roguewave 0.1.0

An imperative remote server automation tool
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

use anyhow::{bail, Result};
use format_sql_query::QuotedData;

use crate::Session;

impl Session {
    /// Execute PostgreSQL commands.
    pub fn postgres(&mut self) -> Postgres {
        Postgres(self)
    }
}

/// Provides access to PostgreSQL commands.
pub struct Postgres<'a>(&'a mut Session);

impl<'a> Postgres<'a> {
    /// Create a PostgreSQL user with the specified password.
    ///
    /// Note: if the user with the specified name already exists, its password will not be changed.
    pub async fn create_user_with_password(&mut self, user: &str, password: &str) -> Result<()> {
        if !user.chars().all(|c| c.is_ascii_alphanumeric() || c == '_') {
            bail!("invalid postgres user name");
        }

        let user_exists = self
            .0
            .command([
                "psql",
                "--tuples-only",
                "--command",
                &format!(
                    "SELECT 1 FROM pg_roles WHERE rolname = {}",
                    QuotedData(user)
                ),
            ])
            .prepend_args(["sudo", "--user", "postgres", "--login"])
            .hide_command()
            .hide_stdout()
            .run()
            .await?
            .stdout
            .contains('1');

        if !user_exists {
            self.0
                .command(["psql", "--command"])
                .redacted_arg(
                    format!(
                        "CREATE USER {} WITH PASSWORD {}",
                        user,
                        QuotedData(password)
                    ),
                    format!(
                        "CREATE USER {} WITH PASSWORD {}",
                        user,
                        QuotedData("<redacted>")
                    ),
                )
                .prepend_args(["sudo", "--user", "postgres", "--login"])
                .run()
                .await?;
        }
        Ok(())
    }

    /// Create a PostgreSQL database.
    pub async fn create_database(&mut self, name: &str) -> Result<()> {
        if !name
            .chars()
            .all(|c| c.is_ascii_alphanumeric() || c == '_' || c == '$')
        {
            bail!("invalid postgres database name");
        }

        let db_exists = self
            .0
            .command([
                "psql",
                "--tuples-only",
                "--command",
                &format!(
                    "SELECT 1 FROM pg_database WHERE datname = {}",
                    QuotedData(name)
                ),
            ])
            .prepend_args(["sudo", "--user", "postgres", "--login"])
            .hide_command()
            .hide_stdout()
            .run()
            .await?
            .stdout
            .contains('1');

        if !db_exists {
            self.0
                .command(["psql", "--command", &format!("CREATE DATABASE {}", name)])
                .prepend_args(["sudo", "--user", "postgres", "--login"])
                .run()
                .await?;
        }
        Ok(())
    }

    /// Grant all privileges on `database` to `user`.
    pub async fn grant_all_privileges(&mut self, database: &str, user: &str) -> Result<()> {
        if !user.chars().all(|c| c.is_ascii_alphanumeric() || c == '_') {
            bail!("invalid postgres user name");
        }
        if !database
            .chars()
            .all(|c| c.is_ascii_alphanumeric() || c == '_' || c == '$')
        {
            bail!("invalid postgres database name");
        }

        self.0
            .command([
                "psql",
                "--command",
                &format!("GRANT ALL PRIVILEGES ON DATABASE {} TO {}", database, user),
            ])
            .prepend_args(["sudo", "--user", "postgres", "--login"])
            .run()
            .await?;
        Ok(())
    }
}