Skip to content

Commit

Permalink
Loaded persisted superusers from disk; adding the ability to mark use…
Browse files Browse the repository at this point in the history
…rs as ephemeral to avoid persisting them
  • Loading branch information
fulghum committed Dec 18, 2024
1 parent 85adcd5 commit 5f1e3d7
Show file tree
Hide file tree
Showing 3 changed files with 44 additions and 6 deletions.
44 changes: 39 additions & 5 deletions sql/mysql_db/mysql_db.go
Original file line number Diff line number Diff line change
Expand Up @@ -413,6 +413,15 @@ func (db *MySQLDb) LoadData(ctx *sql.Context, buf []byte) (err error) {
ed.PutReplicaSourceInfo(replicaSourceInfo)
}

// Load superusers
for i := 0; i < serialMySQLDb.SuperUserLength(); i++ {
serialUser := new(serial.User)
if !serialMySQLDb.SuperUser(serialUser, i) {
continue
}
ed.PutUser(LoadUser(serialUser))
}

// TODO: fill in other tables when they exist
return
}
Expand Down Expand Up @@ -508,6 +517,29 @@ func (db *MySQLDb) AddRootAccount() {
db.AddSuperUser(ed, "root", "localhost", "")
}

// AddEphemeralSuperUser adds a new temporary superuser account for the specified username, host,
// and password. The superuser account will only exist for the lifetime of the server process; once
// the server is restarted, this superuser account will not be present.
func (db *MySQLDb) AddEphemeralSuperUser(ed *Editor, username string, host string, password string) {
db.SetEnabled(true)
if len(password) > 0 {
hash := sha1.New()
hash.Write([]byte(password))
s1 := hash.Sum(nil)
hash.Reset()
hash.Write(s1)
s2 := hash.Sum(nil)
password = "*" + strings.ToUpper(hex.EncodeToString(s2))
}

if _, ok := ed.GetUser(UserPrimaryKey{
Host: host,
User: username,
}); !ok {
addSuperUser(ed, username, host, password, true)
}
}

// AddSuperUser adds the given username and password to the list of accounts. This is a temporary function, which is
// meant to replace the "auth.New..." functions while the remaining functions are added.
func (db *MySQLDb) AddSuperUser(ed *Editor, username string, host string, password string) {
Expand All @@ -527,7 +559,7 @@ func (db *MySQLDb) AddSuperUser(ed *Editor, username string, host string, passwo
Host: host,
User: username,
}); !ok {
addSuperUser(ed, username, host, password)
addSuperUser(ed, username, host, password, false)
}
}

Expand Down Expand Up @@ -803,10 +835,12 @@ func (db *MySQLDb) Persist(ctx *sql.Context, ed *Editor) error {
var users []*User
var superUsers []*User
ed.VisitUsers(func(u *User) {
if !u.IsSuperUser {
users = append(users, u)
} else {
superUsers = append(superUsers, u)
if !u.IsEphemeral {
if !u.IsSuperUser {
users = append(users, u)
} else {
superUsers = append(superUsers, u)
}
}
})
sort.Slice(users, func(i, j int) bool {
Expand Down
3 changes: 3 additions & 0 deletions sql/mysql_db/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,9 @@ type User struct {
Attributes *string
Identity string
IsSuperUser bool
// IsEphemeral is true if this user is ephemeral, meaning it will only exist
// for the lifetime of the server process and will not be persisted to disk.
IsEphemeral bool
//TODO: add the remaining fields

// IsRole is an additional field that states whether the User represents a role or user. In MySQL this must be a
Expand Down
3 changes: 2 additions & 1 deletion sql/mysql_db/user_table.go
Original file line number Diff line number Diff line change
Expand Up @@ -215,7 +215,7 @@ func init() {
}
}

func addSuperUser(ed *Editor, username string, host string, authString string) {
func addSuperUser(ed *Editor, username string, host string, authString string, ephemeral bool) {
ed.PutUser(&User{
User: username,
Host: host,
Expand All @@ -227,6 +227,7 @@ func addSuperUser(ed *Editor, username string, host string, authString string) {
Attributes: nil,
IsRole: false,
IsSuperUser: true,
IsEphemeral: ephemeral,
})
}

Expand Down

0 comments on commit 5f1e3d7

Please sign in to comment.