parser, args, 'list of objects to show the grants', db_over_tables=False, sql_mode=sql_mode) else: parser.error("You need to specify at least one object (database, table" " or routine) in order to get the list of grantees.") # Validate list of privileges: priv_list = None if opt.privileges: priv_list = [priv.upper() for priv in opt.privileges.split(',')] if opt.verbosity and opt.verbosity > 2: print("The list of supported privileges is {0}".format( join_and_build_str(sorted(_VALID_PRIVS)))) for priv in priv_list: if priv not in _VALID_PRIVS: if priv == "PROXY": print("# WARNING: PROXY privilege is not supported (" "privilege ignored).") else: parser.error("Unknown privilege: '{0}'. For a list of " "valid privileges, please check: http://dev." "mysql.com/doc/en/privileges-provided." "html".format(priv)) # Set options for database operations. options = { "verbosity": 0 if opt.verbosity is None else opt.verbosity, "privileges": priv_list,
objects_to_include = {} if args: objects_to_include = db_objects_list_to_dictionary( parser, args, 'list of objects to show the grants', db_over_tables=False) else: parser.error("You need to specify at least one object (database, table" " or routine) in order to get the list of grantees.") # Validate list of privileges: priv_list = None if opt.privileges: priv_list = [priv.upper() for priv in opt.privileges.split(',')] if opt.verbosity and opt.verbosity > 2: print("The list of supported privileges is {0}".format( join_and_build_str(sorted(_VALID_PRIVS)))) for priv in priv_list: if priv not in _VALID_PRIVS: if priv == "PROXY": print("# WARNING: PROXY privilege is not supported (" "privilege ignored).") else: parser.error("Unknown privilege: '{0}'. For a list of " "valid privileges, please check: http://dev." "mysql.com/doc/en/privileges-provided." "html".format(priv)) # Set options for database operations. options = { "verbosity": 0 if opt.verbosity is None else opt.verbosity, "privileges": priv_list,
def check_grants(server_cnx_val, options, dict_of_objects): """Show list of privileges over a set of objects This function creates a GrantShow object which shows the list of users with (the optionally specified list of ) privileges over the specified set of objects. server_cnx_val[in] Dictionary with the connection values to the server. options[in] Dictionary of options (verbosity, privileges, show_mode). list_of_objects[in] Dictionary of objects (set of databases, tables and procedures) by database to check. """ # Create server connection: server = connect_servers(server_cnx_val, None, options)[0] # Check user permissions to consult the grant information. _check_privileges(server) # Validate the dict of objects against our server. valid_dict_of_objects = validate_obj_type_dict(server, dict_of_objects) # Get optional list of required privileges req_privs = set(options['privileges']) if options['privileges'] else None # If we specify some privileges that are not valid for all the objects # print warning message stating that some will be ignored. if req_privs: for obj_type in valid_dict_of_objects: # get list of privileges that applies to the object type filtered_req_privs = filter_grants(req_privs, obj_type) # if the size of the set is different that means that some of the # privileges cannot be applied to this object type, print warning if len(filtered_req_privs) != len(req_privs): if obj_type.upper() == DATABASE_TYPE: obj_lst = [obj_tpl[0] for obj_tpl in valid_dict_of_objects[obj_type]] else: obj_lst = [".".join(obj_tpl) for obj_tpl in valid_dict_of_objects[obj_type]] obj_lst_str = join_and_build_str(obj_lst) missing_privs = sorted(req_privs - filtered_req_privs) priv_str = join_and_build_str(missing_privs) verb = "do" if len(missing_privs) > 1 else "does" print("# WARNING: {0} {1} not apply to {2}s " "and will be ignored for: {3}.".format( priv_str, verb, obj_type.lower(), obj_lst_str)) # get the grantee information dictionary grantee_info_dict = get_grantees(server, valid_dict_of_objects, req_privileges=req_privs) # Print the information obj_type_lst = [DATABASE_TYPE, TABLE_TYPE, ROUTINE_TYPE] for obj_type in obj_type_lst: if obj_type in grantee_info_dict: # Sort by object name for obj_name in sorted(grantee_info_dict[obj_type]): print("\n# {0} {1}:".format(obj_type, obj_name)) if options['show_mode'] == 'users': # Sort by grantee name output_str = ", ".join( sorted(grantee_info_dict[obj_type][obj_name].keys())) print("# - {0}".format(output_str)) elif options['show_mode'] == 'user_grants': # Sort by grantee name for grantee, priv_set in sorted( grantee_info_dict[obj_type][obj_name].iteritems()): # print privileges sorted by name print("# - {0} : {1}".format( grantee, ", ".join(sorted(priv_set)))) else: # raw mode # Sort by grantee name for grantee in sorted( grantee_info_dict[obj_type][obj_name].keys()): user = User(server, grantee) grant_stms = sorted( user.get_grants_for_object(obj_name, obj_type)) if grant_stms: print("# - For {0}".format(grantee)) for grant_stm in grant_stms: print("{0}".format(grant_stm))