Fixed: Some improvements and fixes for the database/user separation

mcramer · mcramer · commit 317b4d0d8879 · 2012-09-04T14:12:45.000Z
diff --git a/interface/lib/plugins/sites_web_database_user_plugin.inc.php b/interface/lib/plugins/sites_web_database_user_plugin.inc.php
@@ -30,11 +30,12 @@ function sites_web_database_user_edit($event_name, $page_form) {
         // also make sure that the user can not delete domain created by a admin
         if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
             $client_group_id = intval($page_form->dataRecord["client_group_id"]);
-            $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$page_form->id);
+            $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE database_user_id = ".$page_form->id);
         }
         if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
             $client_group_id = intval($page_form->dataRecord["client_group_id"]);
-            $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$page_form->id);
+            $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$page_form->id);
         }
+        $app->db->query("UPDATE web_database_user SET server_id = '" . intval($conf['server_id']) . "' WHERE database_user_id = ".$page_form->id);
 	}
 }              	
diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php
@@ -309,6 +309,7 @@ function onUpdateSave($sql) {
         global $app;
         if(!empty($sql) && !$app->tform->isReadonlyTab($app->tform->getCurrentTab(),$this->id)) {
             
+            $app->uses('sites_database_plugin');
             $app->sites_database_plugin->processDatabaseUpdate($this);
 
             $app->db->query($sql);
diff --git a/interface/web/sites/database_user_edit.php b/interface/web/sites/database_user_edit.php
@@ -145,6 +145,8 @@ function onBeforeUpdate() {
 			$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
 		}
 		
+        $this->dataRecord['server_id'] = $conf['server_id'];
+        
 		parent::onBeforeUpdate();
 	}
 
@@ -173,6 +175,8 @@ function onBeforeInsert() {
 			$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
 		}
 		
+        $this->dataRecord['server_id'] = $conf['server_id'];
+        
 		parent::onBeforeInsert();
 	}
 
@@ -200,7 +204,16 @@ function onAfterUpdate() {
 			$client_group_id = intval($this->dataRecord["client_group_id"]);
 			$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
 		}
-
+        
+        $old_rec = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = '".$this->id."'");
+        
+        $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".intval($this->id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".intval($this->id)."'");
+        foreach($records as $rec) {
+            $new_rec = $this->dataRecord;
+            $new_rec['server_id'] = $rec['server_id'];
+            $app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->id, $old_rec, $new_rec);
+        }
+        unset($new_rec);
 	}
 
 }
diff --git a/interface/web/sites/form/database_user.tform.php b/interface/web/sites/form/database_user.tform.php
@@ -63,6 +63,17 @@
 	##################################
 	# Begin Datatable fields
 	##################################
+		'server_id' => array (
+			'datatype'	=> 'INTEGER',
+			'formtype'	=> 'SELECT',
+			'default'	=> '',
+			'datasource'	=> array ( 	'type'	=> 'SQL',
+										'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} AND db_server = 1 ORDER BY server_name',
+										'keyfield'=> 'server_id',
+										'valuefield'=> 'server_name'
+									 ),
+			'value'		=> ''
+		),
 		'database_user' => array (
 			'datatype'	=> 'VARCHAR',
 			'formtype'	=> 'TEXT',
diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -88,9 +88,11 @@ function process_host_list($action, $database_name, $database_user, $database_pa
       foreach($host_list as $db_host) {
           $db_host = trim($db_host);
           
+          $app->log($action . ' for user ' . $database_user . ' at host ' . $db_host, LOGLEVEL_DEBUG);
+          
           // check if entry is valid ip address
           $valid = true;
-		  if($db_host == '%') {
+		  if($db_host == '%' || $db_host == 'localhost') {
 		  	$valid = true;
 		  } elseif(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $db_host)) {
               $groups = explode('.', $db_host);
@@ -106,6 +108,7 @@ function process_host_list($action, $database_name, $database_user, $database_pa
           
           if($action == 'GRANT') {
               if(!$link->query("GRANT " . ($user_read_only ? "SELECT" : "ALL") . " ON ".$link->escape_string($database_name).".* TO '".$link->escape_string($database_user)."'@'$db_host' IDENTIFIED BY PASSWORD '".$link->escape_string($database_password)."';")) $success = false;
+              $app->log("GRANT " . ($user_read_only ? "SELECT" : "ALL") . " ON ".$link->escape_string($database_name).".* TO '".$link->escape_string($database_user)."'@'$db_host' IDENTIFIED BY PASSWORD '".$link->escape_string($database_password)."'; success? " . ($success ? 'yes' : 'no'), LOGLEVEL_DEBUG);
           } elseif($action == 'REVOKE') {
               if(!$link->query("REVOKE ALL PRIVILEGES ON ".$link->escape_string($database_name).".* FROM '".$link->escape_string($database_user)."'@'$db_host' IDENTIFIED BY PASSWORD '".$link->escape_string($database_password)."';")) $success = false;
           } elseif($action == 'DROP') {
@@ -388,9 +391,8 @@ function db_user_update($event_name,$data) {
 			}
 
 			if($data['new']['database_password'] != $data['old']['database_password']) {
-				$db_host = 'localhost';
-				$link->query("SET PASSWORD FOR '".$link->escape_string($data['new']['database_user'])."'@'$db_host' = '".$link->escape_string($data['new']['database_password'])."';");
-				$app->log('Changing MySQL user password for: '.$data['new']['database_user'],LOGLEVEL_DEBUG);
+				$link->query("SET PASSWORD FOR '".$link->escape_string($data['new']['database_user'])."'@'$db_host' = PASSWORD('".$link->escape_string($data['new']['database_password'])."');"); // is contained in clear text so PASSWORD() func is needed
+				$app->log('Changing MySQL user password for: '.$data['new']['database_user'].'@'.$db_host,LOGLEVEL_DEBUG);
 			}
         }
         

Original file line number	Diff line number	Diff line change
`@@ -30,11 +30,12 @@ function sites_web_database_user_edit($event_name, $page_form) {`
`30`	`30`	`// also make sure that the user can not delete domain created by a admin`
`31`	`31`	`if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {`
`32`	`32`	`$client_group_id = intval($page_form->dataRecord["client_group_id"]);`
`33`		`- $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$page_form->id);`
	`33`	`+ $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE database_user_id = ".$page_form->id);`
`34`	`34`	`}`
`35`	`35`	`if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {`
`36`	`36`	`$client_group_id = intval($page_form->dataRecord["client_group_id"]);`
`37`		`- $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$page_form->id);`
	`37`	`+ $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$page_form->id);`
`38`	`38`	`}`
	`39`	`+ $app->db->query("UPDATE web_database_user SET server_id = '" . intval($conf['server_id']) . "' WHERE database_user_id = ".$page_form->id);`
`39`	`40`	`}`
`40`	`41`	`}`
Original file line number	Diff line number	Diff line change
`@@ -145,6 +145,8 @@ function onBeforeUpdate() {`
`145`	`145`	`$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);`
`146`	`146`	`}`
`147`	`147`
	`148`	`+ $this->dataRecord['server_id'] = $conf['server_id'];`
	`149`	`+`
`148`	`150`	`parent::onBeforeUpdate();`
`149`	`151`	`}`
`150`	`152`
`@@ -173,6 +175,8 @@ function onBeforeInsert() {`
`173`	`175`	`$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);`
`174`	`176`	`}`
`175`	`177`
	`178`	`+ $this->dataRecord['server_id'] = $conf['server_id'];`
	`179`	`+`
`176`	`180`	`parent::onBeforeInsert();`
`177`	`181`	`}`
`178`	`182`
`@@ -200,7 +204,16 @@ function onAfterUpdate() {`
`200`	`204`	`$client_group_id = intval($this->dataRecord["client_group_id"]);`
`201`	`205`	`$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);`
`202`	`206`	`}`
`203`		`-`
	`207`	`+`
	`208`	`+ $old_rec = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = '".$this->id."'");`
	`209`	`+`
	`210`	`+ $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".intval($this->id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".intval($this->id)."'");`
	`211`	`+ foreach($records as $rec) {`
	`212`	`+ $new_rec = $this->dataRecord;`
	`213`	`+ $new_rec['server_id'] = $rec['server_id'];`
	`214`	`+ $app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->id, $old_rec, $new_rec);`
	`215`	`+ }`
	`216`	`+ unset($new_rec);`
`204`	`217`	`}`
`205`	`218`
`206`	`219`	`}`