"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.default = refreshUsersAndGrants;
const path_1 = __importDefault(require("path"));
require("dotenv").config({ path: path_1.default.resolve(__dirname, "../../../.env") });
const generate_password_1 = __importDefault(require("generate-password"));
const noDatabaseDbHandler_1 = __importDefault(require("../utils/noDatabaseDbHandler"));
const dbHandler_1 = __importDefault(require("../utils/dbHandler"));
const handleGrants_1 = __importDefault(require("./handleGrants"));
const encrypt_1 = __importDefault(require("../../functions/dsql/encrypt"));
const decrypt_1 = __importDefault(require("../../functions/dsql/decrypt"));
const defaultMariadbUserHost = process.env.DSQL_DB_HOST || "127.0.0.1";
/**
* # Refresh Mariadb User Grants
*/
function refreshUsersAndGrants(_a) {
return __awaiter(this, arguments, void 0, function* ({ userId, mariadbUserHost, mariadbUsername, sqlUserID, }) {
var _b, _c, _d, _e;
const mariadbUsers = (yield (0, dbHandler_1.default)({
query: `SELECT * FROM mariadb_users`,
}));
if (!(mariadbUsers === null || mariadbUsers === void 0 ? void 0 : mariadbUsers[0])) {
return;
}
const isRootUser = userId
? userId == Number(process.env.DSQL_SU_USER_ID)
: false;
for (let i = 0; i < mariadbUsers.length; i++) {
const mariadbUser = mariadbUsers[i];
if (!mariadbUser)
continue;
if (userId && mariadbUser.user_id != userId)
continue;
try {
const { mariadb_user, mariadb_host, mariadb_pass, user_id } = mariadbUser;
const existingUser = yield (0, noDatabaseDbHandler_1.default)(`SELECT * FROM mysql.user WHERE User = '${mariadb_user}' AND Host = '${mariadb_host}'`);
const existingMariaDBUserArray = userId && sqlUserID
? yield (0, dbHandler_1.default)({
query: `SELECT * FROM mariadb_users WHERE id = ? AND user_id = ?`,
values: [sqlUserID, userId],
})
: null;
const activeMariadbUserObject = Array.isArray(existingMariaDBUserArray)
? existingMariaDBUserArray === null || existingMariaDBUserArray === void 0 ? void 0 : existingMariaDBUserArray[0]
: undefined;
const isPrimary = activeMariadbUserObject
? ((_b = String(activeMariadbUserObject.primary)) === null || _b === void 0 ? void 0 : _b.match(/1/))
? true
: false
: false;
const isUserExisting = Boolean((_c = existingUser === null || existingUser === void 0 ? void 0 : existingUser[0]) === null || _c === void 0 ? void 0 : _c.User);
const isThisPrimaryHost = Boolean(mariadbUserHost == defaultMariadbUserHost);
const dslUsername = isRootUser
? mariadbUsername
: `dsql_user_${user_id}`;
const dsqlPassword = (activeMariadbUserObject === null || activeMariadbUserObject === void 0 ? void 0 : activeMariadbUserObject.password)
? activeMariadbUserObject.password
: isUserExisting
? mariadb_pass
: generate_password_1.default.generate({
length: 16,
numbers: true,
symbols: true,
uppercase: true,
exclude: "*#.'`\"",
});
const encryptedPassword = (activeMariadbUserObject === null || activeMariadbUserObject === void 0 ? void 0 : activeMariadbUserObject.password)
? activeMariadbUserObject.password
: isUserExisting
? mariadb_pass
: (0, encrypt_1.default)({
data: dsqlPassword,
encryptionKey: process.env.DSQL_ENCRYPTION_PASSWORD,
encryptionSalt: process.env.DSQL_ENCRYPTION_SALT,
});
if (!isUserExisting &&
!sqlUserID &&
!isPrimary &&
!mariadbUserHost &&
!mariadbUsername) {
const createNewUser = yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${dslUsername}'@'${defaultMariadbUserHost}' IDENTIFIED BY '${dsqlPassword}'`);
console.log("createNewUser", createNewUser);
console.log(`User ${mariadbUser.id}: ${mariadbUser.first_name} ${mariadbUser.last_name} SQL credentials successfully updated.`);
const updateUser = yield (0, dbHandler_1.default)({
query: `UPDATE users SET mariadb_user = ?, mariadb_host = ?, mariadb_pass = ? WHERE id = ?`,
values: [
dslUsername,
defaultMariadbUserHost,
encryptedPassword,
mariadbUser.id,
],
});
}
else if (!isUserExisting && mariadbUserHost) {
const createNewUser = yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${dslUsername}'@'${mariadbUserHost}' IDENTIFIED BY '${dsqlPassword}'`);
}
if (isPrimary) {
const finalHost = mariadbUserHost
? mariadbUserHost
: mariadb_host;
const updateUser = yield (0, dbHandler_1.default)({
query: `UPDATE users SET mariadb_user = ?, mariadb_host = ?, mariadb_pass = ? WHERE id = ?`,
values: [
dslUsername,
finalHost,
encryptedPassword,
mariadbUser.id,
],
});
}
//////////////////////////////////////////////
//////////////////////////////////////////////
//////////////////////////////////////////////
/**
* @description Handle mariadb_users table
*/
const existingMariadbPrimaryUser = yield (0, dbHandler_1.default)({
query: `SELECT * FROM mariadb_users WHERE user_id = ? AND \`primary\` = 1`,
values: [user_id],
});
const isPrimaryUserExisting = Boolean(Array.isArray(existingMariadbPrimaryUser) &&
((_d = existingMariadbPrimaryUser === null || existingMariadbPrimaryUser === void 0 ? void 0 : existingMariadbPrimaryUser[0]) === null || _d === void 0 ? void 0 : _d.user_id));
const primaryUserGrants = [
{
database: "*",
table: "*",
privileges: ["ALL"],
},
];
if (!isPrimaryUserExisting) {
const insertPrimaryMariadbUser = yield (0, dbHandler_1.default)({
query: `INSERT INTO mariadb_users (user_id, username, password, \`primary\`, grants) VALUES (?, ?, ?, ?, ?)`,
values: [
user_id,
dslUsername,
encryptedPassword,
"1",
JSON.stringify(primaryUserGrants),
],
});
}
//////////////////////////////////////////////
const existingExtraMariadbUsers = yield (0, dbHandler_1.default)({
query: `SELECT * FROM mariadb_users WHERE user_id = ? AND \`primary\` != '1'`,
values: [user_id],
});
if (Array.isArray(existingExtraMariadbUsers)) {
for (let i = 0; i < existingExtraMariadbUsers.length; i++) {
const _mariadbUser = existingExtraMariadbUsers[i];
if (_mariadbUser &&
_mariadbUser.username != mariadbUsername)
continue;
if (mariadbUserHost && _mariadbUser.host != mariadbUserHost)
continue;
const decrptedPassword = (0, decrypt_1.default)({
encryptedString: _mariadbUser.password || "",
encryptionKey: process.env.DSQL_ENCRYPTION_PASSWORD,
encryptionSalt: process.env.DSQL_ENCRYPTION_SALT,
});
const existingExtraMariadbUser = yield (0, noDatabaseDbHandler_1.default)(`SELECT * FROM mysql.user WHERE User='${_mariadbUser.username}' AND Host='${_mariadbUser.host}'`);
const isExtraMariadbUserExisting = Boolean((_e = existingExtraMariadbUser === null || existingExtraMariadbUser === void 0 ? void 0 : existingExtraMariadbUser[0]) === null || _e === void 0 ? void 0 : _e.User);
if (!isExtraMariadbUserExisting) {
yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${_mariadbUser.username}'@'${_mariadbUser.host}' IDENTIFIED BY '${decrptedPassword}'`);
}
const isGrantHandled = yield (0, handleGrants_1.default)({
username: _mariadbUser.username,
host: _mariadbUser.host,
grants: _mariadbUser.grants &&
typeof _mariadbUser.grants == "string"
? JSON.parse(_mariadbUser.grants)
: [],
userId: String(userId),
});
if (!isGrantHandled) {
console.log(`Error in handling grants for user ${_mariadbUser.username}@${_mariadbUser.host}`);
}
}
}
}
catch (error) {
console.log(`Error in adding SQL user =>`, error.message);
}
}
});
}