// UpdateContainerUser updates a database users preferences on a given container db func UpdateContainerUser(w rest.ResponseWriter, r *rest.Request) { dbConn, err := util.GetConnection(CLUSTERADMIN_DB) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), 400) return } defer dbConn.Close() postMsg := types.NodeUser{} err = r.DecodeJsonPayload(&postMsg) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusInternalServerError) return } err = secimpl.Authorize(dbConn, postMsg.Token, "perm-user") if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusUnauthorized) return } if postMsg.ID == "" { logit.Error.Println("UpdateContainerUser: error node ID required") rest.Error(w, "ID required", 400) return } if postMsg.Rolname == "" { logit.Error.Println("UpdateContainerUser: error node Rolname required") rest.Error(w, "Rolname required", 400) return } //create user on the container //get container info var node types.Container node, err = admindb.GetContainer(dbConn, postMsg.ID) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusBadRequest) return } if postMsg.Passwd == "" { } else { //update the password } var credential types.Credential credential, err = admindb.GetUserCredentials(dbConn, &node) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusBadRequest) return } var dbConn2 *sql.DB dbConn2, err = util.GetMonitoringConnection(credential.Host, credential.Username, credential.Port, credential.Database, credential.Password) defer dbConn2.Close() var SUPERUSER = "******" var INHERIT = "INHERIT" var CREATEROLE = "CREATEROLE" var CREATEDB = "CREATEDB" var LOGIN = "******" var REPLICATION = "REPLICATION" logit.Info.Println("Rolsuper is " + strconv.FormatBool(postMsg.Rolsuper)) if !postMsg.Rolsuper { SUPERUSER = "******" } if !postMsg.Rolinherit { INHERIT = "NOINHERIT" } if !postMsg.Rolcreaterole { CREATEROLE = "NOCREATEROLE" } if !postMsg.Rolcreatedb { CREATEDB = "NOCREATEDB" } if !postMsg.Rollogin { LOGIN = "******" } if !postMsg.Rolreplication { REPLICATION = "NOREPLICATION" } query := "alter user " + postMsg.Rolname + " " + SUPERUSER + " " + INHERIT + " " + CREATEROLE + " " + CREATEDB + " " + LOGIN + " " + REPLICATION + " " if postMsg.Passwd != "" { query = query + " PASSWORD '" + postMsg.Passwd + "'" } logit.Info.Println(query) _, err = dbConn2.Query(query) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusBadRequest) return } var userexists = true _, err = admindb.GetContainerUser(dbConn, node.Name, postMsg.Rolname) if err == sql.ErrNoRows { // Handle no rows userexists = false } else if err != nil { // Handle actual error logit.Error.Println(err.Error()) rest.Error(w, err.Error(), 400) return } if postMsg.Passwd != "" { //update user's password dbuser := types.ContainerUser{} dbuser.Containername = node.Name dbuser.Passwd = postMsg.Passwd dbuser.Rolname = postMsg.Rolname if userexists { err = admindb.UpdateContainerUser(dbConn, dbuser) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), 400) return } } } w.WriteHeader(http.StatusOK) status := types.SimpleStatus{} status.Status = "OK" w.WriteJson(&status) }
// DeleteContainerUser deletes a database user on a given container func DeleteContainerUser(w rest.ResponseWriter, r *rest.Request) { dbConn, err := util.GetConnection(CLUSTERADMIN_DB) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), 400) return } defer dbConn.Close() err = secimpl.Authorize(dbConn, r.PathParam("Token"), "perm-backup") if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusUnauthorized) return } ContainerID := r.PathParam("ContainerID") if ContainerID == "" { rest.Error(w, "ContainerID required", 400) return } rolname := r.PathParam("Rolname") if rolname == "" { rest.Error(w, "Rolname required", 400) return } //get node info node, err := admindb.GetContainer(dbConn, ContainerID) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusBadRequest) return } var userexists = true _, err = admindb.GetContainerUser(dbConn, node.Name, rolname) if err == sql.ErrNoRows { // Handle no rows userexists = false } else if err != nil { // Handle actual error logit.Error.Println(err.Error()) rest.Error(w, err.Error(), 400) return } //only delete if there is a container user if userexists { err = admindb.DeleteContainerUser(dbConn, node.Name, rolname) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), 400) return } } var credential types.Credential credential, err = admindb.GetUserCredentials(dbConn, &node) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusBadRequest) return } var dbConn2 *sql.DB dbConn2, err = util.GetMonitoringConnection(credential.Host, credential.Username, credential.Port, credential.Database, credential.Password) defer dbConn2.Close() query := "drop role " + rolname logit.Info.Println(query) _, err = dbConn2.Query(query) if err != nil { logit.Error.Println(err.Error()) rest.Error(w, err.Error(), http.StatusBadRequest) return } w.WriteHeader(http.StatusOK) status := types.SimpleStatus{} status.Status = "OK" w.WriteJson(&status) }