dsql-admin/dsql-app/package-shared/shell/mariadb-users/handleGrants.js

// @ts-check

const noDatabaseDbHandler = require("../utils/noDatabaseDbHandler");

/**
 * @typedef {object} GrantType
 * @property {string} database - Database Name
 * @property {string} table - Table Name
 * @property {string[]} privileges - Privileges
 */

/**
 * Handle Grants for Users
 * ================================================
 * @param {object} params - Single object params
 * @param {string} params.username - Username
 * @param {string} params.host - Host
 * @param {GrantType[]} params.grants - Grants
 * @param {string} params.userId
 *
 * @returns {Promise<boolean>} success
 */
async function handleGrants({ username, host, grants, userId }) {
    let success = false;

    console.log(`Handling Grants for User =>`, username, host);

    if (!username) {
        console.log(`No username provided.`);
        return success;
    }

    if (!host) {
        console.log(
            `No Host provided. \x1b[35m\`--host\`\x1b[0m flag is required`
        );
        return success;
    }

    if (!grants) {
        console.log(`No grants Array provided.`);
        return success;
    }

    try {
        const existingUser = await noDatabaseDbHandler(
            `SELECT * FROM mysql.user WHERE User = '${username}' AND Host = '${host}'`
        );

        const isUserExisting = Boolean(existingUser?.[0]?.User);

        if (isUserExisting) {
            const userGrants = await noDatabaseDbHandler(
                `SHOW GRANTS FOR '${username}'@'${host}'`
            );

            for (let i = 0; i < userGrants.length; i++) {
                const grantObject = userGrants[i];
                const grant = grantObject?.[Object.keys(grantObject)[0]];

                if (grant?.match(/GRANT .* PRIVILEGES ON .* TO/)) {
                    const revokeGrantText = grant
                        .replace(/GRANT/, "REVOKE")
                        .replace(/ TO /, " FROM ");

                    const revokePrivilege = await noDatabaseDbHandler(
                        revokeGrantText
                    );
                }
            }

            /**
             * @type {GrantType[]}
             */
            const grantsArray = grants;

            for (let i = 0; i < grantsArray.length; i++) {
                const grantObject = grantsArray[i];
                const { database, table, privileges } = grantObject;

                const tableText = table == "*" ? "*" : `\`${table}\``;
                const databaseText =
                    database == "*"
                        ? `\`${process.env.DSQL_USER_DB_PREFIX}${userId}_%\``
                        : `\`${database}\``;

                const privilegesText = privileges.includes("ALL")
                    ? "ALL PRIVILEGES"
                    : privileges.join(", ");

                const grantText = `GRANT ${privilegesText} ON ${databaseText}.${tableText} TO '${username}'@'${host}'`;

                const grantPriviledge = await noDatabaseDbHandler(grantText);
            }
        }

        success = true;
    } catch (/** @type {any} */ error) {
        console.log(`Error in adding SQL user =>`, error.message);
    }

    return success;
}

module.exports = handleGrants;
Updates 2024-12-06 13:24:26 +00:00			`// @ts-check`

			`const noDatabaseDbHandler = require("../utils/noDatabaseDbHandler");`

			`/**`
			`* @typedef {object} GrantType`
			`* @property {string} database - Database Name`
			`* @property {string} table - Table Name`
			`* @property {string[]} privileges - Privileges`
			`*/`

			`/**`
			`* Handle Grants for Users`
			`* ================================================`
			`* @param {object} params - Single object params`
			`* @param {string} params.username - Username`
			`* @param {string} params.host - Host`
			`* @param {GrantType[]} params.grants - Grants`
			`* @param {string} params.userId`
			`*`
			`* @returns {Promise<boolean>} success`
			`*/`
			`async function handleGrants({ username, host, grants, userId }) {`
			`let success = false;`

			console.log(`Handling Grants for User =>`, username, host);

			`if (!username) {`
			console.log(`No username provided.`);
			`return success;`
			`}`

			`if (!host) {`
			`console.log(`
			`No Host provided. \x1b[35m\`--host\`\x1b[0m flag is required`
			`);`
			`return success;`
			`}`

			`if (!grants) {`
			console.log(`No grants Array provided.`);
			`return success;`
			`}`

			`try {`
			`const existingUser = await noDatabaseDbHandler(`
			`SELECT * FROM mysql.user WHERE User = '${username}' AND Host = '${host}'`
			`);`

			`const isUserExisting = Boolean(existingUser?.[0]?.User);`

			`if (isUserExisting) {`
			`const userGrants = await noDatabaseDbHandler(`
			`SHOW GRANTS FOR '${username}'@'${host}'`
			`);`

			`for (let i = 0; i < userGrants.length; i++) {`
			`const grantObject = userGrants[i];`
			`const grant = grantObject?.[Object.keys(grantObject)[0]];`

			`if (grant?.match(/GRANT .* PRIVILEGES ON .* TO/)) {`
			`const revokeGrantText = grant`
			`.replace(/GRANT/, "REVOKE")`
			`.replace(/ TO /, " FROM ");`

			`const revokePrivilege = await noDatabaseDbHandler(`
			`revokeGrantText`
			`);`
			`}`
			`}`

			`/**`
			`* @type {GrantType[]}`
			`*/`
			`const grantsArray = grants;`

			`for (let i = 0; i < grantsArray.length; i++) {`
			`const grantObject = grantsArray[i];`
			`const { database, table, privileges } = grantObject;`

			const tableText = table == "" ? "" : `\`${table}\``;
			`const databaseText =`
			`database == "*"`
			? `\`${process.env.DSQL_USER_DB_PREFIX}${userId}_%\``
			: `\`${database}\``;

			`const privilegesText = privileges.includes("ALL")`
			`? "ALL PRIVILEGES"`
			`: privileges.join(", ");`

			const grantText = `GRANT ${privilegesText} ON ${databaseText}.${tableText} TO '${username}'@'${host}'`;

			`const grantPriviledge = await noDatabaseDbHandler(grantText);`
			`}`
			`}`

			`success = true;`
			`} catch (/** @type {any} */ error) {`
			console.log(`Error in adding SQL user =>`, error.message);
			`}`

			`return success;`
			`}`

			`module.exports = handleGrants;`