maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

adjust permissions for customer global mysql user to access existing databases

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2024-12-03 21:20:26 +01:00
parent 079047b9fe
commit a839d76d1f
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
install/updates/froxlor/update_2.2.inc.php
View File

@@ -26,6 +26,7 @@
use Froxlor\Database\Database; use Froxlor\Database\Database;
use Froxlor\Database\DbManager; use Froxlor\Database\DbManager;
use Froxlor\Froxlor; use Froxlor\Froxlor;
use Froxlor\FroxlorLogger;
use Froxlor\Install\Update; use Froxlor\Install\Update;
use Froxlor\Settings; use Froxlor\Settings;
@@ -227,7 +228,7 @@ if (Froxlor::isDatabaseVersion('202411200')) {
// require privileged access for target db-server // require privileged access for target db-server
Database::needRoot(true, $dbserver, true); Database::needRoot(true, $dbserver, true);
// get DbManager // get DbManager
$dbm = new DbManager($this->logger()); $dbm = new DbManager(FroxlorLogger::getInstanceOf());
foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) { foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
if ($dbm->getManager()->userExistsOnHost($customer['loginname'], $mysql_access_host)) { if ($dbm->getManager()->userExistsOnHost($customer['loginname'], $mysql_access_host)) {
// deactivate temporarily // deactivate temporarily

5
lib/Froxlor/Database/Manager/DbManagerMySQL.php
View File

@@ -334,7 +334,7 @@ class DbManagerMySQL
Database::pexecute($sel_stmt, ['cid' => $cust['customerid']]); Database::pexecute($sel_stmt, ['cid' => $cust['customerid']]);
while ($dbdata = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) { while ($dbdata = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
$stmt = Database::prepare(" $stmt = Database::prepare("
GRANT CREATE ON `" . $dbdata['databasename'] . "`.* TO :username@:host GRANT ALL ON `" . $dbdata['databasename'] . "`.* TO :username@:host
"); ");
Database::pexecute($stmt, [ Database::pexecute($stmt, [
"username" => $username, "username" => $username,
@@ -348,6 +348,7 @@ class DbManagerMySQL
* grant "CREATE" for prefix user to all existing databases of that customer * grant "CREATE" for prefix user to all existing databases of that customer
* *
* @param string $username * @param string $username
* @param string $database
* @param string $access_host * @param string $access_host
* @return void * @return void
* @throws \Exception * @throws \Exception
@@ -355,7 +356,7 @@ class DbManagerMySQL
public function grantCreateToDb(string $username, string $database, string $access_host) public function grantCreateToDb(string $username, string $database, string $access_host)
{ {
$stmt = Database::prepare(" $stmt = Database::prepare("
GRANT CREATE ON `" . $database . "`.* TO :username@:host GRANT ALL ON `" . $database . "`.* TO :username@:host
"); ");
Database::pexecute($stmt, [ Database::pexecute($stmt, [
"username" => $username, "username" => $username,