parser,
args,
'list of objects to show the grants',
db_over_tables=False,
sql_mode=sql_mode)
else:
parser.error("You need to specify at least one object (database, table"
" or routine) in order to get the list of grantees.")
# Validate list of privileges:
priv_list = None
if opt.privileges:
priv_list = [priv.upper() for priv in opt.privileges.split(',')]
if opt.verbosity and opt.verbosity > 2:
print("The list of supported privileges is {0}".format(
join_and_build_str(sorted(_VALID_PRIVS))))
for priv in priv_list:
if priv not in _VALID_PRIVS:
if priv == "PROXY":
print("# WARNING: PROXY privilege is not supported ("
"privilege ignored).")
else:
parser.error("Unknown privilege: '{0}'. For a list of "
"valid privileges, please check: http://dev."
"mysql.com/doc/en/privileges-provided."
"html".format(priv))
# Set options for database operations.
options = {
"verbosity": 0 if opt.verbosity is None else opt.verbosity,
"privileges": priv_list,
objects_to_include = {}
if args:
objects_to_include = db_objects_list_to_dictionary(
parser, args, 'list of objects to show the grants',
db_over_tables=False)
else:
parser.error("You need to specify at least one object (database, table"
" or routine) in order to get the list of grantees.")
# Validate list of privileges:
priv_list = None
if opt.privileges:
priv_list = [priv.upper() for priv in opt.privileges.split(',')]
if opt.verbosity and opt.verbosity > 2:
print("The list of supported privileges is {0}".format(
join_and_build_str(sorted(_VALID_PRIVS))))
for priv in priv_list:
if priv not in _VALID_PRIVS:
if priv == "PROXY":
print("# WARNING: PROXY privilege is not supported ("
"privilege ignored).")
else:
parser.error("Unknown privilege: '{0}'. For a list of "
"valid privileges, please check: http://dev."
"mysql.com/doc/en/privileges-provided."
"html".format(priv))
# Set options for database operations.
options = {
"verbosity": 0 if opt.verbosity is None else opt.verbosity,
"privileges": priv_list,
def check_grants(server_cnx_val, options, dict_of_objects):
"""Show list of privileges over a set of objects
This function creates a GrantShow object which shows the list of
users with (the optionally specified list of ) privileges over the
specified set of objects.
server_cnx_val[in] Dictionary with the connection values to the
server.
options[in] Dictionary of options (verbosity, privileges,
show_mode).
list_of_objects[in] Dictionary of objects (set of databases, tables
and procedures) by database to check.
"""
# Create server connection:
server = connect_servers(server_cnx_val, None, options)[0]
# Check user permissions to consult the grant information.
_check_privileges(server)
# Validate the dict of objects against our server.
valid_dict_of_objects = validate_obj_type_dict(server, dict_of_objects)
# Get optional list of required privileges
req_privs = set(options['privileges']) if options['privileges'] else None
# If we specify some privileges that are not valid for all the objects
# print warning message stating that some will be ignored.
if req_privs:
for obj_type in valid_dict_of_objects:
# get list of privileges that applies to the object type
filtered_req_privs = filter_grants(req_privs, obj_type)
# if the size of the set is different that means that some of the
# privileges cannot be applied to this object type, print warning
if len(filtered_req_privs) != len(req_privs):
if obj_type.upper() == DATABASE_TYPE:
obj_lst = [obj_tpl[0] for obj_tpl in
valid_dict_of_objects[obj_type]]
else:
obj_lst = [".".join(obj_tpl) for obj_tpl in
valid_dict_of_objects[obj_type]]
obj_lst_str = join_and_build_str(obj_lst)
missing_privs = sorted(req_privs - filtered_req_privs)
priv_str = join_and_build_str(missing_privs)
verb = "do" if len(missing_privs) > 1 else "does"
print("# WARNING: {0} {1} not apply to {2}s "
"and will be ignored for: {3}.".format(
priv_str, verb, obj_type.lower(), obj_lst_str))
# get the grantee information dictionary
grantee_info_dict = get_grantees(server, valid_dict_of_objects,
req_privileges=req_privs)
# Print the information
obj_type_lst = [DATABASE_TYPE, TABLE_TYPE, ROUTINE_TYPE]
for obj_type in obj_type_lst:
if obj_type in grantee_info_dict:
# Sort by object name
for obj_name in sorted(grantee_info_dict[obj_type]):
print("\n# {0} {1}:".format(obj_type, obj_name))
if options['show_mode'] == 'users':
# Sort by grantee name
output_str = ", ".join(
sorted(grantee_info_dict[obj_type][obj_name].keys()))
print("# - {0}".format(output_str))
elif options['show_mode'] == 'user_grants':
# Sort by grantee name
for grantee, priv_set in sorted(
grantee_info_dict[obj_type][obj_name].iteritems()):
# print privileges sorted by name
print("# - {0} : {1}".format(
grantee, ", ".join(sorted(priv_set))))
else: # raw mode
# Sort by grantee name
for grantee in sorted(
grantee_info_dict[obj_type][obj_name].keys()):
user = User(server, grantee)
grant_stms = sorted(
user.get_grants_for_object(obj_name, obj_type))
if grant_stms:
print("# - For {0}".format(grantee))
for grant_stm in grant_stms:
print("{0}".format(grant_stm))