Merge pull request #69 from github/check-privileges
more elaborate check that user has privileges
This commit is contained in:
commit
5a8688ee2e
@ -145,6 +145,21 @@ func (this *Inspector) validateConnection() error {
|
|||||||
// validateGrants verifies the user by which we're executing has necessary grants
|
// validateGrants verifies the user by which we're executing has necessary grants
|
||||||
// to do its thang.
|
// to do its thang.
|
||||||
func (this *Inspector) validateGrants() error {
|
func (this *Inspector) validateGrants() error {
|
||||||
|
stringContainsAll := func(s string, substrings ...string) bool {
|
||||||
|
nonEmptyStringsFound := false
|
||||||
|
for _, substring := range substrings {
|
||||||
|
if s == "" {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
if strings.Contains(s, substring) {
|
||||||
|
nonEmptyStringsFound = true
|
||||||
|
} else {
|
||||||
|
// Immediate failure
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nonEmptyStringsFound
|
||||||
|
}
|
||||||
query := `show /* gh-ost */ grants for current_user()`
|
query := `show /* gh-ost */ grants for current_user()`
|
||||||
foundAll := false
|
foundAll := false
|
||||||
foundSuper := false
|
foundSuper := false
|
||||||
@ -166,6 +181,12 @@ func (this *Inspector) validateGrants() error {
|
|||||||
if strings.Contains(grant, fmt.Sprintf("GRANT ALL PRIVILEGES ON `%s`.*", this.migrationContext.DatabaseName)) {
|
if strings.Contains(grant, fmt.Sprintf("GRANT ALL PRIVILEGES ON `%s`.*", this.migrationContext.DatabaseName)) {
|
||||||
foundDBAll = true
|
foundDBAll = true
|
||||||
}
|
}
|
||||||
|
if stringContainsAll(grant, `ALTER`, `CREATE`, `DELETE`, `DROP`, `INDEX`, `INSERT`, `LOCK TABLES`, `SELECT`, `TRIGGER`, `UPDATE`, ` ON *.*`) {
|
||||||
|
foundDBAll = true
|
||||||
|
}
|
||||||
|
if stringContainsAll(grant, `ALTER`, `CREATE`, `DELETE`, `DROP`, `INDEX`, `INSERT`, `LOCK TABLES`, `SELECT`, `TRIGGER`, `UPDATE`, fmt.Sprintf(" ON `%s`.*", this.migrationContext.DatabaseName)) {
|
||||||
|
foundDBAll = true
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user