106 lines
3.2 KiB
JavaScript
Executable File
106 lines
3.2 KiB
JavaScript
Executable File
// @ts-check
|
|
|
|
const noDatabaseDbHandler = require("../utils/noDatabaseDbHandler");
|
|
|
|
/**
|
|
* @typedef {object} GrantType
|
|
* @property {string} database - Database Name
|
|
* @property {string} table - Table Name
|
|
* @property {string[]} privileges - Privileges
|
|
*/
|
|
|
|
/**
|
|
* Handle Grants for Users
|
|
* ================================================
|
|
* @param {object} params - Single object params
|
|
* @param {string} params.username - Username
|
|
* @param {string} params.host - Host
|
|
* @param {GrantType[]} params.grants - Grants
|
|
* @param {string} params.userId
|
|
*
|
|
* @returns {Promise<boolean>} success
|
|
*/
|
|
async function handleGrants({ username, host, grants, userId }) {
|
|
let success = false;
|
|
|
|
console.log(`Handling Grants for User =>`, username, host);
|
|
|
|
if (!username) {
|
|
console.log(`No username provided.`);
|
|
return success;
|
|
}
|
|
|
|
if (!host) {
|
|
console.log(
|
|
`No Host provided. \x1b[35m\`--host\`\x1b[0m flag is required`
|
|
);
|
|
return success;
|
|
}
|
|
|
|
if (!grants) {
|
|
console.log(`No grants Array provided.`);
|
|
return success;
|
|
}
|
|
|
|
try {
|
|
const existingUser = await noDatabaseDbHandler(
|
|
`SELECT * FROM mysql.user WHERE User = '${username}' AND Host = '${host}'`
|
|
);
|
|
|
|
const isUserExisting = Boolean(existingUser?.[0]?.User);
|
|
|
|
if (isUserExisting) {
|
|
const userGrants = await noDatabaseDbHandler(
|
|
`SHOW GRANTS FOR '${username}'@'${host}'`
|
|
);
|
|
|
|
for (let i = 0; i < userGrants.length; i++) {
|
|
const grantObject = userGrants[i];
|
|
const grant = grantObject?.[Object.keys(grantObject)[0]];
|
|
|
|
if (grant?.match(/GRANT .* PRIVILEGES ON .* TO/)) {
|
|
const revokeGrantText = grant
|
|
.replace(/GRANT/, "REVOKE")
|
|
.replace(/ TO /, " FROM ");
|
|
|
|
const revokePrivilege = await noDatabaseDbHandler(
|
|
revokeGrantText
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @type {GrantType[]}
|
|
*/
|
|
const grantsArray = grants;
|
|
|
|
for (let i = 0; i < grantsArray.length; i++) {
|
|
const grantObject = grantsArray[i];
|
|
const { database, table, privileges } = grantObject;
|
|
|
|
const tableText = table == "*" ? "*" : `\`${table}\``;
|
|
const databaseText =
|
|
database == "*"
|
|
? `\`${process.env.DSQL_USER_DB_PREFIX}${userId}_%\``
|
|
: `\`${database}\``;
|
|
|
|
const privilegesText = privileges.includes("ALL")
|
|
? "ALL PRIVILEGES"
|
|
: privileges.join(", ");
|
|
|
|
const grantText = `GRANT ${privilegesText} ON ${databaseText}.${tableText} TO '${username}'@'${host}'`;
|
|
|
|
const grantPriviledge = await noDatabaseDbHandler(grantText);
|
|
}
|
|
}
|
|
|
|
success = true;
|
|
} catch (/** @type {any} */ error) {
|
|
console.log(`Error in adding SQL user =>`, error.message);
|
|
}
|
|
|
|
return success;
|
|
}
|
|
|
|
module.exports = handleGrants;
|