yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/aliyun/dbinstance_account.go (about)

     1  // Copyright 2019 Yunion
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package aliyun
    16  
    17  import (
    18  	"fmt"
    19  
    20  	"yunion.io/x/pkg/errors"
    21  
    22  	api "yunion.io/x/cloudmux/pkg/apis/compute"
    23  	"yunion.io/x/cloudmux/pkg/cloudprovider"
    24  	"yunion.io/x/cloudmux/pkg/multicloud"
    25  )
    26  
    27  type SDatabasePrivileges struct {
    28  	DatabasePrivilege []SDatabasePrivilege
    29  }
    30  
    31  type SDBInstanceAccount struct {
    32  	multicloud.SDBInstanceAccountBase
    33  	AliyunTags
    34  	instance *SDBInstance
    35  
    36  	AccountDescription string
    37  	AccountName        string
    38  	AccountStatus      string
    39  	AccountType        string
    40  	DBInstanceId       string
    41  	DatabasePrivileges SDatabasePrivileges
    42  	PrivExceeded       string
    43  }
    44  
    45  func (account *SDBInstanceAccount) GetName() string {
    46  	return account.AccountName
    47  }
    48  
    49  func (account *SDBInstanceAccount) Delete() error {
    50  	return account.instance.region.DeleteDBInstanceAccount(account.DBInstanceId, account.AccountName)
    51  }
    52  
    53  func (account *SDBInstanceAccount) RevokePrivilege(database string) error {
    54  	return account.instance.region.RevokeDBInstancePrivilege(account.DBInstanceId, account.AccountName, database)
    55  }
    56  
    57  func (region *SRegion) RevokeDBInstancePrivilege(instanceId, account, database string) error {
    58  	params := map[string]string{
    59  		"DBInstanceId": instanceId,
    60  		"AccountName":  account,
    61  		"DBName":       database,
    62  	}
    63  	_, err := region.rdsRequest("RevokeAccountPrivilege", params)
    64  	return err
    65  }
    66  
    67  func (account *SDBInstanceAccount) GrantPrivilege(database, privilege string) error {
    68  	return account.instance.region.GrantDBInstancePrivilege(account.DBInstanceId, account.AccountName, database, privilege)
    69  }
    70  
    71  func (region *SRegion) GrantDBInstancePrivilege(instanceId, account, database, privilege string) error {
    72  	params := map[string]string{
    73  		"DBInstanceId": instanceId,
    74  		"AccountName":  account,
    75  		"DBName":       database,
    76  	}
    77  	switch privilege {
    78  	case api.DATABASE_PRIVILEGE_R:
    79  		params["AccountPrivilege"] = "ReadOnly"
    80  	case api.DATABASE_PRIVILEGE_RW:
    81  		params["AccountPrivilege"] = "ReadWrite"
    82  	case api.DATABASE_PRIVILEGE_DDL:
    83  		params["AccountPrivilege"] = "DDLOnly"
    84  	case api.DATABASE_PRIVILEGE_DML:
    85  		params["AccountPrivilege"] = "DMLOnly"
    86  	case api.DATABASE_PRIVILEGE_OWNER:
    87  		params["AccountPrivilege"] = "DBOwner"
    88  	default:
    89  		return fmt.Errorf("Unknown privilege [%s]", privilege)
    90  	}
    91  	_, err := region.rdsRequest("GrantAccountPrivilege", params)
    92  	return err
    93  }
    94  
    95  func (account *SDBInstanceAccount) ResetPassword(password string) error {
    96  	return account.instance.region.ResetDBInstanceAccountPassword(account.DBInstanceId, account.AccountName, password, account.AccountType)
    97  }
    98  
    99  func (region *SRegion) ResetDBInstanceAccountPassword(instanceId, account, password, accountType string) error {
   100  	action := "ResetAccountPassword"
   101  	if accountType == "Super" {
   102  		action = "ResetAccount"
   103  	}
   104  	params := map[string]string{
   105  		"DBInstanceId":    instanceId,
   106  		"AccountName":     account,
   107  		"AccountPassword": password,
   108  	}
   109  	_, err := region.rdsRequest(action, params)
   110  	return err
   111  }
   112  
   113  func (account *SDBInstanceAccount) GetStatus() string {
   114  	switch account.AccountStatus {
   115  	case "Available":
   116  		return api.DBINSTANCE_USER_AVAILABLE
   117  	case "Unavailable":
   118  		return api.DBINSTANCE_USER_UNAVAILABLE
   119  	}
   120  	return account.AccountStatus
   121  }
   122  
   123  func (account *SDBInstanceAccount) GetIDBInstanceAccountPrivileges() ([]cloudprovider.ICloudDBInstanceAccountPrivilege, error) {
   124  	privileves := []cloudprovider.ICloudDBInstanceAccountPrivilege{}
   125  	for i := 0; i < len(account.DatabasePrivileges.DatabasePrivilege); i++ {
   126  		account.DatabasePrivileges.DatabasePrivilege[i].account = account
   127  		privileves = append(privileves, &account.DatabasePrivileges.DatabasePrivilege[i])
   128  	}
   129  	return privileves, nil
   130  }
   131  
   132  func (region *SRegion) GetDBInstanceAccounts(instanceId string, offset int, limit int) ([]SDBInstanceAccount, int, error) {
   133  	if limit > 50 || limit <= 0 {
   134  		limit = 50
   135  	}
   136  	params := map[string]string{
   137  		"RegionId":     region.RegionId,
   138  		"PageSize":     fmt.Sprintf("%d", limit),
   139  		"PageNumber":   fmt.Sprintf("%d", (offset/limit)+1),
   140  		"DBInstanceId": instanceId,
   141  	}
   142  	body, err := region.rdsRequest("DescribeAccounts", params)
   143  	if err != nil {
   144  		return nil, 0, errors.Wrap(err, "DescribeAccounts")
   145  	}
   146  	accounts := []SDBInstanceAccount{}
   147  	err = body.Unmarshal(&accounts, "Accounts", "DBInstanceAccount")
   148  	if err != nil {
   149  		return nil, 0, errors.Wrap(err, "Unmarshal")
   150  	}
   151  	total, _ := body.Int("TotalRecordCount")
   152  	return accounts, int(total), nil
   153  }
   154  
   155  func (region *SRegion) DeleteDBInstanceAccount(instanceId string, accountName string) error {
   156  	params := map[string]string{
   157  		"RegionId":     region.RegionId,
   158  		"DBInstanceId": instanceId,
   159  		"AccountName":  accountName,
   160  	}
   161  
   162  	_, err := region.rdsRequest("DeleteAccount", params)
   163  	return err
   164  }
   165  
   166  func (region *SRegion) CreateDBInstanceAccount(instanceId string, name string, password string, desc string) error {
   167  	params := map[string]string{
   168  		"RegionId":           region.RegionId,
   169  		"DBInstanceId":       instanceId,
   170  		"AccountName":        name,
   171  		"AccountPassword":    password,
   172  		"AccountDescription": desc,
   173  	}
   174  
   175  	_, err := region.rdsRequest("CreateAccount", params)
   176  	return err
   177  
   178  }