user - lefred/mysqlshell-plugins GitHub Wiki
NAME
user - Junior DBA Wizard to manage users.
DESCRIPTION
A collection of wizards to manage users for junior DBAs
Clone a user to the same server
user.clone([userfrom][, userto][, dryrun][, ocimds][, force][, session])
- userfrom: String - User to clone from as 'user@host'.
- userto: String - User to clone to as 'user@host'.
- dryrun: Bool - Don't run the statements but only shows them.
- ocimds: Bool - Use OCI MDS compatibility mode. Default is False.
- force: Bool - Reply "yes" to all questions when the plan is to copy non interactively. Default is False.
- session: Object - The optional session object used to query the database. If omitted the MySQL Shell's current session will be used.
JS user.clone()
Enter the user to search (you can use wildcards '%', leave blank for all): fred
Enter the destination user: fred3@localhost
Info: locked users and users having expired password are not listed.
1 user found!
Do you want to clone [`fred`@`%`] ? (y/N) y
Clone USER `fred`@`%` to fred3@localhost
Copying GRANTS....
User(s) copied successfully!
Copy a user to another server
user.copy([dryrun][, session])
- dryrun: Bool. Don't run the statements but only shows them. Default is False.
- ocimds: Bool. Use OCI MDS compatibility mode. Default is False.
- force: Bool. Reply "yes" to all questions when the plan is to copy multiple users. Default is False.
- session: Object. The optional session object used to query the database. If omitted the MySQL Shell's current session will be used.
Py user.copy()
You need to specify a destination server (<user@>server<:port>): root@localhost
Enter the user to search (you can use wildcards '%', leave blank for all): fred
Info: locked users and users having expired password are not listed.
1 user found!
Do you want to copy [`fred`@`%`] ? (y/N) y
The following role is assigned to the user:
- `dbt3_reader`@`%`
Do you want to copy that role ? (y/N) y
Copying ROLE `dbt3_reader`@`%`: mysql://root@localhost:3306 --> mysqlx://root@localhost:33060
Copying USER `fred`@`%`: mysql://root@localhost:3306 --> mysqlx://root@localhost:33060
Copying GRANTS....
User copied successfully!
Wizard to create a user
user.create([verbose][, session])
- verbose: Bool. Show the generated create statement.
- session: Object. The session to be used on the operation
JS user.create()
Enter the new user's account: github
Enter the password (leave is blank to generate one):
Does the user need to change his password ? (Y,n)
Do you want to lock the account after 3 failed attempts ? (Y,n)
+--------+------+----------------------+
| user | host | generated password |
+--------+------+----------------------+
| github | % | U8jMLzQ)7Fd[ny)Ji0gl |
+--------+------+----------------------+
JS \sql drop user github;
Query OK, 0 rows affected (0.0393 sec)
JS user.create(true)
Enter the new user's account: github
Enter the password (leave is blank to generate one):
Does the user need to change his password ? (Y,n)
Do you want to lock the account after 3 failed attempts ? (Y,n)
--> CREATE USER github IDENTIFIED BY RANDOM PASSWORD PASSWORD EXPIRE FAILED_LOGIN_ATTEMPTS 3 PASSWORD_LOCK_TIME 2
+--------+------+----------------------+
| user | host | generated password |
+--------+------+----------------------+
| github | % | +Mcs!)D*dd_CA>_40MIB |
+--------+------+----------------------+
Prints CREATE USERS, ROLES and GRANT STATEMENTS
user.getUsersGrants([find][, exclude][, session])
- find: String. Users to find, wildcards can also be used. If none, all users and roles are returned. Default: None.
- exclude: String. Users to exclude, wildcards can also be used. Default: None.
- session: Object. The optional session object used to query the database. If omitted the MySQL Shell's current session will be used.
JS user.getUsersGrants()
-- Role `dbt3_reader`@`%`
CREATE ROLE IF NOT EXISTS `dbt3_reader`@`%`;
ALTER USER 'dbt3_reader'@'%' IDENTIFIED WITH 'mysql_native_password' REQUIRE NONE PASSWORD EXPIRE ACCOUNT LOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
GRANT USAGE ON *.* TO `dbt3_reader`@`%`;
GRANT SELECT ON `dbt3`.* TO `dbt3_reader`@`%`;
-- Role `dbt3_writer`@`%`
CREATE ROLE IF NOT EXISTS `dbt3_writer`@`%`;
ALTER USER 'dbt3_writer'@'%' IDENTIFIED WITH 'mysql_native_password' REQUIRE NONE PASSWORD EXPIRE ACCOUNT LOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
GRANT USAGE ON *.* TO `dbt3_writer`@`%`;
GRANT SELECT, INSERT, UPDATE, DELETE ON `dbt3`.* TO `dbt3_writer`@`%`;
-- User `books`@`%`
CREATE USER IF NOT EXISTS `books`@`%`;
ALTER USER 'books'@'%' IDENTIFIED WITH 'mysql_native_password' AS '*9414E5A4CF60E95DC8D0ED068E478F95CD76915A' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK PASSWORD HISTORY DEFAULT PASSWORD REUSE INTERVAL DEFAULT PASSWORD REQUIRE CURRENT DEFAULT;
GRANT USAGE ON *.* TO `books`@`%`;
GRANT ALL PRIVILEGES ON `library`.* TO `books`@`%`;
...