From 9a228323896e3adee54eec22872a9d8e078898f0 Mon Sep 17 00:00:00 2001 From: Revant Nandgaonkar Date: Wed, 15 Jul 2020 21:28:52 +0530 Subject: [PATCH 1/3] fix: mariadb grants for aws rds --- build/common/commands/constants.py | 3 ++- build/common/commands/new.py | 7 ++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/build/common/commands/constants.py b/build/common/commands/constants.py index b07e3381..d1767a38 100644 --- a/build/common/commands/constants.py +++ b/build/common/commands/constants.py @@ -7,4 +7,5 @@ DB_PORT = 3306 APP_VERSIONS_JSON_FILE = 'app_versions.json' APPS_TXT_FILE = 'apps.txt' COMMON_SITE_CONFIG_FILE = 'common_site_config.json' -DATE_FORMAT = "%Y%m%d_%H%M%S" \ No newline at end of file +DATE_FORMAT = "%Y%m%d_%H%M%S" +RDS_DB = 'rds_db' diff --git a/build/common/commands/new.py b/build/common/commands/new.py index 57c9f978..3fdf12b0 100644 --- a/build/common/commands/new.py +++ b/build/common/commands/new.py @@ -4,7 +4,7 @@ import semantic_version from frappe.commands.site import _new_site from frappe.installer import update_site_config -from constants import COMMON_SITE_CONFIG_FILE +from constants import COMMON_SITE_CONFIG_FILE, RDS_DB from utils import ( run_command, get_config, @@ -96,6 +96,11 @@ def main(): command = mysql_command + [f"GRANT ALL PRIVILEGES ON `{db_name}`.* TO '{db_name}'@'%'; FLUSH PRIVILEGES;"] run_command(command) + # for Amazon RDS + if config.get(RDS_DB) or site_config.get(RDS_DB): + command = mysql_command + [f"GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, EVENT, TRIGGER, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EXECUTE, LOCK TABLES ON `{db_name}`.* TO '{db_name}'@'%'; FLUSH PRIVILEGES;"] + run_command(command) + if frappe.redis_server: frappe.redis_server.connection_pool.disconnect() From c2ebdfcf8b602c7f12795cbfa82884a4afec7810 Mon Sep 17 00:00:00 2001 From: Revant Nandgaonkar Date: Thu, 16 Jul 2020 06:06:48 +0530 Subject: [PATCH 2/3] fix: condition for mariadb grants for aws rds --- build/common/commands/constants.py | 1 + build/common/commands/new.py | 13 +++++++------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/build/common/commands/constants.py b/build/common/commands/constants.py index d1767a38..48093f13 100644 --- a/build/common/commands/constants.py +++ b/build/common/commands/constants.py @@ -9,3 +9,4 @@ APPS_TXT_FILE = 'apps.txt' COMMON_SITE_CONFIG_FILE = 'common_site_config.json' DATE_FORMAT = "%Y%m%d_%H%M%S" RDS_DB = 'rds_db' +RDS_PRIVILEGES = "SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, EVENT, TRIGGER, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EXECUTE, LOCK TABLES" diff --git a/build/common/commands/new.py b/build/common/commands/new.py index 3fdf12b0..c9a39cf2 100644 --- a/build/common/commands/new.py +++ b/build/common/commands/new.py @@ -4,7 +4,7 @@ import semantic_version from frappe.commands.site import _new_site from frappe.installer import update_site_config -from constants import COMMON_SITE_CONFIG_FILE, RDS_DB +from constants import COMMON_SITE_CONFIG_FILE, RDS_DB, RDS_PRIVILEGES from utils import ( run_command, get_config, @@ -93,13 +93,14 @@ def main(): run_command(command) # Grant permission to database - command = mysql_command + [f"GRANT ALL PRIVILEGES ON `{db_name}`.* TO '{db_name}'@'%'; FLUSH PRIVILEGES;"] - run_command(command) + grant_privileges = "ALL PRIVILEGES" # for Amazon RDS - if config.get(RDS_DB) or site_config.get(RDS_DB): - command = mysql_command + [f"GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, EVENT, TRIGGER, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EXECUTE, LOCK TABLES ON `{db_name}`.* TO '{db_name}'@'%'; FLUSH PRIVILEGES;"] - run_command(command) + if config.get(RDS_DB) or site_config.get(RDS_DB) + grant_privileges = RDS_PRIVILEGES + + command = mysql_command + [f"GRANT {grant_privileges} ON `{db_name}`.* TO '{db_name}'@'%'; FLUSH PRIVILEGES;"] + run_command(command) if frappe.redis_server: frappe.redis_server.connection_pool.disconnect() From c2a0e4f05761d8dd7b01c362b677ccd8d8c738df Mon Sep 17 00:00:00 2001 From: Revant Nandgaonkar Date: Thu, 16 Jul 2020 06:08:24 +0530 Subject: [PATCH 3/3] fix: condition for grants for aws rds --- build/common/commands/new.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/common/commands/new.py b/build/common/commands/new.py index c9a39cf2..5babe6c3 100644 --- a/build/common/commands/new.py +++ b/build/common/commands/new.py @@ -96,7 +96,7 @@ def main(): grant_privileges = "ALL PRIVILEGES" # for Amazon RDS - if config.get(RDS_DB) or site_config.get(RDS_DB) + if config.get(RDS_DB) or site_config.get(RDS_DB): grant_privileges = RDS_PRIVILEGES command = mysql_command + [f"GRANT {grant_privileges} ON `{db_name}`.* TO '{db_name}'@'%'; FLUSH PRIVILEGES;"]