mirror of
https://github.com/acepanel/panel.git
synced 2026-02-04 10:17:17 +08:00
feat: 数据库权限
This commit is contained in:
耗子
@@ -122,6 +122,30 @@ func (m *MySQL) PrivilegesGrant(user, database string) error {
|
||||
return err
|
||||
}
|
||||
|
||||
func (m *MySQL) UserPrivileges(user, host string) (map[string][]string, error) {
|
||||
rows, err := m.Query(fmt.Sprintf("SHOW GRANTS FOR '%s'@'%s'", user, host))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer rows.Close()
|
||||
|
||||
privileges := make(map[string][]string)
|
||||
for rows.Next() {
|
||||
var grant string
|
||||
if err := rows.Scan(&grant); err != nil {
|
||||
continue
|
||||
}
|
||||
|
||||
var db string
|
||||
var privs []string
|
||||
if _, err := fmt.Sscanf(grant, "GRANT %s ON %s TO", &privs, &db); err == nil {
|
||||
privileges[db] = append(privileges[db], privs...)
|
||||
}
|
||||
}
|
||||
|
||||
return privileges, nil
|
||||
}
|
||||
|
||||
func (m *MySQL) PrivilegesRevoke(user, database string) error {
|
||||
_, err := m.Exec(fmt.Sprintf("REVOKE ALL PRIVILEGES ON %s.* FROM '%s'@'localhost'", database, user))
|
||||
m.flushPrivileges()
|
||||
|
||||
@@ -3,6 +3,7 @@ package db
|
||||
import (
|
||||
"database/sql"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
_ "github.com/lib/pq"
|
||||
|
||||
@@ -116,6 +117,40 @@ func (m *Postgres) UserPassword(user, password string) error {
|
||||
return err
|
||||
}
|
||||
|
||||
func (p *Postgres) UserPrivileges(user string) (map[string][]string, error) {
|
||||
query := `
|
||||
SELECT
|
||||
table_catalog as database_name,
|
||||
string_agg(DISTINCT privilege_type, ',') as privileges
|
||||
FROM information_schema.role_database_privileges
|
||||
WHERE grantee = $1
|
||||
GROUP BY table_catalog`
|
||||
|
||||
rows, err := p.Query(query, user)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to query database privileges: %w", err)
|
||||
}
|
||||
defer rows.Close()
|
||||
|
||||
privileges := make(map[string][]string)
|
||||
|
||||
for rows.Next() {
|
||||
var dbName, privilegeStr string
|
||||
if err := rows.Scan(&dbName, &privilegeStr); err != nil {
|
||||
return nil, fmt.Errorf("failed to scan row: %w", err)
|
||||
}
|
||||
|
||||
key := fmt.Sprintf("%s.*", dbName)
|
||||
privileges[key] = strings.Split(privilegeStr, ",")
|
||||
}
|
||||
|
||||
if err = rows.Err(); err != nil {
|
||||
return nil, fmt.Errorf("error iterating rows: %w", err)
|
||||
}
|
||||
|
||||
return privileges, nil
|
||||
}
|
||||
|
||||
func (m *Postgres) PrivilegesGrant(user, database string) error {
|
||||
if _, err := m.Exec(fmt.Sprintf("ALTER DATABASE %s OWNER TO %s", database, user)); err != nil {
|
||||
return err
|
||||
|
||||
Reference in New Issue
Block a user