46 lines
1.9 KiB
JavaScript
46 lines
1.9 KiB
JavaScript
import grabDbNames from "../../../utils/grab-db-names";
|
|
import normalizeText from "../../../utils/normalize-text";
|
|
import dbHandler from "../../backend/dbHandler";
|
|
import decrypt from "../../dsql/decrypt";
|
|
import { createNewSQLUser } from "./handle-mariadb-user-creation";
|
|
export default async function revokeAllExistingGrants({ user, updatedRecord, }) {
|
|
const { userDbPrefix } = grabDbNames({ user });
|
|
const parsedPassword = decrypt({
|
|
encryptedString: (updatedRecord === null || updatedRecord === void 0 ? void 0 : updatedRecord.password) || "",
|
|
});
|
|
const revokeAllPrivileges = await dbHandler({
|
|
query: normalizeText(`
|
|
REVOKE ALL PRIVILEGES ON *.* FROM '${updatedRecord.username}'@'${updatedRecord.host}'
|
|
`),
|
|
});
|
|
if (!revokeAllPrivileges) {
|
|
await createNewSQLUser({
|
|
host: updatedRecord.host,
|
|
password: parsedPassword,
|
|
username: updatedRecord.username,
|
|
});
|
|
}
|
|
const revokeGrantOption = await dbHandler({
|
|
query: normalizeText(`
|
|
REVOKE GRANT OPTION ON *.* FROM '${updatedRecord.username}'@'${updatedRecord.host}'
|
|
`),
|
|
});
|
|
const userGrants = (await dbHandler({
|
|
query: `SHOW GRANTS FOR '${updatedRecord.username}'@'${updatedRecord.host}'`,
|
|
}));
|
|
for (let i = 0; i < userGrants.length; i++) {
|
|
const grantObject = userGrants[i];
|
|
const grant = grantObject === null || grantObject === void 0 ? void 0 : grantObject[Object.keys(grantObject)[0]];
|
|
if (!(grant === null || grant === void 0 ? void 0 : grant.match(/GRANT USAGE .* IDENTIFIED BY PASSWORD/))) {
|
|
const revokeGrantText = grant
|
|
.replace(/GRANT/, "REVOKE")
|
|
.replace(/ TO /, " FROM ");
|
|
const revokePrivilege = await dbHandler({ query: revokeGrantText });
|
|
}
|
|
}
|
|
const flushPrivileges = await dbHandler({
|
|
query: `FLUSH PRIVILEGES`,
|
|
});
|
|
return { success: true };
|
|
}
|