dsql-admin/dsql-app/package-shared/shell/mariadb-users/handleGrants.js

106 lines
3.2 KiB
JavaScript
Raw Permalink Normal View History

2024-12-06 13:24:26 +00:00
// @ts-check
const noDatabaseDbHandler = require("../utils/noDatabaseDbHandler");
/**
* @typedef {object} GrantType
* @property {string} database - Database Name
* @property {string} table - Table Name
* @property {string[]} privileges - Privileges
*/
/**
* Handle Grants for Users
* ================================================
* @param {object} params - Single object params
* @param {string} params.username - Username
* @param {string} params.host - Host
* @param {GrantType[]} params.grants - Grants
* @param {string} params.userId
*
* @returns {Promise<boolean>} success
*/
async function handleGrants({ username, host, grants, userId }) {
let success = false;
console.log(`Handling Grants for User =>`, username, host);
if (!username) {
console.log(`No username provided.`);
return success;
}
if (!host) {
console.log(
`No Host provided. \x1b[35m\`--host\`\x1b[0m flag is required`
);
return success;
}
if (!grants) {
console.log(`No grants Array provided.`);
return success;
}
try {
const existingUser = await noDatabaseDbHandler(
`SELECT * FROM mysql.user WHERE User = '${username}' AND Host = '${host}'`
);
const isUserExisting = Boolean(existingUser?.[0]?.User);
if (isUserExisting) {
const userGrants = await noDatabaseDbHandler(
`SHOW GRANTS FOR '${username}'@'${host}'`
);
for (let i = 0; i < userGrants.length; i++) {
const grantObject = userGrants[i];
const grant = grantObject?.[Object.keys(grantObject)[0]];
if (grant?.match(/GRANT .* PRIVILEGES ON .* TO/)) {
const revokeGrantText = grant
.replace(/GRANT/, "REVOKE")
.replace(/ TO /, " FROM ");
const revokePrivilege = await noDatabaseDbHandler(
revokeGrantText
);
}
}
/**
* @type {GrantType[]}
*/
const grantsArray = grants;
for (let i = 0; i < grantsArray.length; i++) {
const grantObject = grantsArray[i];
const { database, table, privileges } = grantObject;
const tableText = table == "*" ? "*" : `\`${table}\``;
const databaseText =
database == "*"
? `\`${process.env.DSQL_USER_DB_PREFIX}${userId}_%\``
: `\`${database}\``;
const privilegesText = privileges.includes("ALL")
? "ALL PRIVILEGES"
: privileges.join(", ");
const grantText = `GRANT ${privilegesText} ON ${databaseText}.${tableText} TO '${username}'@'${host}'`;
const grantPriviledge = await noDatabaseDbHandler(grantText);
}
}
success = true;
} catch (/** @type {any} */ error) {
console.log(`Error in adding SQL user =>`, error.message);
}
return success;
}
module.exports = handleGrants;