Projects/muscl
12
4
Fork 0
Code Issues 69 Pull Requests Actions Packages Releases Activity

client/edit-privs: report actual errors instead of non-existence
Some checks failed
Build and test / check-license (push) Successful in 54s
Details
Build and test / check (push) Successful in 1m55s
Details
Build and test / build (push) Successful in 3m26s
Details
Build and test / docs (push) Has been cancelled
Details
Build and test / test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit
2025-12-16 14:07:28 +09:00
parent 795c6d3c9d
commit 146421dd79
1 changed files with 32 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/client/commands/edit_privs.rs
View File

@@ -19,7 +19,8 @@ use crate::{
parse_privilege_data_from_editor_content, reduce_privilege_diffs, parse_privilege_data_from_editor_content, reduce_privilege_diffs,
}, },
protocol::{ protocol::{
ClientToServerMessageStream, ModifyDatabasePrivilegesError, Request, Response, ClientToServerMessageStream, ListDatabasesError, ListUsersError,
ModifyDatabasePrivilegesError, Request, Response,
print_modify_database_privileges_output_status, request_validation::ValidationError, print_modify_database_privileges_output_status, request_validation::ValidationError,
}, },
types::{MySQLDatabase, MySQLUser}, types::{MySQLDatabase, MySQLUser},
@@ -92,7 +93,7 @@ pub struct SinglePrivilegeEditArgs {
async fn users_exist( async fn users_exist(
server_connection: &mut ClientToServerMessageStream, server_connection: &mut ClientToServerMessageStream,
privilege_diff: &BTreeSet<DatabasePrivilegesDiff>, privilege_diff: &BTreeSet<DatabasePrivilegesDiff>,
) -> anyhow::Result<BTreeMap<MySQLUser, bool>> { ) -> anyhow::Result<BTreeMap<MySQLUser, Result<(), ListUsersError>>> {
let user_list = privilege_diff let user_list = privilege_diff
.iter() .iter()
.map(|diff| diff.get_user_name().clone()) .map(|diff| diff.get_user_name().clone())
@@ -112,7 +113,7 @@ async fn users_exist(
let result = result let result = result
.into_iter() .into_iter()
.map(|(user, user_result)| (user, user_result.is_ok())) .map(|(user, user_result)| (user, user_result.map(|_| ())))
.collect(); .collect();
Ok(result) Ok(result)
@@ -121,7 +122,7 @@ async fn users_exist(
async fn databases_exist( async fn databases_exist(
server_connection: &mut ClientToServerMessageStream, server_connection: &mut ClientToServerMessageStream,
privilege_diff: &BTreeSet<DatabasePrivilegesDiff>, privilege_diff: &BTreeSet<DatabasePrivilegesDiff>,
) -> anyhow::Result<BTreeMap<MySQLDatabase, bool>> { ) -> anyhow::Result<BTreeMap<MySQLDatabase, Result<(), ListDatabasesError>>> {
let database_list = privilege_diff let database_list = privilege_diff
.iter() .iter()
.map(|diff| diff.get_database_name().clone()) .map(|diff| diff.get_database_name().clone())
@@ -141,12 +142,13 @@ async fn databases_exist(
let result = result let result = result
.into_iter() .into_iter()
.map(|(database, db_result)| (database, db_result.is_ok())) .map(|(database, db_result)| (database, db_result.map(|_| ())))
.collect(); .collect();
Ok(result) Ok(result)
} }
// TODO: reduce the complexity of this function
pub async fn edit_database_privileges( pub async fn edit_database_privileges(
args: EditPrivsArgs, args: EditPrivsArgs,
// NOTE: this is only used for backwards compat with mysql-admutils // NOTE: this is only used for backwards compat with mysql-admutils
@@ -219,10 +221,8 @@ pub async fn edit_database_privileges(
diff_privileges(&existing_privilege_rows, &privileges_to_change) diff_privileges(&existing_privilege_rows, &privileges_to_change)
}; };
// TODO: validate authorization before existence
let user_existence_map = users_exist(&mut server_connection, &diffs).await?;
let database_existence_map = databases_exist(&mut server_connection, &diffs).await?; let database_existence_map = databases_exist(&mut server_connection, &diffs).await?;
let user_existence_map = users_exist(&mut server_connection, &diffs).await?;
let diffs = reduce_privilege_diffs(&existing_privilege_rows, diffs)? let diffs = reduce_privilege_diffs(&existing_privilege_rows, diffs)?
.into_iter() .into_iter()
@@ -230,14 +230,14 @@ pub async fn edit_database_privileges(
let database_name = diff.get_database_name(); let database_name = diff.get_database_name();
let username = diff.get_user_name(); let username = diff.get_user_name();
if let Some(false) = database_existence_map.get(database_name) { if let Some(Err(err)) = database_existence_map.get(database_name) {
println!("Database '{}' does not exist.", database_name); println!("{}", err.to_error_message(database_name));
println!("Skipping..."); println!("Skipping...");
return false; return false;
} }
if let Some(false) = user_existence_map.get(username) { if let Some(Err(err)) = user_existence_map.get(username) {
println!("User '{}' does not exist.", username); println!("{}", err.to_error_message(username));
println!("Skipping..."); println!("Skipping...");
return false; return false;
} }
@@ -246,6 +246,26 @@ pub async fn edit_database_privileges(
}) })
.collect::<BTreeSet<_>>(); .collect::<BTreeSet<_>>();
if database_existence_map.values().any(|res| {
matches!(
res,
Err(ListDatabasesError::ValidationError(
ValidationError::AuthorizationError(_)
))
)
}) || user_existence_map.values().any(|res| {
matches!(
res,
Err(ListUsersError::ValidationError(
ValidationError::AuthorizationError(_)
))
)
}) {
println!();
print_authorization_owner_hint(&mut server_connection).await?;
println!();
}
if diffs.is_empty() { if diffs.is_empty() {
println!("No changes to make."); println!("No changes to make.");
server_connection.send(Request::Exit).await?; server_connection.send(Request::Exit).await?;