"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.default = refreshUsersAndGrants; const path_1 = __importDefault(require("path")); require("dotenv").config({ path: path_1.default.resolve(__dirname, "../../../.env") }); const generate_password_1 = __importDefault(require("generate-password")); const noDatabaseDbHandler_1 = __importDefault(require("../utils/noDatabaseDbHandler")); const dbHandler_1 = __importDefault(require("../utils/dbHandler")); const handleGrants_1 = __importDefault(require("./handleGrants")); const encrypt_1 = __importDefault(require("../../functions/dsql/encrypt")); const decrypt_1 = __importDefault(require("../../functions/dsql/decrypt")); const defaultMariadbUserHost = process.env.DSQL_DB_HOST || "127.0.0.1"; /** * # Refresh Mariadb User Grants */ function refreshUsersAndGrants(_a) { return __awaiter(this, arguments, void 0, function* ({ userId, mariadbUserHost, mariadbUsername, sqlUserID, }) { var _b, _c, _d, _e, _f; const mariadbUsers = (yield (0, dbHandler_1.default)({ query: `SELECT * FROM mariadb_users`, })); if (!(mariadbUsers === null || mariadbUsers === void 0 ? void 0 : mariadbUsers[0])) { return; } const isRootUser = userId ? userId == Number(process.env.DSQL_SU_USER_ID) : false; for (let i = 0; i < mariadbUsers.length; i++) { const mariadbUser = mariadbUsers[i]; if (!mariadbUser) continue; if (userId && mariadbUser.user_id != userId) continue; try { const { mariadb_user, mariadb_host, mariadb_pass, user_id } = mariadbUser; const existingUser = yield (0, noDatabaseDbHandler_1.default)(`SELECT * FROM mysql.user WHERE User = '${mariadb_user}' AND Host = '${mariadb_host}'`); const existingMariaDBUserArray = userId && sqlUserID ? yield (0, dbHandler_1.default)({ query: `SELECT * FROM mariadb_users WHERE id = ? AND user_id = ?`, values: [sqlUserID, userId], }) : null; const activeMariadbUserObject = Array.isArray(existingMariaDBUserArray) ? existingMariaDBUserArray === null || existingMariaDBUserArray === void 0 ? void 0 : existingMariaDBUserArray[0] : undefined; const isPrimary = activeMariadbUserObject ? ((_b = String(activeMariadbUserObject.primary)) === null || _b === void 0 ? void 0 : _b.match(/1/)) ? true : false : false; const isUserExisting = Boolean((_c = existingUser === null || existingUser === void 0 ? void 0 : existingUser[0]) === null || _c === void 0 ? void 0 : _c.User); const isThisPrimaryHost = Boolean(mariadbUserHost == defaultMariadbUserHost); const dslUsername = isRootUser ? mariadbUsername : `dsql_user_${user_id}`; const dsqlPassword = (activeMariadbUserObject === null || activeMariadbUserObject === void 0 ? void 0 : activeMariadbUserObject.password) ? activeMariadbUserObject.password : isUserExisting ? mariadb_pass : generate_password_1.default.generate({ length: 16, numbers: true, symbols: true, uppercase: true, exclude: "*#.'`\"", }); const encryptedPassword = (activeMariadbUserObject === null || activeMariadbUserObject === void 0 ? void 0 : activeMariadbUserObject.password) ? activeMariadbUserObject.password : isUserExisting ? mariadb_pass : (0, encrypt_1.default)({ data: dsqlPassword, encryptionKey: process.env.DSQL_ENCRYPTION_PASSWORD, encryptionSalt: process.env.DSQL_ENCRYPTION_SALT, }); if (!isUserExisting && !sqlUserID && !isPrimary && !mariadbUserHost && !mariadbUsername) { const createNewUser = yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${dslUsername}'@'${defaultMariadbUserHost}' IDENTIFIED BY '${dsqlPassword}'`); console.log("createNewUser", createNewUser); console.log(`User ${mariadbUser.id}: ${mariadbUser.first_name} ${mariadbUser.last_name} SQL credentials successfully updated.`); const updateUser = yield (0, dbHandler_1.default)({ query: `UPDATE users SET mariadb_user = ?, mariadb_host = ?, mariadb_pass = ? WHERE id = ?`, values: [ dslUsername, defaultMariadbUserHost, encryptedPassword, mariadbUser.id, ], }); } else if (!isUserExisting && mariadbUserHost) { const createNewUser = yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${dslUsername}'@'${mariadbUserHost}' IDENTIFIED BY '${dsqlPassword}'`); } if (isPrimary) { const finalHost = mariadbUserHost ? mariadbUserHost : mariadb_host; const updateUser = yield (0, dbHandler_1.default)({ query: `UPDATE users SET mariadb_user = ?, mariadb_host = ?, mariadb_pass = ? WHERE id = ?`, values: [ dslUsername, finalHost, encryptedPassword, mariadbUser.id, ], }); } ////////////////////////////////////////////// ////////////////////////////////////////////// ////////////////////////////////////////////// /** * @description Handle mariadb_users table */ const existingMariadbPrimaryUser = yield (0, dbHandler_1.default)({ query: `SELECT * FROM mariadb_users WHERE user_id = ? AND \`primary\` = 1`, values: [user_id], }); const isPrimaryUserExisting = Boolean(Array.isArray(existingMariadbPrimaryUser) && ((_d = existingMariadbPrimaryUser === null || existingMariadbPrimaryUser === void 0 ? void 0 : existingMariadbPrimaryUser[0]) === null || _d === void 0 ? void 0 : _d.user_id)); const primaryUserGrants = [ { database: "*", table: "*", privileges: ["ALL"], }, ]; if (!isPrimaryUserExisting) { const insertPrimaryMariadbUser = yield (0, dbHandler_1.default)({ query: `INSERT INTO mariadb_users (user_id, username, password, \`primary\`, grants) VALUES (?, ?, ?, ?, ?)`, values: [ user_id, dslUsername, encryptedPassword, "1", JSON.stringify(primaryUserGrants), ], }); } ////////////////////////////////////////////// const existingExtraMariadbUsers = yield (0, dbHandler_1.default)({ query: `SELECT * FROM mariadb_users WHERE user_id = ? AND \`primary\` != '1'`, values: [user_id], }); if (Array.isArray(existingExtraMariadbUsers)) { for (let i = 0; i < existingExtraMariadbUsers.length; i++) { const _mariadbUser = existingExtraMariadbUsers[i]; if (_mariadbUser && _mariadbUser.username != mariadbUsername) continue; if (mariadbUserHost && _mariadbUser.host != mariadbUserHost) continue; const decrptedPassword = (0, decrypt_1.default)({ encryptedString: _mariadbUser.password || "", encryptionKey: process.env.DSQL_ENCRYPTION_PASSWORD, encryptionSalt: process.env.DSQL_ENCRYPTION_SALT, }); const existingExtraMariadbUser = yield (0, noDatabaseDbHandler_1.default)(`SELECT * FROM mysql.user WHERE User='${_mariadbUser.username}' AND Host='${_mariadbUser.host}'`); const isExtraMariadbUserExisting = Boolean((_e = existingExtraMariadbUser === null || existingExtraMariadbUser === void 0 ? void 0 : existingExtraMariadbUser[0]) === null || _e === void 0 ? void 0 : _e.User); if (!isExtraMariadbUserExisting) { yield (0, noDatabaseDbHandler_1.default)(`CREATE USER IF NOT EXISTS '${_mariadbUser.username}'@'${_mariadbUser.host}' IDENTIFIED BY '${decrptedPassword}'`); } const isGrantHandled = yield (0, handleGrants_1.default)({ username: _mariadbUser.username, host: _mariadbUser.host, grants: _mariadbUser.grants && typeof _mariadbUser.grants == "string" ? JSON.parse(_mariadbUser.grants) : [], userId: String(userId), }); if (!isGrantHandled) { console.log(`Error in handling grants for user ${_mariadbUser.username}@${_mariadbUser.host}`); } } } } catch (error) { (_f = global.ERROR_CALLBACK) === null || _f === void 0 ? void 0 : _f.call(global, `Error Refreshing MariaDB Users and Grants`, error); } } }); }