def enable_root(cls):
"""Enable the root user global access and/or reset the root password"""
user = models.MySQLUser()
user.name = "root"
user.host = "%"
user.password = generate_random_password()
with LocalSqlClient(get_engine()) as client:
print(client)
try:
cu = query.CreateUser(user.name, host=user.host)
t = text(str(cu))
client.execute(t, **cu.keyArgs)
except exc.OperationalError as err:
# Ignore, user is already created, just reset the password
# TODO(rnirmal): More fine grained error checking later on
LOG.debug(err)
with LocalSqlClient(get_engine()) as client:
print(client)
uu = query.UpdateUser(user.name, host=user.host,
clear=user.password)
t = text(str(uu))
client.execute(t)
LOG.debug("CONF.root_grant: %s CONF.root_grant_option: %s" %
(CONF.root_grant, CONF.root_grant_option))
g = query.Grant(permissions=CONF.root_grant,
user=user.name,
host=user.host,
grant_option=CONF.root_grant_option,
clear=user.password)
t = text(str(g))
client.execute(t)
return user.serialize()
def _generate_root_password(client):
""" Generate and set a random root password and forget about it. """
localhost = "localhost"
uu = query.UpdateUser("root", host=localhost,
clear=generate_random_password())
t = text(str(uu))
client.execute(t)
def update_attributes(self, username, hostname, user_attrs):
"""Change the attributes of one existing user."""
LOG.debug("Changing the user attributes")
LOG.debug("User is %s" % username)
user = self._get_user(username, hostname)
db_access = set()
grantee = set()
with LocalSqlClient(get_engine()) as client:
q = query.Query()
q.columns = ["grantee", "table_schema"]
q.tables = ["information_schema.SCHEMA_PRIVILEGES"]
q.group = ["grantee", "table_schema"]
q.where = ["privilege_type != 'USAGE'"]
t = text(str(q))
db_result = client.execute(t)
for db in db_result:
grantee.add(db['grantee'])
if db['grantee'] == "'%s'@'%s'" % (user.name, user.host):
db_name = db['table_schema']
db_access.add(db_name)
with LocalSqlClient(get_engine()) as client:
uu = query.UpdateUser(user.name, host=user.host,
clear=user_attrs.get('password'),
new_user=user_attrs.get('name'),
new_host=user_attrs.get('host'))
t = text(str(uu))
client.execute(t)
if user_attrs.get('name') is not None:
if user_attrs['name'] not in grantee:
if user_attrs.get('host') is None:
host = user.host
else:
host = user_attrs.get('host')
self.grant_access(user_attrs['name'], host, db_access)
def test_change_host(self):
username = '******'
hostname = 'localhost'
new_host = '%'
uu = query.UpdateUser(user=username, host=hostname, new_host=new_host)
self.assertEqual(
str(uu), "UPDATE mysql.user SET Host='%' "
"WHERE User = '******' "
"AND Host = 'localhost';")
def test_rename_user(self):
username = '******'
hostname = 'localhost'
new_user = '******'
uu = query.UpdateUser(user=username, host=hostname, new_user=new_user)
self.assertEqual(
str(uu), "UPDATE mysql.user SET User='******' "
"WHERE User = '******' "
"AND Host = 'localhost';")
def test_change_password(self):
username = '******'
hostname = 'localhost'
new_password = '******'
uu = query.UpdateUser(user=username, host=hostname, clear=new_password)
self.assertEqual(
str(uu), "UPDATE mysql.user SET "
"Password=PASSWORD('password123') "
"WHERE User = '******' "
"AND Host = 'localhost';")
def change_passwords(self, users):
"""Change the passwords of one or more existing users."""
LOG.debug("Changing the password of some users.")
LOG.debug("Users is %s" % users)
with LocalSqlClient(get_engine()) as client:
for item in users:
LOG.debug("\tUser: %s" % item)
user_dict = {'_name': item['name'],
'_host': item['host'],
'_password': item['password'],
}
user = models.MySQLUser()
user.deserialize(user_dict)
LOG.debug("\tDeserialized: %s" % user.__dict__)
uu = query.UpdateUser(user.name, host=user.host,
clear=user.password)
t = text(str(uu))
client.execute(t)