2025-01-10 19:10:28 +00:00
|
|
|
import noDatabaseDbHandler from "../utils/noDatabaseDbHandler";
|
2024-12-06 10:31:24 +00:00
|
|
|
|
2025-01-10 19:10:28 +00:00
|
|
|
export interface GrantType {
|
|
|
|
|
database: string;
|
|
|
|
|
table: string;
|
|
|
|
|
privileges: string[];
|
|
|
|
|
}
|
2024-12-06 10:31:24 +00:00
|
|
|
|
2025-01-10 19:10:28 +00:00
|
|
|
type Param = {
|
|
|
|
|
username: string;
|
|
|
|
|
host: string;
|
|
|
|
|
grants: GrantType[];
|
|
|
|
|
userId: string;
|
|
|
|
|
};
|
2024-12-06 10:31:24 +00:00
|
|
|
|
|
|
|
|
/**
|
2025-01-10 19:10:28 +00:00
|
|
|
* # Handle Grants for Users
|
2024-12-06 10:31:24 +00:00
|
|
|
*/
|
2025-01-10 19:10:28 +00:00
|
|
|
export default async function handleGrants({
|
|
|
|
|
username,
|
|
|
|
|
host,
|
|
|
|
|
grants,
|
|
|
|
|
userId,
|
|
|
|
|
}: Param): Promise<boolean> {
|
2024-12-06 10:31:24 +00:00
|
|
|
let success = false;
|
|
|
|
|
|
|
|
|
|
console.log(`Handling Grants for User =>`, username, host);
|
|
|
|
|
|
|
|
|
|
if (!username) {
|
|
|
|
|
console.log(`No username provided.`);
|
|
|
|
|
return success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!host) {
|
|
|
|
|
console.log(
|
|
|
|
|
`No Host provided. \x1b[35m\`--host\`\x1b[0m flag is required`
|
|
|
|
|
);
|
|
|
|
|
return success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!grants) {
|
|
|
|
|
console.log(`No grants Array provided.`);
|
|
|
|
|
return success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
const existingUser = await noDatabaseDbHandler(
|
|
|
|
|
`SELECT * FROM mysql.user WHERE User = '${username}' AND Host = '${host}'`
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const isUserExisting = Boolean(existingUser?.[0]?.User);
|
|
|
|
|
|
|
|
|
|
if (isUserExisting) {
|
|
|
|
|
const userGrants = await noDatabaseDbHandler(
|
|
|
|
|
`SHOW GRANTS FOR '${username}'@'${host}'`
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
for (let i = 0; i < userGrants.length; i++) {
|
|
|
|
|
const grantObject = userGrants[i];
|
|
|
|
|
const grant = grantObject?.[Object.keys(grantObject)[0]];
|
|
|
|
|
|
|
|
|
|
if (grant?.match(/GRANT .* PRIVILEGES ON .* TO/)) {
|
|
|
|
|
const revokeGrantText = grant
|
|
|
|
|
.replace(/GRANT/, "REVOKE")
|
|
|
|
|
.replace(/ TO /, " FROM ");
|
|
|
|
|
|
|
|
|
|
const revokePrivilege = await noDatabaseDbHandler(
|
|
|
|
|
revokeGrantText
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @type {GrantType[]}
|
|
|
|
|
*/
|
2025-01-10 19:10:28 +00:00
|
|
|
const grantsArray: GrantType[] = grants;
|
2024-12-06 10:31:24 +00:00
|
|
|
|
|
|
|
|
for (let i = 0; i < grantsArray.length; i++) {
|
|
|
|
|
const grantObject = grantsArray[i];
|
|
|
|
|
const { database, table, privileges } = grantObject;
|
|
|
|
|
|
|
|
|
|
const tableText = table == "*" ? "*" : `\`${table}\``;
|
|
|
|
|
const databaseText =
|
|
|
|
|
database == "*"
|
|
|
|
|
? `\`${process.env.DSQL_USER_DB_PREFIX}${userId}_%\``
|
|
|
|
|
: `\`${database}\``;
|
|
|
|
|
|
|
|
|
|
const privilegesText = privileges.includes("ALL")
|
|
|
|
|
? "ALL PRIVILEGES"
|
|
|
|
|
: privileges.join(", ");
|
|
|
|
|
|
|
|
|
|
const grantText = `GRANT ${privilegesText} ON ${databaseText}.${tableText} TO '${username}'@'${host}'`;
|
|
|
|
|
|
|
|
|
|
const grantPriviledge = await noDatabaseDbHandler(grantText);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
success = true;
|
2025-01-10 19:10:28 +00:00
|
|
|
} catch (/** @type {any} */ error: any) {
|
2024-12-06 10:31:24 +00:00
|
|
|
console.log(`Error in adding SQL user =>`, error.message);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return success;
|
|
|
|
|
}
|
