yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/hcs/dbinstance_account.go (about)

     1  // Copyright 2019 Yunion
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package hcs
    16  
    17  import (
    18  	"fmt"
    19  	"net/url"
    20  
    21  	api "yunion.io/x/cloudmux/pkg/apis/compute"
    22  	"yunion.io/x/cloudmux/pkg/cloudprovider"
    23  	"yunion.io/x/cloudmux/pkg/multicloud"
    24  	"yunion.io/x/cloudmux/pkg/multicloud/huawei"
    25  )
    26  
    27  type SDBInstanceAccount struct {
    28  	multicloud.SDBInstanceAccountBase
    29  	huawei.HuaweiTags
    30  	instance *SDBInstance
    31  	Name     string
    32  }
    33  
    34  func (account *SDBInstanceAccount) GetName() string {
    35  	return account.Name
    36  }
    37  
    38  func (account *SDBInstanceAccount) Delete() error {
    39  	return account.instance.region.rdsDelete(fmt.Sprintf("%s/db_user/%s", account.instance.Id, account.Name))
    40  }
    41  
    42  func (account *SDBInstanceAccount) GetIDBInstanceAccountPrivileges() ([]cloudprovider.ICloudDBInstanceAccountPrivilege, error) {
    43  	privileges, err := account.instance.region.GetDBInstancePrivileges(account.instance.Id, account.Name)
    44  	if err != nil {
    45  		return nil, err
    46  	}
    47  	iprivileves := []cloudprovider.ICloudDBInstanceAccountPrivilege{}
    48  	for i := 0; i < len(privileges); i++ {
    49  		privileges[i].account = account
    50  		iprivileves = append(iprivileves, &privileges[i])
    51  	}
    52  	return iprivileves, nil
    53  }
    54  
    55  func (region *SRegion) GetDBInstanceAccounts(instanceId string) ([]SDBInstanceAccount, error) {
    56  	accounts := []SDBInstanceAccount{}
    57  	err := region.rdsList(fmt.Sprintf("instances/%s/db_user/detail", instanceId), nil, accounts)
    58  	if err != nil {
    59  		return nil, err
    60  	}
    61  	return accounts, nil
    62  }
    63  
    64  func (region *SRegion) GetDBInstancePrivileges(instanceId string, username string) ([]SDatabasePrivilege, error) {
    65  	query := url.Values{}
    66  	query.Add("iser-name", username)
    67  	privileges := []SDatabasePrivilege{}
    68  	err := region.rdsList(fmt.Sprintf("instances/%s/db_user/database", instanceId), query, privileges)
    69  	if err != nil {
    70  		return nil, err
    71  	}
    72  	return privileges, nil
    73  }
    74  
    75  func (account *SDBInstanceAccount) RevokePrivilege(database string) error {
    76  	return account.instance.region.RevokeDBInstancePrivilege(account.instance.Id, account.Name, database)
    77  }
    78  
    79  func (region *SRegion) RevokeDBInstancePrivilege(instanceId string, account, database string) error {
    80  	params := map[string]interface{}{
    81  		"db_name": database,
    82  		"users": []map[string]interface{}{
    83  			map[string]interface{}{
    84  				"name": account,
    85  			},
    86  		},
    87  	}
    88  	return region.rdsDBPrivilegesDelete(fmt.Sprintf("instances/%s/db_privilege", instanceId), params)
    89  }
    90  
    91  func (account *SDBInstanceAccount) GrantPrivilege(database, privilege string) error {
    92  	return account.instance.region.GrantDBInstancePrivilege(account.instance.Id, account.Name, database, privilege)
    93  }
    94  
    95  func (region *SRegion) GrantDBInstancePrivilege(instanceId string, account, database string, privilege string) error {
    96  	readonly := false
    97  	switch privilege {
    98  	case api.DATABASE_PRIVILEGE_R:
    99  		readonly = true
   100  	case api.DATABASE_PRIVILEGE_RW:
   101  	default:
   102  		return fmt.Errorf("Unknown privilege %s", privilege)
   103  	}
   104  	params := map[string]interface{}{
   105  		"db_name": database,
   106  		"users": []map[string]interface{}{
   107  			map[string]interface{}{
   108  				"name":     account,
   109  				"readonly": readonly,
   110  			},
   111  		},
   112  	}
   113  	resp := &struct {
   114  		Resp string
   115  	}{}
   116  	err := region.rdsDBPrivilegesGrant(fmt.Sprintf("instances/%s/db_privilege", instanceId), params, resp)
   117  	return err
   118  }
   119  
   120  func (account *SDBInstanceAccount) ResetPassword(password string) error {
   121  	return account.instance.region.ResetDBInstanceAccountPassword(account.instance.Id, account.Name, password)
   122  }
   123  
   124  func (region *SRegion) ResetDBInstanceAccountPassword(instanceId, account, password string) error {
   125  	return fmt.Errorf("The API does not exist or has not been published in the environment")
   126  }