Fix user module for default roles (#718)

* mysql_user: fix crash when default role is set * tests: add DEFAULT role to user to force the module to fail * Add changelog fragment --------- Co-authored-by: “tkr” <“tim.kruth@wiit.cloud”>
2026-02-03 23:01:49 +00:00 · 2025-07-08 10:41:38 +02:00 · 2025-07-08 10:41:38 +02:00 · 6f0c0be929
commit 6f0c0be929
parent 67f1460070
4 changed files with 59 additions and 2 deletions
--- a/plugins/module_utils/user.py
+++ b/plugins/module_utils/user.py
@ -665,12 +665,19 @@ def privileges_get(cursor, user, host, maria_role=False):
            res = re.match("""GRANT (.+) ON (.+) TO .*""", grant[0])

        if res is None:
-            # If a user has roles assigned, we'll have one of priv tuples looking like
+            # If a user has roles or a default role assigned,
+            # we'll have some of the priv tuples looking either like
            # GRANT `admin`@`%` TO `user1`@`localhost`
+            # or
+            # SET DEFAULT ROLE `admin`@`%` FOR `user1`@`localhost`
            # which will result None as res value.
            # As we use the mysql_role module to manipulate roles
            # we just ignore such privs below:
-            res = re.match("""GRANT (.+) TO (['`"]).*""", grant[0])
+            res = re.match(
+                """GRANT (.+) TO (['`"]).*|SET DEFAULT ROLE (.+) FOR (['`"]).*""",
+                grant[0]
+            )
+
            if not maria_role and res:
                continue