Skip to content

Commit f471ca8

Browse files
plumdogplumdog
committed
Fix to handle special characters in username and database name
1 parent 1c3cf99 commit f471ca8

File tree

1 file changed

+14
-14
lines changed

1 file changed

+14
-14
lines changed

handler/main.ts

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -259,7 +259,7 @@ const handleCreate = async (event: CreateEvent): Promise<Response> => {
259259
onCreateIfExists: event.ResourceProperties.onCreateIfExists,
260260
});
261261

262-
const createUserQuery = `CREATE USER ${userCredentials.username} IDENTIFIED BY '${userCredentials.password}'; GRANT ALL PRIVILEGES ON ${event.ResourceProperties.databaseName}.* TO ${userCredentials.username}@'%';`;
262+
const createUserQuery = `CREATE USER '${userCredentials.username}' IDENTIFIED BY '${userCredentials.password}'; GRANT ALL PRIVILEGES ON \`${event.ResourceProperties.databaseName}\`.* TO '${userCredentials.username}'@'%';`;
263263

264264
try {
265265
await adminClient.query(createUserQuery);
@@ -270,17 +270,17 @@ const handleCreate = async (event: CreateEvent): Promise<Response> => {
270270

271271
if (event.ResourceProperties.onCreateIfExists === 'Adopt' && e.code === MysqlErrorCodes.DUPLICATE_OBJECT) {
272272
// User already exists, so we'll just adopt it. Set the password to the new value and grant CREATEDB and LOGIN
273-
await adminClient.query(`ALTER USER ${userCredentials.username} WITH PASSWORD '${userCredentials.password}';`);
274-
await adminClient.query(`GRANT ALL PRIVILEGES ON ${event.ResourceProperties.databaseName}.* TO ${userCredentials.username}@'%';`);
273+
await adminClient.query(`ALTER USER '${userCredentials.username}' WITH PASSWORD '${userCredentials.password}';`);
274+
await adminClient.query(`GRANT ALL PRIVILEGES ON \`${event.ResourceProperties.databaseName}\`.* TO '${userCredentials.username}'@'%';`);
275275
} else if (event.ResourceProperties.onCreateIfExists === 'DeleteAndRecreate' && e.code === MysqlErrorCodes.DUPLICATE_OBJECT) {
276-
await adminClient.query(`DROP USER ${userCredentials.username};`);
276+
await adminClient.query(`DROP USER '${userCredentials.username}';`);
277277
await adminClient.query(createUserQuery);
278278
} else {
279279
throw e;
280280
}
281281
}
282282

283-
const createDatabaseQuery = `CREATE DATABASE ${event.ResourceProperties.databaseName};`;
283+
const createDatabaseQuery = `CREATE DATABASE \`${event.ResourceProperties.databaseName}\`;`;
284284

285285
const userClient = await userClientManager.getClient();
286286
try {
@@ -297,11 +297,11 @@ const handleCreate = async (event: CreateEvent): Promise<Response> => {
297297
if (event.ResourceProperties.onCreateIfExists === 'Adopt' && e.code === MysqlErrorCodes.DUPLICATE_DATABASE) {
298298
// Database already exists, so we'll just adopt it
299299
log('Database already exists, adopting');
300-
await adminClient.query(`GRANT ALL PRIVILEGES ON ${event.ResourceProperties.databaseName}.* TO ${userCredentials.username}@'%';`);
300+
await adminClient.query(`GRANT ALL PRIVILEGES ON \`${event.ResourceProperties.databaseName}\`.* TO '${userCredentials.username}'@'%';`);
301301
} else if (event.ResourceProperties.onCreateIfExists === 'DeleteAndRecreate') {
302302
if (e.code === MysqlErrorCodes.DUPLICATE_DATABASE) {
303303
log('Database already exists, deleting and recreating');
304-
await adminClient.query(`DROP DATABASE ${event.ResourceProperties.databaseName};`);
304+
await adminClient.query(`DROP DATABASE \`${event.ResourceProperties.databaseName}\`;`);
305305
await userClient.query(createDatabaseQuery);
306306
}
307307
} else {
@@ -341,7 +341,7 @@ const handleUpdate = async (event: UpdateEvent): Promise<Response> => {
341341
log('Creating user if it does not exist', { username: userCredentials.username });
342342
try {
343343
const client = await adminClient.getClient();
344-
await client.query(`CREATE USER ${userCredentials.username} IDENTIFIED BY '${userCredentials.password}';`);
344+
await client.query(`CREATE USER '${userCredentials.username}' IDENTIFIED BY '${userCredentials.password}';`);
345345
} catch (e) {
346346
if (!isMysqlError(e)) {
347347
throw e;
@@ -360,15 +360,15 @@ const handleUpdate = async (event: UpdateEvent): Promise<Response> => {
360360
if (event.ResourceProperties.onUpdateSetUserPassword === 'Always') {
361361
log('Setting user password', { username: userCredentials.username });
362362
const client = await adminClient.getClient();
363-
await client.query(`ALTER USER ${userCredentials.username} WITH PASSWORD '${userCredentials.password}';`);
363+
await client.query(`ALTER USER '${userCredentials.username}' WITH PASSWORD '${userCredentials.password}';`);
364364
} else {
365365
log('Not setting user password', { username: userCredentials.username });
366366
}
367367

368368
if (event.ResourceProperties.onUpdateSetUserPermissions === 'Always') {
369369
log('Setting user permissions', { username: userCredentials.username });
370370
const client = await adminClient.getClient();
371-
await client.query(`GRANT ALL PRIVILEGES ON ${event.ResourceProperties.databaseName}.* TO ${userCredentials.username}@'%';`);
371+
await client.query(`GRANT ALL PRIVILEGES ON \`${event.ResourceProperties.databaseName}\`.* TO '${userCredentials.username}'@'%';`);
372372
} else {
373373
log('Not setting user permissions', { username: userCredentials.username });
374374
}
@@ -377,7 +377,7 @@ const handleUpdate = async (event: UpdateEvent): Promise<Response> => {
377377
log('Creating database if it does not exist', { databaseName: event.ResourceProperties.databaseName });
378378
try {
379379
const client = await userClient.getClient();
380-
await client.query(`CREATE DATABASE ${event.ResourceProperties.databaseName};`);
380+
await client.query(`CREATE DATABASE \`${event.ResourceProperties.databaseName}\`;`);
381381
} catch (e) {
382382
if (!isMysqlError(e)) {
383383
throw e;
@@ -396,7 +396,7 @@ const handleUpdate = async (event: UpdateEvent): Promise<Response> => {
396396
if (event.ResourceProperties.onUpdateSetDatabaseOwnership === 'Always') {
397397
log('Setting database ownership', { databaseName: event.ResourceProperties.databaseName });
398398
const client = await adminClient.getClient();
399-
await client.query(`GRANT ALL PRIVILEGES ON ${event.ResourceProperties.databaseName}.* TO ${userCredentials.username}@'%';`);
399+
await client.query(`GRANT ALL PRIVILEGES ON \`${event.ResourceProperties.databaseName}\`.* TO '${userCredentials.username}'@'%';`);
400400
} else {
401401
log('Not setting database ownership', { databaseName: event.ResourceProperties.databaseName });
402402
}
@@ -440,10 +440,10 @@ const handleDelete = async (event: DeleteEvent): Promise<Response> => {
440440
const adminClient = await adminClientManager.getClient();
441441

442442
log('Dropping database if exists', { databaseName: event.ResourceProperties.databaseName });
443-
await adminClient.query(`DROP DATABASE IF EXISTS ${event.ResourceProperties.databaseName};`);
443+
await adminClient.query(`DROP DATABASE IF EXISTS \`${event.ResourceProperties.databaseName}\`;`);
444444

445445
log('Dropping user if exists', { databaseName: event.ResourceProperties.databaseName });
446-
await adminClient.query(`DROP USER IF EXISTS ${userCredentials.username};`);
446+
await adminClient.query(`DROP USER IF EXISTS '${userCredentials.username}';`);
447447

448448
await adminClient.end();
449449

0 commit comments

Comments
 (0)