Query a particular login name and create database logins using the DbTool

refs #7163
2014-10-08 15:33:51 +02:00 · 2014-10-08 15:33:51 +02:00 · 89ae05899b
parent 96ba45d896
commit 89ae05899b
2 changed files with 54 additions and 37 deletions
--- a/library/Icinga/Application/WebInstaller.php
+++ b/library/Icinga/Application/WebInstaller.php
@ -255,21 +255,20 @@ class WebInstaller implements Installer
            $db->reconnect($this->pageData['setup_db_resource']['dbname']);
        }

-        $loginIdent = "'" . $this->pageData['setup_db_resource']['username'] . "'@'" . Platform::getFqdn() . "'";
-        if (false === array_search($loginIdent, $db->listLogins())) {
-            $this->log(sprintf(
-                t('Creating login "%s"...'),
-                $this->pageData['setup_db_resource']['username']
-            ));
-            $db->exec(
-                "CREATE USER $loginIdent IDENTIFIED BY '" .
-                $this->pageData['setup_db_resource']['password'] . "'"
-            );
-        } else {
+        if ($db->hasLogin($this->pageData['setup_db_resource']['username'])) {
            $this->log(sprintf(
                t('Login "%s" already exists...'),
                $this->pageData['setup_db_resource']['username']
            ));
+        } else {
+            $this->log(sprintf(
+                t('Creating login "%s"...'),
+                $this->pageData['setup_db_resource']['username']
+            ));
+            $db->addLogin(
+                $this->pageData['setup_db_resource']['username'],
+                $this->pageData['setup_db_resource']['password']
+            );
        }

        if (array_search('account', $db->listTables()) !== false) {
@ -289,7 +288,7 @@ class WebInstaller implements Installer
                "GRANT %s ON %s.* TO %s",
                join(',', $privileges),
                $this->pageData['setup_db_resource']['dbname'],
-                $loginIdent
+                $this->pageData['setup_db_resource']['username'] . '@' . Platform::getFqdn()
            ));
        }
    }
@ -319,21 +318,20 @@ class WebInstaller implements Installer
            $db->reconnect($this->pageData['setup_db_resource']['dbname']);
        }

-        if (false === array_search($this->pageData['setup_db_resource']['username'], $db->listLogins())) {
-            $this->log(sprintf(
-                t('Creating login "%s"...'),
-                $this->pageData['setup_db_resource']['username']
-            ));
-            $db->exec(sprintf(
-                "CREATE USER %s WITH PASSWORD '%s'",
-                $this->pageData['setup_db_resource']['username'],
-                $this->pageData['setup_db_resource']['password']
-            ));
-        } else {
+        if ($db->hasLogin($this->pageData['setup_db_resource']['username'])) {
            $this->log(sprintf(
                t('Login "%s" already exists...'),
                $this->pageData['setup_db_resource']['username']
            ));
+        } else {
+            $this->log(sprintf(
+                t('Creating login "%s"...'),
+                $this->pageData['setup_db_resource']['username']
+            ));
+            $db->addLogin(
+                $this->pageData['setup_db_resource']['username'],
+                $this->pageData['setup_db_resource']['password']
+            );
        }

        if (array_search('account', $db->listTables()) !== false) {
--- a/library/Icinga/Web/Setup/DbTool.php
+++ b/library/Icinga/Web/Setup/DbTool.php
@ -10,6 +10,7 @@ use LogicException;
 use Zend_Db_Adapter_Pdo_Mysql;
 use Zend_Db_Adapter_Pdo_Pgsql;
 use Icinga\Util\File;
+use Icinga\Application\Platform;
 use Icinga\Exception\ConfigurationError;

 /**
@ -294,26 +295,44 @@ class DbTool
    }

    /**
-     * Return a list of all available database logins
+     * Return whether the given database login exists
     *
-     * @return  array
+     * @param   string  $username   The username to search
+     *
+     * @return  bool
     */
-    public function listLogins()
+    public function hasLogin($username)
    {
-        $users = array();
-
        if ($this->config['db'] === 'mysql') {
-            $query = $this->pdoConn->query('SELECT DISTINCT grantee FROM information_schema.user_privileges');
-            foreach ($query->fetchAll() as $row) {
-                $users[] = $row['grantee'];
-            }
+            $stmt = $this->pdoConn->prepare(
+                'SELECT grantee FROM information_schema.user_privileges WHERE grantee = :ident LIMIT 1'
+            );
+            $stmt->execute(array(':ident' => "'" . $username . "'@'" . Platform::getFqdn() . "'"));
+            return $stmt->rowCount() === 1;
        } elseif ($this->config['db'] === 'pgsql') {
-            $query = $this->pdoConn->query('SELECT usename FROM pg_catalog.pg_user');
-            foreach ($query->fetchAll() as $row) {
-                $users[] = $row['usename'];
-            }
+            $stmt = $this->pdoConn->prepare(
+                'SELECT usename FROM pg_catalog.pg_user WHERE usename = :ident LIMIT 1'
+            );
+            $stmt->execute(array(':ident' => $username));
+            return $stmt->rowCount() === 1;
        }

-        return $users;
+        return false;
+    }
+
+    /**
+     * Add a new database login
+     *
+     * @param   string  $username   The username of the new login
+     * @param   string  $password   The password of the new login
+     */
+    public function addLogin($username, $password)
+    {
+        if ($this->config['db'] === 'mysql') {
+            $stmt = $this->pdoConn->prepare('CREATE USER :user@:host IDENTIFIED BY :passw');
+            $stmt->execute(array(':user' => $username, ':host' => Platform::getFqdn(), ':passw' => $password));
+        } elseif ($this->config['db'] === 'pgsql') {
+            $this->pdoConn->exec("CREATE USER $username WITH PASSWORD '$password'");
+        }
    }
 }