gratan 0.1.4 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2c3510ebf4368b03f36389baa49df8f7e85c1b86
-  data.tar.gz: 79e2f1a39804c36d0fcd0d7d7baf87c70dec0d44
+  metadata.gz: 3451238bb0c3d7aa0d0069c56329a421a7250bc0
+  data.tar.gz: ccd1281b0e7207b22bd92fbaf8179d463b3f6df3
 SHA512:
-  metadata.gz: 571d09776900638414956154e14cc65055262092958e52af3524b772f8b3479bbc8ea1071030a781f181a8c9066446062ef36c4b0fd08b2422c491b0f47ac92e
-  data.tar.gz: 4ff0f03f09744d1e2ae66d3cc440c445f66bce0dcb9023e1b599fd54daeb96ea89a19a43cfcc358e3fb13d89d7c8e486efbea6da3bcf763345fe37797b094857
+  metadata.gz: 6c3a808d92306537c82650686ed9fe35bace9892ae1b43ef7774ba22dbfc11b56f78c8c6eec09d498d1f89ea9680354a2f6e554d0dec3d81a0d003636fe4623c
+  data.tar.gz: 80b1e1816218d55a88680eb2627a028b2a21d782784e913875bd43adcd7bc0d65d092144fdcb094b1d7a700385ce3a8e61f39f6f7ee807fdd9275a68a0ec8636

data/README.md

@@ -73,6 +73,11 @@ user "scott", "%" do
     grant "SELECT"
     grant "INSERT"
   end
+
+  on /^foo\.prefix_/ do
+    grant "SELECT"
+    grant "INSERT"
+  end
 end
 
 user "scott", "localhost", expired: '2014/10/10' do

data/lib/gratan/client.rb

@@ -103,15 +103,17 @@ class Gratan::Client
   end
 
   def walk_objects(user, host, expected_objects, actual_objects)
-    expected_objects.each do |object, expected_options|
-      expected_options ||= {}
-      actual_options = actual_objects.delete(object)
-
-      if actual_options
-        walk_object(user, host, object, expected_options, actual_options)
-      else
-        @driver.grant(user, host, object, expected_options)
-        update!
+    expected_objects.each do |object_or_regexp, expected_options|
+      @driver.expand_object(object_or_regexp).each do |object|
+        expected_options ||= {}
+        actual_options = actual_objects.delete(object)
+
+        if actual_options
+          walk_object(user, host, object, expected_options, actual_options)
+        else
+          @driver.grant(user, host, object, expected_options)
+          update!
+        end
       end
     end
 

data/lib/gratan/driver.rb

@@ -18,12 +18,44 @@ class Gratan::Driver
     end
   end
 
+  def show_databases
+    query("SHOW DATABASES").map {|i| i.values.first }
+  end
+
+  def show_tables(database)
+    query("SHOW TABLES FROM `#{database}`").map {|i| i.values.first }
+  end
+
+  def show_all_tables
+    @all_tables ||= show_databases.map {|database|
+      show_tables(database).map do |table|
+        "#{database}.#{table}"
+      end
+    }.flatten
+  end
+
+  def expand_object(object_or_regexp)
+    if object_or_regexp.kind_of?(Regexp)
+      show_all_tables.select {|i| i =~ object_or_regexp }
+    else
+      [object_or_regexp]
+    end
+  end
+
   def create_user(user, host, options = {})
     objects = options[:objects]
     grant_options = options[:options]
+    granted = false
+
+    objects.each do |object_or_regexp, object_options|
+      expand_object(object_or_regexp).each do |object|
+        grant(user, host, object, grant_options.merge(object_options))
+        granted = true
+      end
+    end
 
-    objects.each do |object, object_options|
-      grant(user, host, object, grant_options.merge(object_options))
+    unless granted
+      log(:warn, "there was no privileges to grant to #{quote_user(user, host)}", :color => :yellow)
     end
   end
 

data/lib/gratan/dsl/context/user.rb

@@ -12,7 +12,7 @@ class Gratan::DSL::Context::User
   end
 
   def on(name, options = {}, &block)
-    name = name.to_s
+    name = name.kind_of?(Regexp) ? name : name.to_s
 
     __validate("Object `#{name}` is already defined") do
       not @result.has_key?(name)

data/lib/gratan/version.rb

@@ -1,3 +1,3 @@
 module Gratan
-  VERSION = '0.1.4'
+  VERSION = '0.1.5'
 end

data/spec/change/change_grants_regexp_spec.rb

@@ -0,0 +1,144 @@
+describe 'Gratan::Client#apply' do
+  before(:each) do
+    apply {
+      <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+end
+      RUBY
+    }
+  end
+
+  context 'when change privs using regexp' do
+    subject { client }
+
+    it do
+      dsl = <<-RUBY
+user 'scott', 'localhost', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on /\\Agratan_test\\.(foo|bar)\\z/ do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+
+  on /\\Agratan_test\\.z/ do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+      RUBY
+
+      create_tables(:foo, :bar, :zoo, :baz) do
+        apply(subject) { dsl }
+
+        expect(show_grants).to match_array [
+          "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+          "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+          "GRANT SELECT, INSERT ON `gratan_test`.`bar` TO 'scott'@'localhost'",
+          "GRANT SELECT, INSERT ON `gratan_test`.`foo` TO 'scott'@'localhost'",
+          "GRANT UPDATE, DELETE ON `gratan_test`.`zoo` TO 'bob'@'localhost'",
+          "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+          "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+        ]
+      end
+    end
+  end
+
+  context 'when no change privs using regexp' do
+    subject { client }
+
+    it do
+      dsl = <<-RUBY
+user 'scott', 'localhost', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+
+  on /\\Agratan_test\\.x(foo|bar)\\z/ do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+end
+
+user 'bob', 'localhost' do
+  on '*.*' do
+    grant 'USAGE'
+  end
+
+  on 'test.*' do
+    grant 'ALL PRIVILEGES'
+  end
+
+  on /\\Agratan_test\\.xz/ do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+      RUBY
+
+      create_tables(:foo, :bar, :zoo, :baz) do
+        result = apply(subject) { dsl }
+        expect(result).to be_falsey
+
+        expect(show_grants).to match_array [
+          "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
+          "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+          "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+          "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+          "GRANT USAGE ON *.* TO 'bob'@'localhost'",
+        ]
+      end
+    end
+  end
+end

data/spec/create/create_user_regexp_spec.rb

@@ -0,0 +1,67 @@
+describe 'Gratan::Client#apply' do
+  context 'when create user using regexp' do
+    subject { client }
+
+    it do
+      dsl = <<-RUBY
+user 'scott', 'localhost', identified: 'tiger' do
+  on 'test.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on /\\Agratan_test\\.(foo|bar)\\z/ do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on /\\Agratan_test\\.z/ do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+end
+      RUBY
+
+      create_tables(:foo, :bar, :zoo, :baz) do
+        apply(subject) { dsl }
+
+        expect(show_grants).to match_array [
+          "GRANT SELECT, INSERT ON `gratan_test`.`bar` TO 'scott'@'localhost'",
+          "GRANT SELECT, INSERT ON `gratan_test`.`foo` TO 'scott'@'localhost'",
+          "GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+          "GRANT UPDATE, DELETE ON `gratan_test`.`zoo` TO 'scott'@'localhost'",
+          "GRANT USAGE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40'",
+        ]
+      end
+    end
+  end
+
+  context 'when create user using regexp (no privileges)' do
+    let(:logger) do
+      logger = Logger.new('/dev/null')
+      expect(logger).to receive(:warn).with("[WARN] there was no privileges to grant to 'scott'@'localhost'")
+      logger
+    end
+
+    subject { client(logger: logger) }
+
+    it do
+      dsl = <<-RUBY
+user 'scott', 'localhost', identified: 'tiger' do
+  on /\\Agratan_test\\.x(foo|bar)\\z/ do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+end
+      RUBY
+
+      create_tables(:foo, :bar, :zoo, :baz) do
+        apply(subject) { dsl }
+
+        expect(show_grants).to match_array []
+      end
+    end
+  end
+end

data/spec/misc/misc_spec.rb

@@ -37,8 +37,12 @@ end
 
   context 'when set debug' do
     let(:logger) do
-      logger = Gratan::Logger.instance
+      logger = Gratan::Logger.send(:new)
       logger.set_debug(true)
+      expect(logger).to receive(:debug).with("[DEBUG] SET SQL_LOG_BIN = 0")
+      expect(logger).to receive(:debug).with("[DEBUG] SELECT user, host FROM mysql.user")
+      expect(logger).to receive(:info).with("GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY 'tiger'")
+      expect(logger).to receive(:info).with("GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost' IDENTIFIED BY 'tiger'")
       logger
     end
 

data/spec/spec_helper.rb

@@ -15,6 +15,7 @@ require 'tempfile'
 require 'timecop'
 
 IGNORE_USER = /\A(|root)\z/
+TEST_DATABASE = 'gratan_test'
 
 RSpec.configure do |config|
   config.before(:each) do
@@ -36,6 +37,31 @@ def mysql
   retval
 end
 
+def create_database(client)
+  client.query("CREATE DATABASE #{TEST_DATABASE}")
+end
+
+def drop_database(client)
+  client.query("DROP DATABASE IF EXISTS #{TEST_DATABASE}")
+end
+
+def create_table(client, table)
+  client.query("CREATE TABLE #{TEST_DATABASE}.#{table} (id INT)")
+end
+
+def create_tables(*tables)
+  mysql do |client|
+    begin
+      drop_database(client)
+      create_database(client)
+      tables.each {|i| create_table(client, i) }
+      yield
+    ensure
+      drop_database(client)
+    end
+  end
+end
+
 def select_users(client)
   users = []
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gratan
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Genki Sugawara
@@ -146,9 +146,11 @@ files:
 - spec/change/change_grants_2_spec.rb
 - spec/change/change_grants_3_spec.rb
 - spec/change/change_grants_4_spec.rb
+- spec/change/change_grants_regexp_spec.rb
 - spec/change/change_grants_spec.rb
 - spec/create/create_user_2_spec.rb
 - spec/create/create_user_3_spec.rb
+- spec/create/create_user_regexp_spec.rb
 - spec/create/create_user_spec.rb
 - spec/drop/drop_user_2_spec.rb
 - spec/drop/drop_user_spec.rb
@@ -177,7 +179,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.4.1
 signing_key: 
 specification_version: 4
 summary: Gratan is a tool to manage MySQL permissions using Ruby DSL.
@@ -185,9 +187,11 @@ test_files:
 - spec/change/change_grants_2_spec.rb
 - spec/change/change_grants_3_spec.rb
 - spec/change/change_grants_4_spec.rb
+- spec/change/change_grants_regexp_spec.rb
 - spec/change/change_grants_spec.rb
 - spec/create/create_user_2_spec.rb
 - spec/create/create_user_3_spec.rb
+- spec/create/create_user_regexp_spec.rb
 - spec/create/create_user_spec.rb
 - spec/drop/drop_user_2_spec.rb
 - spec/drop/drop_user_spec.rb