Example #1
0
            parser,
            args,
            'list of objects to show the grants',
            db_over_tables=False,
            sql_mode=sql_mode)
    else:
        parser.error("You need to specify at least one object (database, table"
                     " or routine) in order to get the list of grantees.")

    # Validate list of privileges:
    priv_list = None
    if opt.privileges:
        priv_list = [priv.upper() for priv in opt.privileges.split(',')]
        if opt.verbosity and opt.verbosity > 2:
            print("The list of supported privileges is {0}".format(
                join_and_build_str(sorted(_VALID_PRIVS))))
        for priv in priv_list:
            if priv not in _VALID_PRIVS:
                if priv == "PROXY":
                    print("# WARNING: PROXY privilege is not supported ("
                          "privilege ignored).")
                else:
                    parser.error("Unknown privilege: '{0}'. For a list of "
                                 "valid privileges, please check: http://dev."
                                 "mysql.com/doc/en/privileges-provided."
                                 "html".format(priv))

    # Set options for database operations.
    options = {
        "verbosity": 0 if opt.verbosity is None else opt.verbosity,
        "privileges": priv_list,
    objects_to_include = {}
    if args:
        objects_to_include = db_objects_list_to_dictionary(
            parser, args, 'list of objects to show the grants',
            db_over_tables=False)
    else:
        parser.error("You need to specify at least one object (database, table"
                     " or routine) in order to get the list of grantees.")

    # Validate list of privileges:
    priv_list = None
    if opt.privileges:
        priv_list = [priv.upper() for priv in opt.privileges.split(',')]
        if opt.verbosity and opt.verbosity > 2:
            print("The list of supported privileges is {0}".format(
                join_and_build_str(sorted(_VALID_PRIVS))))
        for priv in priv_list:
            if priv not in _VALID_PRIVS:
                if priv == "PROXY":
                    print("# WARNING: PROXY privilege is not supported ("
                          "privilege ignored).")
                else:
                    parser.error("Unknown privilege: '{0}'. For a list of "
                                 "valid privileges, please check: http://dev."
                                 "mysql.com/doc/en/privileges-provided."
                                 "html".format(priv))

    # Set options for database operations.
    options = {
        "verbosity": 0 if opt.verbosity is None else opt.verbosity,
        "privileges": priv_list,
Example #3
0
def check_grants(server_cnx_val, options, dict_of_objects):
    """Show list of privileges over a set of objects

    This function creates a GrantShow object which shows the list of
    users with (the optionally specified list of ) privileges over the
    specified set of objects.

    server_cnx_val[in]      Dictionary with the connection values to the
                            server.
    options[in]             Dictionary of options (verbosity, privileges,
                            show_mode).
    list_of_objects[in]     Dictionary of objects (set of databases, tables
                            and procedures) by database to check.

    """

    # Create server connection:
    server = connect_servers(server_cnx_val, None, options)[0]

    # Check user permissions to consult the grant information.
    _check_privileges(server)

    # Validate the dict of objects against our server.
    valid_dict_of_objects = validate_obj_type_dict(server, dict_of_objects)

    # Get optional list of required privileges
    req_privs = set(options['privileges']) if options['privileges'] else None

    # If we specify some privileges that are not valid for all the objects
    # print warning message stating that some will be ignored.
    if req_privs:
        for obj_type in valid_dict_of_objects:
            # get list of privileges that applies to the object type
            filtered_req_privs = filter_grants(req_privs, obj_type)
            # if the size of the set is different that means that some of the
            # privileges cannot be applied to this object type, print warning
            if len(filtered_req_privs) != len(req_privs):
                if obj_type.upper() == DATABASE_TYPE:
                    obj_lst = [obj_tpl[0] for obj_tpl in
                               valid_dict_of_objects[obj_type]]
                else:
                    obj_lst = [".".join(obj_tpl) for obj_tpl in
                               valid_dict_of_objects[obj_type]]
                obj_lst_str = join_and_build_str(obj_lst)
                missing_privs = sorted(req_privs - filtered_req_privs)
                priv_str = join_and_build_str(missing_privs)
                verb = "do" if len(missing_privs) > 1 else "does"
                print("# WARNING: {0} {1} not apply to {2}s "
                      "and will be ignored for: {3}.".format(
                          priv_str, verb, obj_type.lower(), obj_lst_str))

    # get the grantee information dictionary
    grantee_info_dict = get_grantees(server, valid_dict_of_objects,
                                     req_privileges=req_privs)

    # Print the information
    obj_type_lst = [DATABASE_TYPE, TABLE_TYPE, ROUTINE_TYPE]
    for obj_type in obj_type_lst:
        if obj_type in grantee_info_dict:
            # Sort by object name
            for obj_name in sorted(grantee_info_dict[obj_type]):
                print("\n# {0} {1}:".format(obj_type, obj_name))
                if options['show_mode'] == 'users':
                    # Sort by grantee name
                    output_str = ", ".join(
                        sorted(grantee_info_dict[obj_type][obj_name].keys()))
                    print("# - {0}".format(output_str))
                elif options['show_mode'] == 'user_grants':
                    # Sort by grantee name
                    for grantee, priv_set in sorted(
                            grantee_info_dict[obj_type][obj_name].iteritems()):
                        # print privileges sorted by name
                        print("# - {0} : {1}".format(
                            grantee, ", ".join(sorted(priv_set))))
                else:  # raw mode
                    # Sort by grantee name
                    for grantee in sorted(
                            grantee_info_dict[obj_type][obj_name].keys()):
                        user = User(server, grantee)
                        grant_stms = sorted(
                            user.get_grants_for_object(obj_name, obj_type))
                        if grant_stms:
                            print("# - For {0}".format(grantee))
                        for grant_stm in grant_stms:
                            print("{0}".format(grant_stm))