86 lines
2.9 KiB
TypeScript
Executable File
86 lines
2.9 KiB
TypeScript
Executable File
// @ts-check
|
|
|
|
////////////////////////////////////////
|
|
////////////////////////////////////////
|
|
////////////////////////////////////////
|
|
|
|
require("dotenv").config({ path: "./../.env" });
|
|
import generator from "generate-password";
|
|
import noDatabaseDbHandler from "./utils/noDatabaseDbHandler";
|
|
import dbHandler from "./utils/dbHandler";
|
|
import encrypt from "../functions/dsql/encrypt";
|
|
|
|
/** ****************************************************************************** */
|
|
/** ****************************************************************************** */
|
|
/** ****************************************************************************** */
|
|
/** ****************************************************************************** */
|
|
/** ****************************************************************************** */
|
|
/** ****************************************************************************** */
|
|
|
|
/**
|
|
* # Test SQL Escape
|
|
*/
|
|
export default async function testSQLEscape() {
|
|
const users = (await dbHandler({
|
|
query: `SELECT * FROM users`,
|
|
})) as any[];
|
|
|
|
if (!users) {
|
|
process.exit();
|
|
}
|
|
|
|
for (let i = 0; i < users.length; i++) {
|
|
const user = users[i];
|
|
|
|
if (!user) continue;
|
|
|
|
const defaultMariadbUserHost = process.env.DSQL_DB_HOST || "127.0.0.1";
|
|
|
|
try {
|
|
const username = `dsql_user_${user.id}`;
|
|
const password = generator.generate({
|
|
length: 16,
|
|
numbers: true,
|
|
symbols: true,
|
|
uppercase: true,
|
|
exclude: "*#.'`\"",
|
|
});
|
|
const encryptedPassword = encrypt({ data: password });
|
|
|
|
await noDatabaseDbHandler(
|
|
`DROP USER '${username}'@'${defaultMariadbUserHost}'`
|
|
);
|
|
|
|
await noDatabaseDbHandler(
|
|
`CREATE USER IF NOT EXISTS '${username}'@'${defaultMariadbUserHost}' IDENTIFIED BY '${password}'`
|
|
);
|
|
|
|
await noDatabaseDbHandler(
|
|
`GRANT ALL PRIVILEGES ON \`datasquirel\\_user\\_${user.id}\\_%\`.* TO '${username}'@'${defaultMariadbUserHost}'`
|
|
);
|
|
|
|
await noDatabaseDbHandler(`FLUSH PRIVILEGES`);
|
|
|
|
const updateUser = await dbHandler({
|
|
query: `UPDATE users SET mariadb_user = ?, mariadb_host = ? mariadb_pass = ? WHERE id = ?`,
|
|
values: [
|
|
username,
|
|
defaultMariadbUserHost,
|
|
encryptedPassword,
|
|
user.id,
|
|
],
|
|
});
|
|
|
|
console.log(
|
|
`User ${user.id}: ${user.first_name} ${user.last_name} SQL credentials successfully added.`
|
|
);
|
|
} catch (error: any) {
|
|
console.log(`Error in adding SQL user =>`, error.message);
|
|
}
|
|
}
|
|
|
|
process.exit();
|
|
}
|
|
|
|
testSQLEscape();
|