scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-31 18:48:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove fmt strings and replace with inline queries (#13799)

Browse Source 
* removed fmt strings and replaced with inline SQL | added unit tests

* changelog++
This commit is contained in:
Gary Frederick
2022-01-27 15:20:13 -08:00
committed by GitHub
parent 931654ad75
commit 0bed9ec3b0
3 changed files with 77 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
plugins/database/mssql/mssql.go
View File

@@ -216,24 +216,32 @@ func (m *MSSQL) revokeUserDefault(ctx context.Context, username string) error {
// Check if DB is contained
if m.containedDB {
revokeStmt, err := db.PrepareContext(ctx, fmt.Sprintf("DROP USER IF EXISTS [%s]", username))
revokeQuery :=
`DECLARE @stmt nvarchar(max);
SET @stmt = 'DROP USER IF EXISTS ' + QuoteName(@username);
EXEC(@stmt);`
revokeStmt, err := db.PrepareContext(ctx, revokeQuery)
if err != nil {
return err
}
defer revokeStmt.Close()
if _, err := revokeStmt.ExecContext(ctx); err != nil {
if _, err := revokeStmt.ExecContext(ctx, sql.Named("username", username)); err != nil {
return err
}
return nil
}
// First disable server login
disableStmt, err := db.PrepareContext(ctx, fmt.Sprintf("ALTER LOGIN [%s] DISABLE;", username))
if err != nil {
disableQuery :=
`DECLARE @stmt nvarchar(max);
SET @stmt = 'ALTER LOGIN ' + QuoteName(@username) + ' DISABLE';
EXEC(@stmt);`
disableStmt, err := db.PrepareContext(ctx, disableQuery)
if err != nil{
return err
}
defer disableStmt.Close()
if _, err := disableStmt.ExecContext(ctx); err != nil {
if _, err := disableStmt.ExecContext(ctx, sql.Named("username", username)); err != nil {
return err
}
@@ -311,12 +319,12 @@ func (m *MSSQL) revokeUserDefault(ctx context.Context, username string) error {
}
// Drop this login
stmt, err = db.PrepareContext(ctx, fmt.Sprintf(dropLoginSQL, username, username))
stmt, err = db.PrepareContext(ctx, dropLoginSQL)
if err != nil {
return err
}
defer stmt.Close()
if _, err := stmt.ExecContext(ctx); err != nil {
if _, err := stmt.ExecContext(ctx, sql.Named("username", username)); err != nil {
return err
}
@@ -413,14 +421,12 @@ END
`
const dropLoginSQL = `
IF EXISTS
(SELECT name
FROM master.sys.server_principals
WHERE name = N'%s')
BEGIN
DROP LOGIN [%s]
END
`
DECLARE @stmt nvarchar(max)
SET @stmt = 'IF EXISTS (SELECT name FROM [master].[sys].[server_principals] WHERE [name] = ' + QuoteName(@username, '''') + ') ' +
'BEGIN ' +
'DROP LOGIN ' + QuoteName(@username) + ' ' +
'END'
EXEC (@stmt)`
const alterLoginSQL = `
ALTER LOGIN [{{username}}] WITH PASSWORD = '{{password}}'