Query a particular login name and create database logins using the Db…

…Tool refs #7163
Icinga · Oct 8, 2014 · 89ae058 · 89ae058
1 parent 96ba45d
commit 89ae058
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 31 deletions.
diff --git a/library/Icinga/Application/WebInstaller.php b/library/Icinga/Application/WebInstaller.php
@@ -255,21 +255,20 @@ private function setupMysqlDatabase(DbTool $db)
             $db->reconnect($this->pageData['setup_db_resource']['dbname']);
         }
 
-        $loginIdent = "'" . $this->pageData['setup_db_resource']['username'] . "'@'" . Platform::getFqdn() . "'";
-        if (false === array_search($loginIdent, $db->listLogins())) {
+        if ($db->hasLogin($this->pageData['setup_db_resource']['username'])) {
             $this->log(sprintf(
-                t('Creating login "%s"...'),
+                t('Login "%s" already exists...'),
                 $this->pageData['setup_db_resource']['username']
             ));
-            $db->exec(
-                "CREATE USER $loginIdent IDENTIFIED BY '" .
-                $this->pageData['setup_db_resource']['password'] . "'"
-            );
         } else {
             $this->log(sprintf(
-                t('Login "%s" already exists...'),
+                t('Creating login "%s"...'),
                 $this->pageData['setup_db_resource']['username']
             ));
+            $db->addLogin(
+                $this->pageData['setup_db_resource']['username'],
+                $this->pageData['setup_db_resource']['password']
+            );
         }
 
         if (array_search('account', $db->listTables()) !== false) {
@@ -289,7 +288,7 @@ private function setupMysqlDatabase(DbTool $db)
                 "GRANT %s ON %s.* TO %s",
                 join(',', $privileges),
                 $this->pageData['setup_db_resource']['dbname'],
-                $loginIdent
+                $this->pageData['setup_db_resource']['username'] . '@' . Platform::getFqdn()
             ));
         }
     }
@@ -319,21 +318,20 @@ private function setupPgsqlDatabase(DbTool $db)
             $db->reconnect($this->pageData['setup_db_resource']['dbname']);
         }
 
-        if (false === array_search($this->pageData['setup_db_resource']['username'], $db->listLogins())) {
+        if ($db->hasLogin($this->pageData['setup_db_resource']['username'])) {
             $this->log(sprintf(
-                t('Creating login "%s"...'),
+                t('Login "%s" already exists...'),
                 $this->pageData['setup_db_resource']['username']
             ));
-            $db->exec(sprintf(
-                "CREATE USER %s WITH PASSWORD '%s'",
-                $this->pageData['setup_db_resource']['username'],
-                $this->pageData['setup_db_resource']['password']
-            ));
         } else {
             $this->log(sprintf(
-                t('Login "%s" already exists...'),
+                t('Creating login "%s"...'),
                 $this->pageData['setup_db_resource']['username']
             ));
+            $db->addLogin(
+                $this->pageData['setup_db_resource']['username'],
+                $this->pageData['setup_db_resource']['password']
+            );
         }
 
         if (array_search('account', $db->listTables()) !== false) {

diff --git a/library/Icinga/Web/Setup/DbTool.php b/library/Icinga/Web/Setup/DbTool.php
@@ -10,6 +10,7 @@
 use Zend_Db_Adapter_Pdo_Mysql;
 use Zend_Db_Adapter_Pdo_Pgsql;
 use Icinga\Util\File;
+use Icinga\Application\Platform;
 use Icinga\Exception\ConfigurationError;
 
 /**
@@ -294,26 +295,44 @@ public function listTables()
     }
 
     /**
-     * Return a list of all available database logins
+     * Return whether the given database login exists
      *
-     * @return  array
+     * @param   string  $username   The username to search
+     *
+     * @return  bool
      */
-    public function listLogins()
+    public function hasLogin($username)
     {
-        $users = array();
-
         if ($this->config['db'] === 'mysql') {
-            $query = $this->pdoConn->query('SELECT DISTINCT grantee FROM information_schema.user_privileges');
-            foreach ($query->fetchAll() as $row) {
-                $users[] = $row['grantee'];
-            }
+            $stmt = $this->pdoConn->prepare(
+                'SELECT grantee FROM information_schema.user_privileges WHERE grantee = :ident LIMIT 1'
+            );
+            $stmt->execute(array(':ident' => "'" . $username . "'@'" . Platform::getFqdn() . "'"));
+            return $stmt->rowCount() === 1;
         } elseif ($this->config['db'] === 'pgsql') {
-            $query = $this->pdoConn->query('SELECT usename FROM pg_catalog.pg_user');
-            foreach ($query->fetchAll() as $row) {
-                $users[] = $row['usename'];
-            }
+            $stmt = $this->pdoConn->prepare(
+                'SELECT usename FROM pg_catalog.pg_user WHERE usename = :ident LIMIT 1'
+            );
+            $stmt->execute(array(':ident' => $username));
+            return $stmt->rowCount() === 1;
         }
 
-        return $users;
+        return false;
+    }
+
+    /**
+     * Add a new database login
+     *
+     * @param   string  $username   The username of the new login
+     * @param   string  $password   The password of the new login
+     */
+    public function addLogin($username, $password)
+    {
+        if ($this->config['db'] === 'mysql') {
+            $stmt = $this->pdoConn->prepare('CREATE USER :user@:host IDENTIFIED BY :passw');
+            $stmt->execute(array(':user' => $username, ':host' => Platform::getFqdn(), ':passw' => $password));
+        } elseif ($this->config['db'] === 'pgsql') {
+            $this->pdoConn->exec("CREATE USER $username WITH PASSWORD '$password'");
+        }
     }
 }