Perform privilege grants/revokes only when required

Use `has_table_privileges` and `has_database_privileges`
to test whether a user already has a privilege before
granting it, or whether a user doesn't have  a privilege
before revoking it.
This commit is contained in:
Will Thames 2015-04-08 12:44:01 +10:00 committed by Matt Clay
parent 67d8ff197e
commit 34e0e17090

View file

@ -419,6 +419,8 @@ def revoke_privileges(cursor, user, privs):
return False return False
changed = False changed = False
revoke_funcs = dict(table=revoke_table_privilege, database=revoke_database_privilege)
check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
for type_ in privs: for type_ in privs:
revoke_func = { revoke_func = {
'table':revoke_table_privilege, 'table':revoke_table_privilege,
@ -434,6 +436,8 @@ def revoke_privileges(cursor, user, privs):
def grant_privileges(cursor, user, privs): def grant_privileges(cursor, user, privs):
if privs is None: if privs is None:
return False return False
grant_funcs = dict(table=grant_table_privilege, database=grant_database_privilege)
check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
changed = False changed = False
for type_ in privs: for type_ in privs: