Skip to content

Commit

Permalink
Call user's teleport_user_activated_callback/`teleport_user_deactiv…
Browse files Browse the repository at this point in the history
…ated_callback` mysql procedures once user was activated or deactivated if such procedures are created by a user
  • Loading branch information
disc committed Dec 3, 2024
1 parent 903fee0 commit 810c423
Show file tree
Hide file tree
Showing 5 changed files with 53 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/srv/db/mysql/autousers.go
Original file line number Diff line number Diff line change
Expand Up @@ -544,7 +544,7 @@ func getCreateProcedureCommand(conn *clientConn, procedureName string) (string,
const (
// procedureVersion is a hard-coded string that is set as procedure
// comments to indicate the procedure version.
procedureVersion = "teleport-auto-user-v4"
procedureVersion = "teleport-auto-user-v5"

// mysqlMaxUsernameLength is the maximum username/role length for MySQL.
//
Expand Down
13 changes: 13 additions & 0 deletions lib/srv/db/mysql/sql/mariadb_activate_user.sql
Original file line number Diff line number Diff line change
Expand Up @@ -91,4 +91,17 @@ proc_label:BEGIN
PREPARE stmt FROM @sql;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;

-- Call a callback procedure once a user is activated (if the procedure exists)
-- The signature of the procedure should be:
-- CREATE PROCEDURE teleport_user_activated_callback(IN username VARCHAR(80))
IF EXISTS (
SELECT 1
FROM information_schema.routines
WHERE routine_type = 'procedure'
AND routine_schema = 'teleport'
AND routine_name = 'teleport_user_activated_callback'
) THEN
CALL teleport_user_activated_callback(username);
END IF;
END
13 changes: 13 additions & 0 deletions lib/srv/db/mysql/sql/mariadb_deactivate_user.sql
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,18 @@ BEGIN
DEALLOCATE PREPARE stmt;

CALL teleport_revoke_roles(username);

-- Call a callback procedure once a user is deactivated (if the procedure exists)
-- The signature of the procedure should be:
-- CREATE PROCEDURE teleport_user_deactivated_callback(IN username VARCHAR(80))
IF EXISTS (
SELECT 1
FROM information_schema.routines
WHERE routine_type = 'procedure'
AND routine_schema = 'teleport'
AND routine_name = 'teleport_user_deactivated_callback'
) THEN
CALL teleport_user_deactivated_callback(username);
END IF;
END IF;
END
13 changes: 13 additions & 0 deletions lib/srv/db/mysql/sql/mysql_activate_user.sql
Original file line number Diff line number Diff line change
Expand Up @@ -72,4 +72,17 @@ proc_label:BEGIN
PREPARE stmt FROM @sql;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;

-- Call a callback procedure once a user is activated (if the procedure exists)
-- The signature of the procedure should be:
-- CREATE PROCEDURE teleport_user_activated_callback(IN username VARCHAR(32))
IF EXISTS (
SELECT 1
FROM information_schema.routines
WHERE routine_type = 'procedure'
AND routine_schema = 'teleport'
AND routine_name = 'teleport_user_activated_callback'
) THEN
CALL teleport_user_activated_callback(username);
END IF;
END
13 changes: 13 additions & 0 deletions lib/srv/db/mysql/sql/mysql_deactivate_user.sql
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,18 @@ BEGIN
DEALLOCATE PREPARE stmt;

CALL teleport_revoke_roles(username);

-- Call a callback procedure once a user is deactivated (if the procedure exists)
-- The signature of the procedure should be:
-- CREATE PROCEDURE teleport_user_deactivated_callback(IN username VARCHAR(32))
IF EXISTS (
SELECT 1
FROM information_schema.routines
WHERE routine_type = 'procedure'
AND routine_schema = 'teleport'
AND routine_name = 'teleport_user_deactivated_callback'
) THEN
CALL teleport_user_deactivated_callback(username);
END IF;
END IF;
END

0 comments on commit 810c423

Please sign in to comment.