gratan 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2c3510ebf4368b03f36389baa49df8f7e85c1b86
4
- data.tar.gz: 79e2f1a39804c36d0fcd0d7d7baf87c70dec0d44
3
+ metadata.gz: 3451238bb0c3d7aa0d0069c56329a421a7250bc0
4
+ data.tar.gz: ccd1281b0e7207b22bd92fbaf8179d463b3f6df3
5
5
  SHA512:
6
- metadata.gz: 571d09776900638414956154e14cc65055262092958e52af3524b772f8b3479bbc8ea1071030a781f181a8c9066446062ef36c4b0fd08b2422c491b0f47ac92e
7
- data.tar.gz: 4ff0f03f09744d1e2ae66d3cc440c445f66bce0dcb9023e1b599fd54daeb96ea89a19a43cfcc358e3fb13d89d7c8e486efbea6da3bcf763345fe37797b094857
6
+ metadata.gz: 6c3a808d92306537c82650686ed9fe35bace9892ae1b43ef7774ba22dbfc11b56f78c8c6eec09d498d1f89ea9680354a2f6e554d0dec3d81a0d003636fe4623c
7
+ data.tar.gz: 80b1e1816218d55a88680eb2627a028b2a21d782784e913875bd43adcd7bc0d65d092144fdcb094b1d7a700385ce3a8e61f39f6f7ee807fdd9275a68a0ec8636
data/README.md CHANGED
@@ -73,6 +73,11 @@ user "scott", "%" do
73
73
  grant "SELECT"
74
74
  grant "INSERT"
75
75
  end
76
+
77
+ on /^foo\.prefix_/ do
78
+ grant "SELECT"
79
+ grant "INSERT"
80
+ end
76
81
  end
77
82
 
78
83
  user "scott", "localhost", expired: '2014/10/10' do
data/lib/gratan/client.rb CHANGED
@@ -103,15 +103,17 @@ class Gratan::Client
103
103
  end
104
104
 
105
105
  def walk_objects(user, host, expected_objects, actual_objects)
106
- expected_objects.each do |object, expected_options|
107
- expected_options ||= {}
108
- actual_options = actual_objects.delete(object)
109
-
110
- if actual_options
111
- walk_object(user, host, object, expected_options, actual_options)
112
- else
113
- @driver.grant(user, host, object, expected_options)
114
- update!
106
+ expected_objects.each do |object_or_regexp, expected_options|
107
+ @driver.expand_object(object_or_regexp).each do |object|
108
+ expected_options ||= {}
109
+ actual_options = actual_objects.delete(object)
110
+
111
+ if actual_options
112
+ walk_object(user, host, object, expected_options, actual_options)
113
+ else
114
+ @driver.grant(user, host, object, expected_options)
115
+ update!
116
+ end
115
117
  end
116
118
  end
117
119
 
data/lib/gratan/driver.rb CHANGED
@@ -18,12 +18,44 @@ class Gratan::Driver
18
18
  end
19
19
  end
20
20
 
21
+ def show_databases
22
+ query("SHOW DATABASES").map {|i| i.values.first }
23
+ end
24
+
25
+ def show_tables(database)
26
+ query("SHOW TABLES FROM `#{database}`").map {|i| i.values.first }
27
+ end
28
+
29
+ def show_all_tables
30
+ @all_tables ||= show_databases.map {|database|
31
+ show_tables(database).map do |table|
32
+ "#{database}.#{table}"
33
+ end
34
+ }.flatten
35
+ end
36
+
37
+ def expand_object(object_or_regexp)
38
+ if object_or_regexp.kind_of?(Regexp)
39
+ show_all_tables.select {|i| i =~ object_or_regexp }
40
+ else
41
+ [object_or_regexp]
42
+ end
43
+ end
44
+
21
45
  def create_user(user, host, options = {})
22
46
  objects = options[:objects]
23
47
  grant_options = options[:options]
48
+ granted = false
49
+
50
+ objects.each do |object_or_regexp, object_options|
51
+ expand_object(object_or_regexp).each do |object|
52
+ grant(user, host, object, grant_options.merge(object_options))
53
+ granted = true
54
+ end
55
+ end
24
56
 
25
- objects.each do |object, object_options|
26
- grant(user, host, object, grant_options.merge(object_options))
57
+ unless granted
58
+ log(:warn, "there was no privileges to grant to #{quote_user(user, host)}", :color => :yellow)
27
59
  end
28
60
  end
29
61
 
@@ -12,7 +12,7 @@ class Gratan::DSL::Context::User
12
12
  end
13
13
 
14
14
  def on(name, options = {}, &block)
15
- name = name.to_s
15
+ name = name.kind_of?(Regexp) ? name : name.to_s
16
16
 
17
17
  __validate("Object `#{name}` is already defined") do
18
18
  not @result.has_key?(name)
@@ -1,3 +1,3 @@
1
1
  module Gratan
2
- VERSION = '0.1.4'
2
+ VERSION = '0.1.5'
3
3
  end
@@ -0,0 +1,144 @@
1
+ describe 'Gratan::Client#apply' do
2
+ before(:each) do
3
+ apply {
4
+ <<-RUBY
5
+ user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
6
+ on '*.*' do
7
+ grant 'SELECT'
8
+ grant 'INSERT'
9
+ end
10
+
11
+ on 'test.*' do
12
+ grant 'UPDATE'
13
+ grant 'DELETE'
14
+ end
15
+
16
+ on 'mysql.user' do
17
+ grant 'SELECT (user)'
18
+ end
19
+ end
20
+
21
+ user 'bob', 'localhost' do
22
+ on '*.*' do
23
+ grant 'USAGE'
24
+ end
25
+
26
+ on 'test.*' do
27
+ grant 'ALL PRIVILEGES'
28
+ end
29
+ end
30
+ RUBY
31
+ }
32
+ end
33
+
34
+ context 'when change privs using regexp' do
35
+ subject { client }
36
+
37
+ it do
38
+ dsl = <<-RUBY
39
+ user 'scott', 'localhost', required: 'SSL' do
40
+ on '*.*' do
41
+ grant 'SELECT'
42
+ grant 'INSERT'
43
+ end
44
+
45
+ on 'test.*' do
46
+ grant 'UPDATE'
47
+ grant 'DELETE'
48
+ end
49
+
50
+ on /\\Agratan_test\\.(foo|bar)\\z/ do
51
+ grant 'SELECT'
52
+ grant 'INSERT'
53
+ end
54
+ end
55
+
56
+ user 'bob', 'localhost' do
57
+ on '*.*' do
58
+ grant 'USAGE'
59
+ end
60
+
61
+ on 'test.*' do
62
+ grant 'ALL PRIVILEGES'
63
+ end
64
+
65
+ on /\\Agratan_test\\.z/ do
66
+ grant 'UPDATE'
67
+ grant 'DELETE'
68
+ end
69
+ end
70
+ RUBY
71
+
72
+ create_tables(:foo, :bar, :zoo, :baz) do
73
+ apply(subject) { dsl }
74
+
75
+ expect(show_grants).to match_array [
76
+ "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
77
+ "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
78
+ "GRANT SELECT, INSERT ON `gratan_test`.`bar` TO 'scott'@'localhost'",
79
+ "GRANT SELECT, INSERT ON `gratan_test`.`foo` TO 'scott'@'localhost'",
80
+ "GRANT UPDATE, DELETE ON `gratan_test`.`zoo` TO 'bob'@'localhost'",
81
+ "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
82
+ "GRANT USAGE ON *.* TO 'bob'@'localhost'",
83
+ ]
84
+ end
85
+ end
86
+ end
87
+
88
+ context 'when no change privs using regexp' do
89
+ subject { client }
90
+
91
+ it do
92
+ dsl = <<-RUBY
93
+ user 'scott', 'localhost', required: 'SSL' do
94
+ on '*.*' do
95
+ grant 'SELECT'
96
+ grant 'INSERT'
97
+ end
98
+
99
+ on 'test.*' do
100
+ grant 'UPDATE'
101
+ grant 'DELETE'
102
+ end
103
+
104
+ on 'mysql.user' do
105
+ grant 'SELECT (user)'
106
+ end
107
+
108
+ on /\\Agratan_test\\.x(foo|bar)\\z/ do
109
+ grant 'SELECT'
110
+ grant 'INSERT'
111
+ end
112
+ end
113
+
114
+ user 'bob', 'localhost' do
115
+ on '*.*' do
116
+ grant 'USAGE'
117
+ end
118
+
119
+ on 'test.*' do
120
+ grant 'ALL PRIVILEGES'
121
+ end
122
+
123
+ on /\\Agratan_test\\.xz/ do
124
+ grant 'UPDATE'
125
+ grant 'DELETE'
126
+ end
127
+ end
128
+ RUBY
129
+
130
+ create_tables(:foo, :bar, :zoo, :baz) do
131
+ result = apply(subject) { dsl }
132
+ expect(result).to be_falsey
133
+
134
+ expect(show_grants).to match_array [
135
+ "GRANT ALL PRIVILEGES ON `test`.* TO 'bob'@'localhost'",
136
+ "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
137
+ "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
138
+ "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
139
+ "GRANT USAGE ON *.* TO 'bob'@'localhost'",
140
+ ]
141
+ end
142
+ end
143
+ end
144
+ end
@@ -0,0 +1,67 @@
1
+ describe 'Gratan::Client#apply' do
2
+ context 'when create user using regexp' do
3
+ subject { client }
4
+
5
+ it do
6
+ dsl = <<-RUBY
7
+ user 'scott', 'localhost', identified: 'tiger' do
8
+ on 'test.*' do
9
+ grant 'SELECT'
10
+ grant 'INSERT'
11
+ grant 'UPDATE'
12
+ grant 'DELETE'
13
+ end
14
+
15
+ on /\\Agratan_test\\.(foo|bar)\\z/ do
16
+ grant 'SELECT'
17
+ grant 'INSERT'
18
+ end
19
+
20
+ on /\\Agratan_test\\.z/ do
21
+ grant 'UPDATE'
22
+ grant 'DELETE'
23
+ end
24
+ end
25
+ RUBY
26
+
27
+ create_tables(:foo, :bar, :zoo, :baz) do
28
+ apply(subject) { dsl }
29
+
30
+ expect(show_grants).to match_array [
31
+ "GRANT SELECT, INSERT ON `gratan_test`.`bar` TO 'scott'@'localhost'",
32
+ "GRANT SELECT, INSERT ON `gratan_test`.`foo` TO 'scott'@'localhost'",
33
+ "GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
34
+ "GRANT UPDATE, DELETE ON `gratan_test`.`zoo` TO 'scott'@'localhost'",
35
+ "GRANT USAGE ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40'",
36
+ ]
37
+ end
38
+ end
39
+ end
40
+
41
+ context 'when create user using regexp (no privileges)' do
42
+ let(:logger) do
43
+ logger = Logger.new('/dev/null')
44
+ expect(logger).to receive(:warn).with("[WARN] there was no privileges to grant to 'scott'@'localhost'")
45
+ logger
46
+ end
47
+
48
+ subject { client(logger: logger) }
49
+
50
+ it do
51
+ dsl = <<-RUBY
52
+ user 'scott', 'localhost', identified: 'tiger' do
53
+ on /\\Agratan_test\\.x(foo|bar)\\z/ do
54
+ grant 'SELECT'
55
+ grant 'INSERT'
56
+ end
57
+ end
58
+ RUBY
59
+
60
+ create_tables(:foo, :bar, :zoo, :baz) do
61
+ apply(subject) { dsl }
62
+
63
+ expect(show_grants).to match_array []
64
+ end
65
+ end
66
+ end
67
+ end
@@ -37,8 +37,12 @@ end
37
37
 
38
38
  context 'when set debug' do
39
39
  let(:logger) do
40
- logger = Gratan::Logger.instance
40
+ logger = Gratan::Logger.send(:new)
41
41
  logger.set_debug(true)
42
+ expect(logger).to receive(:debug).with("[DEBUG] SET SQL_LOG_BIN = 0")
43
+ expect(logger).to receive(:debug).with("[DEBUG] SELECT user, host FROM mysql.user")
44
+ expect(logger).to receive(:info).with("GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO 'scott'@'localhost' IDENTIFIED BY 'tiger'")
45
+ expect(logger).to receive(:info).with("GRANT SELECT, INSERT, UPDATE, DELETE ON `test`.* TO 'scott'@'localhost' IDENTIFIED BY 'tiger'")
42
46
  logger
43
47
  end
44
48
 
data/spec/spec_helper.rb CHANGED
@@ -15,6 +15,7 @@ require 'tempfile'
15
15
  require 'timecop'
16
16
 
17
17
  IGNORE_USER = /\A(|root)\z/
18
+ TEST_DATABASE = 'gratan_test'
18
19
 
19
20
  RSpec.configure do |config|
20
21
  config.before(:each) do
@@ -36,6 +37,31 @@ def mysql
36
37
  retval
37
38
  end
38
39
 
40
+ def create_database(client)
41
+ client.query("CREATE DATABASE #{TEST_DATABASE}")
42
+ end
43
+
44
+ def drop_database(client)
45
+ client.query("DROP DATABASE IF EXISTS #{TEST_DATABASE}")
46
+ end
47
+
48
+ def create_table(client, table)
49
+ client.query("CREATE TABLE #{TEST_DATABASE}.#{table} (id INT)")
50
+ end
51
+
52
+ def create_tables(*tables)
53
+ mysql do |client|
54
+ begin
55
+ drop_database(client)
56
+ create_database(client)
57
+ tables.each {|i| create_table(client, i) }
58
+ yield
59
+ ensure
60
+ drop_database(client)
61
+ end
62
+ end
63
+ end
64
+
39
65
  def select_users(client)
40
66
  users = []
41
67
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gratan
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.4
4
+ version: 0.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Genki Sugawara
@@ -146,9 +146,11 @@ files:
146
146
  - spec/change/change_grants_2_spec.rb
147
147
  - spec/change/change_grants_3_spec.rb
148
148
  - spec/change/change_grants_4_spec.rb
149
+ - spec/change/change_grants_regexp_spec.rb
149
150
  - spec/change/change_grants_spec.rb
150
151
  - spec/create/create_user_2_spec.rb
151
152
  - spec/create/create_user_3_spec.rb
153
+ - spec/create/create_user_regexp_spec.rb
152
154
  - spec/create/create_user_spec.rb
153
155
  - spec/drop/drop_user_2_spec.rb
154
156
  - spec/drop/drop_user_spec.rb
@@ -177,7 +179,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
177
179
  version: '0'
178
180
  requirements: []
179
181
  rubyforge_project:
180
- rubygems_version: 2.0.14
182
+ rubygems_version: 2.4.1
181
183
  signing_key:
182
184
  specification_version: 4
183
185
  summary: Gratan is a tool to manage MySQL permissions using Ruby DSL.
@@ -185,9 +187,11 @@ test_files:
185
187
  - spec/change/change_grants_2_spec.rb
186
188
  - spec/change/change_grants_3_spec.rb
187
189
  - spec/change/change_grants_4_spec.rb
190
+ - spec/change/change_grants_regexp_spec.rb
188
191
  - spec/change/change_grants_spec.rb
189
192
  - spec/create/create_user_2_spec.rb
190
193
  - spec/create/create_user_3_spec.rb
194
+ - spec/create/create_user_regexp_spec.rb
191
195
  - spec/create/create_user_spec.rb
192
196
  - spec/drop/drop_user_2_spec.rb
193
197
  - spec/drop/drop_user_spec.rb