Perform privilege grants/revokes only when required
Use `has_table_privileges` and `has_database_privileges` to test whether a user already has a privilege before granting it, or whether a user doesn't have a privilege before revoking it.
This commit is contained in:
parent
67d8ff197e
commit
34e0e17090
1 changed files with 4 additions and 0 deletions
|
@ -419,6 +419,8 @@ def revoke_privileges(cursor, user, privs):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
changed = False
|
changed = False
|
||||||
|
revoke_funcs = dict(table=revoke_table_privilege, database=revoke_database_privilege)
|
||||||
|
check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
|
||||||
for type_ in privs:
|
for type_ in privs:
|
||||||
revoke_func = {
|
revoke_func = {
|
||||||
'table':revoke_table_privilege,
|
'table':revoke_table_privilege,
|
||||||
|
@ -434,6 +436,8 @@ def revoke_privileges(cursor, user, privs):
|
||||||
def grant_privileges(cursor, user, privs):
|
def grant_privileges(cursor, user, privs):
|
||||||
if privs is None:
|
if privs is None:
|
||||||
return False
|
return False
|
||||||
|
grant_funcs = dict(table=grant_table_privilege, database=grant_database_privilege)
|
||||||
|
check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
|
||||||
|
|
||||||
changed = False
|
changed = False
|
||||||
for type_ in privs:
|
for type_ in privs:
|
||||||
|
|
Loading…
Reference in a new issue