From 199d9a2b6ef6fe996b0f6e7f6643cd5126465376 Mon Sep 17 00:00:00 2001 From: ssongliu Date: Fri, 12 May 2023 16:46:43 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E8=A7=A3=E5=86=B3=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E5=BA=93=E7=94=A8=E6=88=B7=E6=8C=87=E5=AE=9A=E5=A4=9A=E4=B8=AA?= =?UTF-8?q?=20ip=20=E6=97=A0=E6=95=88=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/app/service/database_mysql.go | 94 +++++++++++++------ frontend/src/lang/modules/en.ts | 2 +- frontend/src/lang/modules/zh.ts | 2 +- .../src/views/database/mysql/create/index.vue | 12 ++- .../views/database/mysql/password/index.vue | 4 +- 5 files changed, 80 insertions(+), 34 deletions(-) diff --git a/backend/app/service/database_mysql.go b/backend/app/service/database_mysql.go index a1273a4dae18..5803733e083d 100644 --- a/backend/app/service/database_mysql.go +++ b/backend/app/service/database_mysql.go @@ -14,6 +14,7 @@ import ( "github.com/1Panel-dev/1Panel/backend/app/dto" "github.com/1Panel-dev/1Panel/backend/app/model" + "github.com/1Panel-dev/1Panel/backend/app/repo" "github.com/1Panel-dev/1Panel/backend/buserr" "github.com/1Panel-dev/1Panel/backend/constant" "github.com/1Panel-dev/1Panel/backend/global" @@ -99,22 +100,7 @@ func (u *MysqlService) Create(ctx context.Context, req dto.MysqlDBCreate) (*mode } return nil, err } - tmpPermission := req.Permission - if err := excSQL(app.ContainerName, app.Password, fmt.Sprintf("create user '%s'@'%s' identified by '%s';", req.Username, tmpPermission, req.Password)); err != nil { - _ = excSQL(app.ContainerName, app.Password, fmt.Sprintf("drop database `%s`", req.Name)) - if strings.Contains(err.Error(), "ERROR 1396") { - return nil, buserr.New(constant.ErrUserIsExist) - } - return nil, err - } - grantStr := fmt.Sprintf("grant all privileges on `%s`.* to '%s'@'%s'", req.Name, req.Username, tmpPermission) - if req.Name == "*" { - grantStr = fmt.Sprintf("grant all privileges on *.* to '%s'@'%s'", mysql.Username, tmpPermission) - } - if app.Version == "5.7.39" { - grantStr = fmt.Sprintf("%s identified by '%s' with grant option;", grantStr, req.Password) - } - if err := excSQL(app.ContainerName, app.Password, grantStr); err != nil { + if err := u.createUser(app, req); err != nil { return nil, err } @@ -284,24 +270,30 @@ func (u *MysqlService) ChangeAccess(info dto.ChangeDBInfo) error { } if info.Value != mysql.Permission { - if err := excuteSql(app.ContainerName, app.Password, fmt.Sprintf("drop user if exists '%s'@'%s'", mysql.Username, mysql.Permission)); err != nil { - return err + var userlist []string + if strings.Contains(mysql.Permission, ",") { + userlist = strings.Split(mysql.Permission, ",") + } else { + userlist = append(userlist, mysql.Permission) + } + for _, user := range userlist { + if len(user) != 0 { + if err := excuteSql(app.ContainerName, app.Password, fmt.Sprintf("drop user if exists '%s'@'%s'", mysql.Username, user)); err != nil { + return err + } + } } if info.ID == 0 { return nil } } - if err := excuteSql(app.ContainerName, app.Password, fmt.Sprintf("create user if not exists '%s'@'%s' identified by '%s';", mysql.Username, info.Value, mysql.Password)); err != nil { - return err - } - grantStr := fmt.Sprintf("grant all privileges on `%s`.* to '%s'@'%s'", mysql.Name, mysql.Username, info.Value) - if mysql.Name == "*" { - grantStr = fmt.Sprintf("grant all privileges on *.* to '%s'@'%s'", mysql.Username, info.Value) - } - if app.Version == "5.7.39" { - grantStr = fmt.Sprintf("%s identified by '%s' with grant option;", grantStr, mysql.Password) - } - if err := excuteSql(app.ContainerName, app.Password, grantStr); err != nil { + + if err := u.createUser(app, dto.MysqlDBCreate{ + Username: mysql.Username, + Name: mysql.Name, + Permission: info.Value, + Password: mysql.Password, + }); err != nil { return err } if err := excuteSql(app.ContainerName, app.Password, "flush privileges"); err != nil { @@ -475,6 +467,50 @@ func (u *MysqlService) LoadStatus() (*dto.MysqlStatus, error) { return &info, nil } +func (u *MysqlService) createUser(app *repo.RootInfo, req dto.MysqlDBCreate) error { + var userlist []string + if strings.Contains(req.Permission, ",") { + ips := strings.Split(req.Permission, ",") + for _, ip := range ips { + if len(ip) != 0 { + userlist = append(userlist, fmt.Sprintf("'%s'@'%s'", req.Username, ip)) + } + } + } else { + userlist = append(userlist, fmt.Sprintf("'%s'@'%s'", req.Username, req.Permission)) + } + + for _, user := range userlist { + if err := excSQL(app.ContainerName, app.Password, fmt.Sprintf("create user %s identified by '%s';", user, req.Password)); err != nil { + handleCreateError(req.Name, userlist, app) + if strings.Contains(err.Error(), "ERROR 1396") { + return buserr.New(constant.ErrUserIsExist) + } + return err + } + grantStr := fmt.Sprintf("grant all privileges on `%s`.* to %s", req.Name, user) + if req.Name == "*" { + grantStr = fmt.Sprintf("grant all privileges on *.* to %s", user) + } + if app.Version == "5.7.39" { + grantStr = fmt.Sprintf("%s identified by '%s' with grant option;", grantStr, req.Password) + } + if err := excSQL(app.ContainerName, app.Password, grantStr); err != nil { + handleCreateError(req.Name, userlist, app) + return err + } + } + return nil +} +func handleCreateError(dbName string, userlist []string, app *repo.RootInfo) { + _ = excSQL(app.ContainerName, app.Password, fmt.Sprintf("drop database `%s`", dbName)) + for _, user := range userlist { + if err := excSQL(app.ContainerName, app.Password, fmt.Sprintf("drop user if exists %s", user)); err != nil { + global.LOG.Errorf("drop user failed, err: %v", err) + } + } +} + func excuteSqlForMaps(containerName, password, command string) (map[string]string, error) { cmd := exec.Command("docker", "exec", containerName, "mysql", "-uroot", "-p"+password, "-e", command) stdout, err := cmd.CombinedOutput() diff --git a/frontend/src/lang/modules/en.ts b/frontend/src/lang/modules/en.ts index 96c0958d0711..bee150b6072e 100644 --- a/frontend/src/lang/modules/en.ts +++ b/frontend/src/lang/modules/en.ts @@ -300,7 +300,7 @@ const message = { loadBackup: 'Import', setting: 'Settings', remoteAccess: 'Remote access', - remoteHelper: 'One in a row, for example:\n172.16.10.111\n172.16.10.112', + remoteHelper: 'Multiple IP comma-delimited, example: 172.16.10.111, 172.16.10.112', remoteConnHelper: 'Remote connection to mysql as user root may have security risks. Therefore, perform this operation with caution.', changePassword: 'Password', diff --git a/frontend/src/lang/modules/zh.ts b/frontend/src/lang/modules/zh.ts index e8f36afcb211..3dde7c4285fc 100644 --- a/frontend/src/lang/modules/zh.ts +++ b/frontend/src/lang/modules/zh.ts @@ -314,7 +314,7 @@ const message = { loadBackup: '导入备份', setting: '设置', remoteAccess: '远程访问', - remoteHelper: '一行一个,例:\n172.16.10.111\n172.16.10.112', + remoteHelper: '多个 ip 以逗号分隔,例:172.16.10.111,172.16.10.112', remoteConnHelper: 'root 帐号远程连接 mysql 有安全风险,开启需谨慎!', changePassword: '改密', changePasswordHelper: '当前数据库已经关联应用,修改密码将同步修改应用中数据库密码,修改后重启生效。', diff --git a/frontend/src/views/database/mysql/create/index.vue b/frontend/src/views/database/mysql/create/index.vue index 680dc63eaf33..2653c9514045 100644 --- a/frontend/src/views/database/mysql/create/index.vue +++ b/frontend/src/views/database/mysql/create/index.vue @@ -37,7 +37,13 @@ - + + {{ $t('database.remoteHelper') }} @@ -131,6 +137,10 @@ const onSubmit = async (formEl: FormInstance | undefined) => { createVisiable.value = false; }) .catch(() => { + if (form.permission != '%') { + form.permissionIPs = form.permission; + form.permission = 'ip'; + } loading.value = false; }); }); diff --git a/frontend/src/views/database/mysql/password/index.vue b/frontend/src/views/database/mysql/password/index.vue index 2cc2ddb64b5b..e37b2542a360 100644 --- a/frontend/src/views/database/mysql/password/index.vue +++ b/frontend/src/views/database/mysql/password/index.vue @@ -38,12 +38,12 @@ :rules="Rules.requiredInput" > + {{ $t('database.remoteHelper') }} @@ -158,7 +158,7 @@ const submitChangeInfo = async (formEl: FormInstance | undefined) => { if (changeForm.privilege !== 'ip') { param.value = changeForm.privilege; } else { - param.value = changeForm.privilegeIPs.replaceAll('/n', ','); + param.value = changeForm.privilegeIPs; } loading.value = true; await updateMysqlAccess(param)