// UpdateContainerUser updates a database users preferences on a given container db
func UpdateContainerUser(w rest.ResponseWriter, r *rest.Request) {
dbConn, err := util.GetConnection(CLUSTERADMIN_DB)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), 400)
return
}
defer dbConn.Close()
postMsg := types.NodeUser{}
err = r.DecodeJsonPayload(&postMsg)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusInternalServerError)
return
}
err = secimpl.Authorize(dbConn, postMsg.Token, "perm-user")
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusUnauthorized)
return
}
if postMsg.ID == "" {
logit.Error.Println("UpdateContainerUser: error node ID required")
rest.Error(w, "ID required", 400)
return
}
if postMsg.Rolname == "" {
logit.Error.Println("UpdateContainerUser: error node Rolname required")
rest.Error(w, "Rolname required", 400)
return
}
//create user on the container
//get container info
var node types.Container
node, err = admindb.GetContainer(dbConn, postMsg.ID)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusBadRequest)
return
}
if postMsg.Passwd == "" {
} else {
//update the password
}
var credential types.Credential
credential, err = admindb.GetUserCredentials(dbConn, &node)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusBadRequest)
return
}
var dbConn2 *sql.DB
dbConn2, err = util.GetMonitoringConnection(credential.Host,
credential.Username,
credential.Port, credential.Database, credential.Password)
defer dbConn2.Close()
var SUPERUSER = "******"
var INHERIT = "INHERIT"
var CREATEROLE = "CREATEROLE"
var CREATEDB = "CREATEDB"
var LOGIN = "******"
var REPLICATION = "REPLICATION"
logit.Info.Println("Rolsuper is " + strconv.FormatBool(postMsg.Rolsuper))
if !postMsg.Rolsuper {
SUPERUSER = "******"
}
if !postMsg.Rolinherit {
INHERIT = "NOINHERIT"
}
if !postMsg.Rolcreaterole {
CREATEROLE = "NOCREATEROLE"
}
if !postMsg.Rolcreatedb {
CREATEDB = "NOCREATEDB"
}
if !postMsg.Rollogin {
LOGIN = "******"
}
if !postMsg.Rolreplication {
REPLICATION = "NOREPLICATION"
}
query := "alter user " + postMsg.Rolname + " " +
SUPERUSER + " " +
INHERIT + " " +
CREATEROLE + " " +
CREATEDB + " " +
LOGIN + " " +
REPLICATION + " "
if postMsg.Passwd != "" {
query = query + " PASSWORD '" + postMsg.Passwd + "'"
}
logit.Info.Println(query)
_, err = dbConn2.Query(query)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusBadRequest)
return
}
var userexists = true
_, err = admindb.GetContainerUser(dbConn, node.Name, postMsg.Rolname)
if err == sql.ErrNoRows {
// Handle no rows
userexists = false
} else if err != nil {
// Handle actual error
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), 400)
return
}
if postMsg.Passwd != "" {
//update user's password
dbuser := types.ContainerUser{}
dbuser.Containername = node.Name
dbuser.Passwd = postMsg.Passwd
dbuser.Rolname = postMsg.Rolname
if userexists {
err = admindb.UpdateContainerUser(dbConn, dbuser)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), 400)
return
}
}
}
w.WriteHeader(http.StatusOK)
status := types.SimpleStatus{}
status.Status = "OK"
w.WriteJson(&status)
}
// DeleteContainerUser deletes a database user on a given container
func DeleteContainerUser(w rest.ResponseWriter, r *rest.Request) {
dbConn, err := util.GetConnection(CLUSTERADMIN_DB)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), 400)
return
}
defer dbConn.Close()
err = secimpl.Authorize(dbConn, r.PathParam("Token"), "perm-backup")
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusUnauthorized)
return
}
ContainerID := r.PathParam("ContainerID")
if ContainerID == "" {
rest.Error(w, "ContainerID required", 400)
return
}
rolname := r.PathParam("Rolname")
if rolname == "" {
rest.Error(w, "Rolname required", 400)
return
}
//get node info
node, err := admindb.GetContainer(dbConn, ContainerID)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusBadRequest)
return
}
var userexists = true
_, err = admindb.GetContainerUser(dbConn, node.Name, rolname)
if err == sql.ErrNoRows {
// Handle no rows
userexists = false
} else if err != nil {
// Handle actual error
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), 400)
return
}
//only delete if there is a container user
if userexists {
err = admindb.DeleteContainerUser(dbConn, node.Name, rolname)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), 400)
return
}
}
var credential types.Credential
credential, err = admindb.GetUserCredentials(dbConn, &node)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusBadRequest)
return
}
var dbConn2 *sql.DB
dbConn2, err = util.GetMonitoringConnection(credential.Host,
credential.Username,
credential.Port, credential.Database, credential.Password)
defer dbConn2.Close()
query := "drop role " + rolname
logit.Info.Println(query)
_, err = dbConn2.Query(query)
if err != nil {
logit.Error.Println(err.Error())
rest.Error(w, err.Error(), http.StatusBadRequest)
return
}
w.WriteHeader(http.StatusOK)
status := types.SimpleStatus{}
status.Status = "OK"
w.WriteJson(&status)
}
