::MySQL.new
 
   @current_resource = Chef::Resource::MysqlDatabase.new(new_resource.name)
   @current_resource.database(new_resource.database)
-  if mysql_database = @mysql.databases[@current_resource.database]
+  if (mysql_database = @mysql.databases[@current_resource.database])
     @current_resource.permissions(mysql_database[:permissions])
   end
   @current_resource
     @current_resource.permissions(mysql_database[:permissions])
   end
   @current_resource
@@ -36,20 +38,20 @@ action :create do
     end
   end
 
     end
   end
 
-  new_permissions = Hash[new_resource.permissions.collect do |user,privileges|
+  new_permissions = Hash[new_resource.permissions.collect do |user, privileges|
     [@mysql.canonicalise_user(user), privileges]
   end]
 
   @current_resource.permissions.each_key do |user|
     [@mysql.canonicalise_user(user), privileges]
   end]
 
   @current_resource.permissions.each_key do |user|
-    unless new_permissions[user]
-      converge_by("revoke all for #{user} on #{new_resource}") do
-        Chef::Log.info("Revoking all for #{user} on #{new_resource}")
-        @mysql.execute(:command => "REVOKE ALL ON `#{new_resource.database}`.* FROM #{user}")
-      end
+    next if new_permissions[user]
+
+    converge_by("revoke all for #{user} on #{new_resource}") do
+      Chef::Log.info("Revoking all for #{user} on #{new_resource}")
+      @mysql.execute(:command => "REVOKE ALL ON `#{new_resource.database}`.* FROM #{user}")
     end
   end
 
     end
   end
 
-  new_permissions.each do |user,new_privileges|
+  new_permissions.each do |user, new_privileges|
     current_privileges = @current_resource.permissions[user] || {}
     new_privileges = Array(new_privileges)
 
     current_privileges = @current_resource.permissions[user] || {}
     new_privileges = Array(new_privileges)
 
@@ -65,12 +67,10 @@ action :create do
             @mysql.execute(:command => "GRANT #{@mysql.privilege_name(privilege)} ON `#{new_resource.database}`.* TO #{user}")
           end
         end
             @mysql.execute(:command => "GRANT #{@mysql.privilege_name(privilege)} ON `#{new_resource.database}`.* TO #{user}")
           end
         end
-      else
-        if current_privileges.include?(privilege)
-          converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
-            Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
-            @mysql.execute(:command => "REVOKE #{@mysql.privilege_name(privilege)} ON `#{new_resource.database}`.* FROM #{user}")
-          end
+      elsif current_privileges.include?(privilege)
+        converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
+          Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
+          @mysql.execute(:command => "REVOKE #{@mysql.privilege_name(privilege)} ON `#{new_resource.database}`.* FROM #{user}")
         end
       end
     end
         end
       end
     end