import { UserType } from "../../../types"; import { DSQL_DATASQUIREL_MARIADB_USERS } from "../../../types/dsql"; import grabDbNames from "../../../utils/grab-db-names"; import normalizeText from "../../../utils/normalize-text"; import dbHandler from "../../backend/dbHandler"; import decrypt from "../../dsql/decrypt"; import { createNewSQLUser } from "./handle-mariadb-user-creation"; type Params = { user: UserType; updatedRecord: DSQL_DATASQUIREL_MARIADB_USERS; }; type Return = { msg?: string; success?: boolean; }; export default async function revokeAllExistingGrants({ user, updatedRecord, }: Params): Promise { const { userDbPrefix } = grabDbNames({ user }); const parsedPassword = decrypt({ encryptedString: updatedRecord?.password || "", }); const revokeAllPrivileges = await dbHandler({ query: normalizeText(` REVOKE ALL PRIVILEGES ON *.* FROM '${updatedRecord.username}'@'${updatedRecord.host}' `), }); if (!revokeAllPrivileges) { await createNewSQLUser({ host: updatedRecord.host, password: parsedPassword, username: updatedRecord.username, }); } const revokeGrantOption = await dbHandler({ query: normalizeText(` REVOKE GRANT OPTION ON *.* FROM '${updatedRecord.username}'@'${updatedRecord.host}' `), }); const userGrants = (await dbHandler({ query: `SHOW GRANTS FOR '${updatedRecord.username}'@'${updatedRecord.host}'`, })) as any[]; for (let i = 0; i < userGrants.length; i++) { const grantObject = userGrants[i]; const grant = grantObject?.[Object.keys(grantObject)[0]]; if (!grant?.match(/GRANT USAGE .* IDENTIFIED BY PASSWORD/)) { const revokeGrantText = grant .replace(/GRANT/, "REVOKE") .replace(/ TO /, " FROM "); const revokePrivilege = await dbHandler({ query: revokeGrantText }); } } const flushPrivileges = await dbHandler({ query: `FLUSH PRIVILEGES`, }); return { success: true }; }