Fix broken trigger privileges for custom DB users

dockware · Jan 5, 2021 · 1736dc5 · 1736dc5
1 parent c407933
commit 1736dc5
Showing 1 changed file with 18 additions and 5 deletions.
diff --git a/template/entrypoint.global.sh.twig b/template/entrypoint.global.sh.twig
@@ -114,11 +114,24 @@ sudo service mysql start;
 if [ $MYSQL_USER != "not-set" ] && [ $MYSQL_PWD != "not-set" ]; then
     echo "DOCKWARE: creating new MySQL user...."
     # -----------------------------------
-    sudo mysql --user=root --password=root -e "UPDATE mysql.user SET Host='localhost' WHERE User='root' AND Host='%';";
-    sudo mysql --user=root --password=root -e "CREATE USER IF NOT EXISTS '"$MYSQL_USER"'@'%' IDENTIFIED BY '"$MYSQL_PWD"';";
-    sudo mysql --user=root --password=root -e "use mysql; update user set host='%' where user='$MYSQL_USER';";
-    sudo mysql --user=root --password=root -e "GRANT ALL PRIVILEGES ON *.* TO '"$MYSQL_USER"'@'%' IDENTIFIED BY '$MYSQL_PWD';";
-    sudo mysql --user=root --password=root -e "FLUSH PRIVILEGES;";
+    # Shopware users triggers. the DEFINER does also need to be changed to our new user
+    # otherwise problems like "product cant be created in admin" will occur.
+    # the only solution is to export the triggers, replace the DEFINER and import it again.
+    sudo mysqldump -P 3306 -h localhost -u {{ db.user }} -p"{{ db.pwd }}" --triggers --add-drop-trigger --no-create-info --no-data --no-create-db --skip-opt {{ db.database }} > /tmp/triggers.sql
+    sudo sed -i 's/DEFINER=`{{ db.user }}`@`%`/DEFINER=`app`@`%`/g' /tmp/triggers.sql
+    sudo mysql --user={{ db.user }} --password={{ db.pwd }} {{ db.database }} < /tmp/triggers.sql
+    sudo rm -rf /tmp/triggers.sql
+    # -----------------------------------
+    # block remote access for {{ db.user }} user
+    sudo mysql --user={{ db.user }} --password={{ db.pwd }} -e "UPDATE mysql.user SET Host='localhost' WHERE User='{{ db.user }}' AND Host='%';";
+    # -----------------------------------
+    # add new user and grant privileges
+    sudo mysql --user={{ db.user }} --password={{ db.pwd }} -e "CREATE USER IF NOT EXISTS '"$MYSQL_USER"'@'%' IDENTIFIED BY '"$MYSQL_PWD"';";
+    sudo mysql --user={{ db.user }} --password={{ db.pwd }} -e "use mysql; update user set host='%' where user='$MYSQL_USER';";
+    sudo mysql --user={{ db.user }} --password={{ db.pwd }} -e "GRANT ALL PRIVILEGES ON *.* TO '"$MYSQL_USER"'@'%' IDENTIFIED BY '$MYSQL_PWD';";
+    # -----------------------------------
+    # apply and flush privileges
+    sudo mysql --user={{ db.user }} --password={{ db.pwd }} -e "FLUSH PRIVILEGES;";
     echo "-----------------------------------------------------------"
 fi
 {% endblock %}