From 887629c8a185d802a156b01c09a807ec76f04e70 Mon Sep 17 00:00:00 2001
From: root <root@puppetmaster.black.co.at>
Date: Thu, 11 Oct 2007 14:49:24 +0200
Subject: mysql: manage password of a user

---
 plugins/puppet/parser/functions/mysql_password.rb | 9 +++++++++
 plugins/puppet/provider/mysql_user/mysql.rb       | 8 ++++++++
 plugins/puppet/type/mysql_user.rb                 | 4 ++--
 3 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 plugins/puppet/parser/functions/mysql_password.rb

diff --git a/plugins/puppet/parser/functions/mysql_password.rb b/plugins/puppet/parser/functions/mysql_password.rb
new file mode 100644
index 0000000..6443d95
--- /dev/null
+++ b/plugins/puppet/parser/functions/mysql_password.rb
@@ -0,0 +1,9 @@
+# hash a string as mysql's "PASSWORD()" function would do it
+require 'digest/sha1'
+
+module Puppet::Parser::Functions
+	newfunction(:mysql_password, :type => :rvalue) do |args|
+		'*' + Digest::SHA1.hexdigest(Digest::SHA1.digest(args[0])).upcase
+	end
+end
+
diff --git a/plugins/puppet/provider/mysql_user/mysql.rb b/plugins/puppet/provider/mysql_user/mysql.rb
index a1c2896..93024c5 100644
--- a/plugins/puppet/provider/mysql_user/mysql.rb
+++ b/plugins/puppet/provider/mysql_user/mysql.rb
@@ -15,5 +15,13 @@ Puppet::Type.type(:mysql_user).provide(:mysql) do
 			false
 		end
 	end
+
+	def password_hash
+		mysql("mysql", "-NBe", "select password from user where user='#{@resource[:name]}' and host='#{@resource[:host]}'").chomp
+	end
+
+	def password_hash=(string)
+		mysql "mysql", "-e", "SET PASSWORD FOR '#{@resource[:name]}'@'#{@resource[:host]}' = PASSWORD('#{string}')"
+	end
 end
 
diff --git a/plugins/puppet/type/mysql_user.rb b/plugins/puppet/type/mysql_user.rb
index 0005aed..d0756de 100644
--- a/plugins/puppet/type/mysql_user.rb
+++ b/plugins/puppet/type/mysql_user.rb
@@ -8,8 +8,8 @@ Puppet::Type.newtype(:mysql_user) do
 	newparam(:host) do
 		desc "The host from where to connect."
 	end
-	newparam(:password) do
-		desc "The password of the user."
+	newproperty(:password_hash) do
+		desc "The password hash of the user. Use mysql_password() for creating such a hash."
 	end
 end
 
-- 
cgit