X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/faf8ae12e85eabb050b0f5eceb2cb67ad1de5261..d58406548fa7bfd73c181dc9c97081e87e3f7d20:/cookbooks/mysql/providers/database.rb

diff --git a/cookbooks/mysql/providers/database.rb b/cookbooks/mysql/providers/database.rb
index 29b38f70e..0e7e9091a 100644
--- a/cookbooks/mysql/providers/database.rb
+++ b/cookbooks/mysql/providers/database.rb
@@ -17,12 +17,14 @@
 # limitations under the License.
 #
 
+use_inline_resources
+
 def load_current_resource
   @mysql = Chef::MySQL.new
 
   @current_resource = Chef::Resource::MysqlDatabase.new(new_resource.name)
   @current_resource.database(new_resource.database)
-  if mysql_database = @mysql.databases[@current_resource.database]
+  if (mysql_database = @mysql.databases[@current_resource.database])
     @current_resource.permissions(mysql_database[:permissions])
   end
   @current_resource
@@ -36,20 +38,20 @@ action :create do
     end
   end
 
-  new_permissions = Hash[new_resource.permissions.collect do |user,privileges|
+  new_permissions = Hash[new_resource.permissions.collect do |user, privileges|
     [@mysql.canonicalise_user(user), privileges]
   end]
 
-  @current_resource.permissions.each do |user,privileges|
-    unless new_permissions[user]
-      converge_by("revoke all for #{user} on #{new_resource}") do
-        Chef::Log.info("Revoking all for #{user} on #{new_resource}")
-        @mysql.execute(:command => "REVOKE ALL ON `#{new_resource.database}`.* FROM #{user}")
-      end
+  @current_resource.permissions.each_key do |user|
+    next if new_permissions[user]
+
+    converge_by("revoke all for #{user} on #{new_resource}") do
+      Chef::Log.info("Revoking all for #{user} on #{new_resource}")
+      @mysql.execute(:command => "REVOKE ALL ON `#{new_resource.database}`.* FROM #{user}")
     end
   end
 
-  new_permissions.each do |user,new_privileges|
+  new_permissions.each do |user, new_privileges|
     current_privileges = @current_resource.permissions[user] || {}
     new_privileges = Array(new_privileges)
 
@@ -65,12 +67,10 @@ action :create do
             @mysql.execute(:command => "GRANT #{@mysql.privilege_name(privilege)} ON `#{new_resource.database}`.* TO #{user}")
           end
         end
-      else
-        if current_privileges.include?(privilege)
-          converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
-            Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
-            @mysql.execute(:command => "REVOKE #{@mysql.privilege_name(privilege)} ON `#{new_resource.database}`.* FROM #{user}")
-          end
+      elsif current_privileges.include?(privilege)
+        converge_by("revoke #{privilege} for #{user} on #{new_resource}") do
+          Chef::Log.info("Revoking #{privilege} for #{user} on #{new_resource}")
+          @mysql.execute(:command => "REVOKE #{@mysql.privilege_name(privilege)} ON `#{new_resource.database}`.* FROM #{user}")
         end
       end
     end