def update_attributes(self, username, hostname, user_attrs):
"""Change the attributes of an existing user."""
LOG.debug("Changing user attributes for user %s.", username)
user = self._get_user(username, hostname)
new_name = user_attrs.get('name')
new_host = user_attrs.get('host')
new_password = user_attrs.get('password')
if new_name or new_host or new_password:
with self.local_sql_client(self.mysql_app.get_engine()) as client:
if new_password is not None:
uu = sql_query.SetPassword(user.name,
host=user.host,
new_password=new_password)
t = text(str(uu))
client.execute(t)
if new_name or new_host:
uu = sql_query.RenameUser(user.name,
host=user.host,
new_user=new_name,
new_host=new_host)
t = text(str(uu))
client.execute(t)
def _create_admin_user(self, client, password):
"""
Create a os_admin user with a random password
with all privileges similar to the root user.
"""
LOG.info("Creating Trove admin user '%s'.", ADMIN_USER_NAME)
host = "localhost"
try:
cu = sql_query.CreateUser(ADMIN_USER_NAME,
host=host,
clear=password)
t = text(str(cu))
client.execute(t, **cu.keyArgs)
except (exc.OperationalError, exc.InternalError) as err:
# Ignore, user is already created, just reset the password
# (user will already exist in a restore from backup)
LOG.debug(err)
uu = sql_query.SetPassword(ADMIN_USER_NAME,
host=host,
new_password=password,
ds=CONF.datastore_manager,
ds_version=CONF.datastore_version)
t = text(str(uu))
client.execute(t)
g = sql_query.Grant(permissions='ALL',
user=ADMIN_USER_NAME,
host=host,
grant_option=True)
t = text(str(g))
client.execute(t)
LOG.info("Trove admin user '%s' created.", ADMIN_USER_NAME)
def enable_root(self, root_password=None):
"""Enable the root user global access and/or
reset the root password.
"""
user = models.MySQLUser.root(password=root_password)
with self.local_sql_client(self.mysql_app.get_engine()) as client:
try:
cu = sql_query.CreateUser(user.name, host=user.host)
t = text(str(cu))
client.execute(t, **cu.keyArgs)
except (exc.OperationalError, exc.InternalError) as err:
# Ignore, user is already created, just reset the password
# TODO(rnirmal): More fine grained error checking later on
LOG.debug(err)
with self.local_sql_client(self.mysql_app.get_engine()) as client:
uu = sql_query.SetPassword(user.name, host=user.host,
new_password=user.password)
t = text(str(uu))
client.execute(t)
LOG.debug("CONF.root_grant: %s CONF.root_grant_option: %s." %
(CONF.root_grant, CONF.root_grant_option))
g = sql_query.Grant(permissions=CONF.root_grant,
user=user.name,
host=user.host,
grant_option=CONF.root_grant_option,
clear=user.password)
t = text(str(g))
client.execute(t)
return user.serialize()
def update_attributes(self, username, hostname, user_attrs):
"""Change the attributes of an existing user."""
LOG.debug("Changing user attributes for user %s.", username)
user = self._get_user(username, hostname)
new_name = user_attrs.get('name')
new_host = user_attrs.get('host')
new_password = user_attrs.get('password')
if new_name or new_host or new_password:
with mysql_util.SqlClient(self.mysql_app.get_engine(),
use_flush=True) as client:
if new_password is not None:
uu = sql_query.SetPassword(
user.name,
host=user.host,
new_password=new_password,
ds=CONF.datastore_manager,
ds_version=CONF.datastore_version)
t = text(str(uu))
client.execute(t)
if new_name or new_host:
uu = sql_query.RenameUser(user.name,
host=user.host,
new_user=new_name,
new_host=new_host)
t = text(str(uu))
client.execute(t)
def _generate_root_password(client):
"""Generate, set, and preserve a random password
for root@localhost when invoking mysqladmin to
determine the execution status of the mysql service.
"""
localhost = "localhost"
new_password = utils.generate_random_password()
uu = sql_query.SetPassword(models.MySQLUser.root_username,
host=localhost,
new_password=new_password)
t = text(str(uu))
client.execute(t)
# Save the password to root's private .my.cnf file
root_sect = {
'client': {
'user': '******',
'password': new_password,
'host': localhost
}
}
operating_system.write_file('/root/.my.cnf',
root_sect,
codec=IniCodec(),
as_root=True)
def _generate_root_password(client):
"""Generate and set a random root password and forget about it."""
localhost = "localhost"
uu = sql_query.SetPassword(
models.MySQLUser.root_username, host=localhost,
new_password=utils.generate_random_password())
t = text(str(uu))
client.execute(t)
def test_alter_user(self):
username = '******'
hostname = 'localhost'
new_password = '******'
uu = sql_query.SetPassword(user=username,
host=hostname,
new_password=new_password)
self.assertEqual(
"SET PASSWORD FOR 'root'@'localhost' = "
"PASSWORD('new_password');", str(uu))
def change_passwords(self, users):
"""Change the passwords of one or more existing users."""
LOG.debug("Changing the password of some users.")
with self.local_sql_client(self.mysql_app.get_engine()) as client:
for item in users:
LOG.debug("Changing password for user %s." % item)
user_dict = {'_name': item['name'],
'_host': item['host'],
'_password': item['password']}
user = models.MySQLUser.deserialize(user_dict)
LOG.debug("\tDeserialized: %s." % user.__dict__)
uu = sql_query.SetPassword(user.name, host=user.host,
new_password=user.password)
t = text(str(uu))
client.execute(t)
def change_passwords(self, users):
"""Change the passwords of one or more existing users."""
LOG.debug("Changing the password of some users.")
with mysql_util.SqlClient(self.mysql_app.get_engine()) as client:
for item in users:
LOG.debug("Changing password for user %s.", item)
user_dict = {'_name': item['name'],
'_host': item['host'],
'_password': item['password']}
user = models.MySQLUser.deserialize(user_dict)
uu = sql_query.SetPassword(user.name, host=user.host,
new_password=user.password,
ds=CONF.datastore_manager,
ds_version=CONF.datastore_version)
t = text(str(uu))
client.execute(t)
def enable_root(self, root_password=None):
"""Enable the root user global access and/or
reset the root password.
"""
user = models.MySQLUser.root(password=root_password)
with mysql_util.SqlClient(self.mysql_app.get_engine(),
use_flush=True) as client:
try:
cu = sql_query.CreateUser(user.name, host=user.host)
t = text(str(cu))
client.execute(t, **cu.keyArgs)
except (exc.OperationalError, exc.InternalError) as err:
# Ignore, user is already created, just reset the password
# TODO(rnirmal): More fine grained error checking later on
LOG.debug(err)
with mysql_util.SqlClient(self.mysql_app.get_engine(),
use_flush=True) as client:
uu = sql_query.SetPassword(user.name,
host=user.host,
new_password=user.password,
ds=CONF.datastore_manager,
ds_version=CONF.datastore_version)
t = text(str(uu))
client.execute(t)
LOG.debug(
"CONF.root_grant: %(grant)s CONF.root_grant_option: "
"%(grant_option)s.", {
'grant': CONF.root_grant,
'grant_option': CONF.root_grant_option
})
g = sql_query.Grant(permissions=CONF.root_grant,
user=user.name,
host=user.host,
grant_option=CONF.root_grant_option)
t = text(str(g))
client.execute(t)
return user.serialize()
