dsql-admin/dsql-app/init/init-sql/(functions)/check-dsql-users.ts

import dsql from "@moduletrace/datasquirel";

type MysqlUser = {
    User: string;
    Host: string;
};

export default async function initSQLCheckDsqlUsers() {
    const readOnlyUser = await dsql.utils.connDbHandler<MysqlUser[]>(
        global.INIT_SQL_ROOT_DB_CONN,
        `SELECT user,host FROM mysql.user WHERE user=? AND host=?`,
        [
            process.env.DSQL_DB_READ_ONLY_USERNAME,
            process.env.DSQL_DB_TARGET_IP_ADDRESS,
        ]
    );

    if (!readOnlyUser?.[0]?.User) {
        console.log(`Read Only User Does not Exit.`);

        const createReadOnlyUser = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `CREATE USER IF NOT EXISTS \
            '${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
            IDENTIFIED BY '${process.env.DSQL_DB_READ_ONLY_PASSWORD}'`
        );
    } else {
        console.log("Read Only User Exists");

        const grants = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `SHOW GRANTS FOR \
            '${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}'`
        );

        if (checkGrantsArrayForSSL(grants)) {
            const removeSSL = await dsql.utils.connDbHandler(
                global.INIT_SQL_ROOT_DB_CONN,
                `ALTER USER \
                '${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
                REQUIRE NONE`
            );
        }
    }

    const fullAccessUser = await dsql.utils.connDbHandler<MysqlUser[]>(
        global.INIT_SQL_ROOT_DB_CONN,
        `SELECT user,host FROM mysql.user WHERE user=? AND host=?`,
        [
            process.env.DSQL_DB_FULL_ACCESS_USERNAME,
            process.env.DSQL_DB_TARGET_IP_ADDRESS,
        ]
    );

    if (!fullAccessUser?.[0]?.User) {
        console.log(`Read Only User Does not Exit.`);

        const createReadOnlyUser = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `CREATE USER IF NOT EXISTS \
            '${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
            IDENTIFIED BY '${process.env.DSQL_DB_FULL_ACCESS_PASSWORD}'`
        );
    } else {
        console.log("Full Access User Exists");

        const grants = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `SHOW GRANTS FOR \
            '${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}'`
        );

        if (checkGrantsArrayForSSL(grants)) {
            const removeSSL = await dsql.utils.connDbHandler(
                global.INIT_SQL_ROOT_DB_CONN,
                `ALTER USER \
                '${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
                REQUIRE NONE`
            );
        }
    }
}

function checkGrantsArrayForSSL(array: any[]) {
    for (let i = 0; i < array.length; i++) {
        const element = array[i];
        const firstKey = Object.keys(element)[0];

        if (element[firstKey].match(/require ssl/i)) return true;
    }

    return false;
}
Updates 2025-01-13 08:00:21 +00:00			`import dsql from "@moduletrace/datasquirel";`

			`type MysqlUser = {`
			`User: string;`
			`Host: string;`
			`};`

			`export default async function initSQLCheckDsqlUsers() {`
			`const readOnlyUser = await dsql.utils.connDbHandler<MysqlUser[]>(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`SELECT user,host FROM mysql.user WHERE user=? AND host=?`,
			`[`
			`process.env.DSQL_DB_READ_ONLY_USERNAME,`
			`process.env.DSQL_DB_TARGET_IP_ADDRESS,`
			`]`
			`);`

			`if (!readOnlyUser?.[0]?.User) {`
			console.log(`Read Only User Does not Exit.`);

			`const createReadOnlyUser = await dsql.utils.connDbHandler(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`CREATE USER IF NOT EXISTS \
			`'${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \`
			IDENTIFIED BY '${process.env.DSQL_DB_READ_ONLY_PASSWORD}'`
			`);`
			`} else {`
			`console.log("Read Only User Exists");`

			`const grants = await dsql.utils.connDbHandler(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`SHOW GRANTS FOR \
			'${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}'`
			`);`

			`if (checkGrantsArrayForSSL(grants)) {`
			`const removeSSL = await dsql.utils.connDbHandler(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`ALTER USER \
			`'${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \`
			REQUIRE NONE`
			`);`
			`}`
			`}`

			`const fullAccessUser = await dsql.utils.connDbHandler<MysqlUser[]>(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`SELECT user,host FROM mysql.user WHERE user=? AND host=?`,
			`[`
			`process.env.DSQL_DB_FULL_ACCESS_USERNAME,`
			`process.env.DSQL_DB_TARGET_IP_ADDRESS,`
			`]`
			`);`

			`if (!fullAccessUser?.[0]?.User) {`
			console.log(`Read Only User Does not Exit.`);

			`const createReadOnlyUser = await dsql.utils.connDbHandler(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`CREATE USER IF NOT EXISTS \
			`'${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \`
			IDENTIFIED BY '${process.env.DSQL_DB_FULL_ACCESS_PASSWORD}'`
			`);`
			`} else {`
			`console.log("Full Access User Exists");`

			`const grants = await dsql.utils.connDbHandler(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`SHOW GRANTS FOR \
			'${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}'`
			`);`

			`if (checkGrantsArrayForSSL(grants)) {`
			`const removeSSL = await dsql.utils.connDbHandler(`
			`global.INIT_SQL_ROOT_DB_CONN,`
			`ALTER USER \
			`'${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \`
			REQUIRE NONE`
			`);`
			`}`
			`}`
			`}`

			`function checkGrantsArrayForSSL(array: any[]) {`
			`for (let i = 0; i < array.length; i++) {`
			`const element = array[i];`
			`const firstKey = Object.keys(element)[0];`

			`if (element[firstKey].match(/require ssl/i)) return true;`
			`}`

			`return false;`
			`}`