"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.default = refreshUsersAndGrants; const path_1 = __importDefault(require("path")); require("dotenv").config({ path: path_1.default.resolve(__dirname, "../../../.env") }); const generate_password_1 = __importDefault(require("generate-password")); const noDatabaseDbHandler_1 = __importDefault(require("../utils/noDatabaseDbHandler")); const dbHandler_1 = __importDefault(require("../utils/dbHandler")); const handleGrants_1 = __importDefault(require("./handleGrants")); const encrypt_1 = __importDefault(require("../../functions/dsql/encrypt")); const decrypt_1 = __importDefault(require("../../functions/dsql/decrypt")); const defaultMariadbUserHost = process.env.DSQL_DB_HOST || "127.0.0.1"; /** * # Refresh Mariadb User Grants */ function refreshUsersAndGrants(_a) { return __awaiter(this, arguments, void 0, function* ({ userId, mariadbUserHost, mariadbUser, sqlUserID, }) { var _b, _c, _d, _e; /** * @description Users * @type {*[] | null} */ // @ts-ignore const users = yield (0, dbHandler_1.default)({ query: `SELECT * FROM users`, }); if (!(users === null || users === void 0 ? void 0 : users[0])) { process.exit(); } for (let i = 0; i < users.length; i++) { const user = users[i]; if (!user) continue; if (userId && user.id != userId) continue; try { const { mariadb_user, mariadb_host, mariadb_pass, id } = user; const existingUser = yield (0, noDatabaseDbHandler_1.default)(`SELECT * FROM mysql.user WHERE User = '${mariadb_user}' AND Host = '${mariadb_host}'`); const existingMariaDBUserArray = userId && sqlUserID ? yield (0, dbHandler_1.default)({ query: `SELECT * FROM mariadb_users WHERE id = ? AND user_id = ?`, values: [sqlUserID, userId], }) : null; /** * @type {import("../../types").MYSQL_mariadb_users_table_def | undefined} */ const activeMariadbUserObject = Array.isArray(existingMariaDBUserArray) ? existingMariaDBUserArray === null || existingMariaDBUserArray === void 0 ? void 0 : existingMariaDBUserArray[0] : undefined; const isPrimary = activeMariadbUserObject ? ((_b = String(activeMariadbUserObject.primary)) === null || _b === void 0 ? void 0 : _b.match(/1/)) ? true : false : false; const isUserExisting = Boolean((_c = existingUser === null || existingUser === void 0 ? void 0 : existingUser[0]) === null || _c === void 0 ? void 0 : _c.User); const isThisPrimaryHost = Boolean(mariadbUserHost == defaultMariadbUserHost); const dslUsername = `dsql_user_${id}`; const dsqlPassword = (activeMariadbUserObject === null || activeMariadbUserObject === void 0 ? void 0 : activeMariadbUserObject.password) ? activeMariadbUserObject.password : isUserExisting ? mariadb_pass : generate_password_1.default.generate({ length: 16, numbers: true, symbols: true, uppercase: true, exclude: "*#.'`\"", }); const encryptedPassword = (activeMariadbUserObject === null || activeMariadbUserObject === void 0 ? void 0 : activeMariadbUserObject.password) ? activeMariadbUserObject.password : isUserExisting ? mariadb_pass : (0, encrypt_1.default)({ data: dsqlPassword, encryptionKey: process.env.DSQL_ENCRYPTION_PASSWORD, encryptionSalt: process.env.DSQL_ENCRYPTION_SALT, }); if (!isUserExisting && !sqlUserID && !isPrimary && !mariadbUserHost && !mariadbUser) { const createNewUser = yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${dslUsername}'@'${defaultMariadbUserHost}' IDENTIFIED BY '${dsqlPassword}'`); console.log("createNewUser", createNewUser); console.log(`User ${user.id}: ${user.first_name} ${user.last_name} SQL credentials successfully updated.`); const updateUser = yield (0, dbHandler_1.default)({ query: `UPDATE users SET mariadb_user = ?, mariadb_host = ?, mariadb_pass = ? WHERE id = ?`, values: [ dslUsername, defaultMariadbUserHost, encryptedPassword, user.id, ], }); } if (isPrimary) { const finalHost = mariadbUserHost ? mariadbUserHost : mariadb_host; const updateUser = yield (0, dbHandler_1.default)({ query: `UPDATE users SET mariadb_user = ?, mariadb_host = ?, mariadb_pass = ? WHERE id = ?`, values: [ dslUsername, finalHost, encryptedPassword, user.id, ], }); } ////////////////////////////////////////////// ////////////////////////////////////////////// ////////////////////////////////////////////// /** * @description Handle mariadb_users table */ const existingMariadbPrimaryUser = yield (0, dbHandler_1.default)({ query: `SELECT * FROM mariadb_users WHERE user_id = ? AND \`primary\` = 1`, values: [id], }); const isPrimaryUserExisting = Boolean(Array.isArray(existingMariadbPrimaryUser) && ((_d = existingMariadbPrimaryUser === null || existingMariadbPrimaryUser === void 0 ? void 0 : existingMariadbPrimaryUser[0]) === null || _d === void 0 ? void 0 : _d.user_id)); const primaryUserGrants = [ { database: "*", table: "*", privileges: ["ALL"], }, ]; if (!isPrimaryUserExisting) { const insertPrimaryMariadbUser = yield (0, dbHandler_1.default)({ query: `INSERT INTO mariadb_users (user_id, username, password, \`primary\`, grants) VALUES (?, ?, ?, ?, ?)`, values: [ id, dslUsername, encryptedPassword, "1", JSON.stringify(primaryUserGrants), ], }); } ////////////////////////////////////////////// const existingExtraMariadbUsers = yield (0, dbHandler_1.default)({ query: `SELECT * FROM mariadb_users WHERE user_id = ? AND \`primary\` != '1'`, values: [id], }); if (Array.isArray(existingExtraMariadbUsers)) { for (let i = 0; i < existingExtraMariadbUsers.length; i++) { const mariadbUser = existingExtraMariadbUsers[i]; const { user_id, username, host, password, primary, grants, } = mariadbUser; if (mariadbUser && username != mariadbUser) continue; if (mariadbUserHost && host != mariadbUserHost) continue; const decrptedPassword = (0, decrypt_1.default)({ encryptedString: password, encryptionKey: process.env.DSQL_ENCRYPTION_PASSWORD, encryptionSalt: process.env.DSQL_ENCRYPTION_SALT, }); const existingExtraMariadbUser = yield (0, noDatabaseDbHandler_1.default)(`SELECT * FROM mysql.user WHERE User = '${username}' AND Host = '${host}'`); const isExtraMariadbUserExisting = Boolean((_e = existingExtraMariadbUser === null || existingExtraMariadbUser === void 0 ? void 0 : existingExtraMariadbUser[0]) === null || _e === void 0 ? void 0 : _e.User); if (!isExtraMariadbUserExisting) { yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${username}'@'${host}' IDENTIFIED BY '${decrptedPassword}'`); } const isGrantHandled = yield (0, handleGrants_1.default)({ username, host, grants: grants && typeof grants == "string" ? JSON.parse(grants) : [], userId: String(userId), }); if (!isGrantHandled) { console.log(`Error in handling grants for user ${username}@${host}`); } } } } catch (error) { console.log(`Error in adding SQL user =>`, error.message); } } }); }