Merge pull request #1171 from hestiacp/fix/2020_09_database_issues

Fix issue with database (user) validation

bin/v-change-database-owner

@@ -52,6 +52,7 @@ if [ -z "$db_data" ]; then
     exit $E_NOTEXIST
 fi
 
+parse_object_kv_list "$db_data"
 #Fix issue #1084 with "Upper case not allowed with PGSQL"
 if [ "$TYPE" == "pgsql" ]; then
    usersmall=$(echo "$user" | tr '[:upper:]' '[:lower:]');
@@ -83,7 +84,6 @@ tmpdir=$(mktemp -p $BACKUP -d "tmp.$database.XXXXXXXXXX" > /dev/null 2>&1)
 $BIN/v-suspend-database $owner $database > /dev/null 2>&1
 
 # Dump database
-parse_object_kv_list "$db_data"
 dump="$tmpdir/$database.$TYPE.sql"
 grants="$tmpdir/$database.$TYPE.$DBUSER"
 case $TYPE in

bin/v-change-database-user

@@ -15,10 +15,6 @@ database=$2
 dbuser="$user"_"$3"
 password=$4; HIDE=4
 
-if [ "$type" = "pgsql" ]; then
-   dbuser=$(echo "$user"_"$3" | tr '[:upper:]' '[:lower:]'); 
-fi
-
 # Includes
 source $HESTIA/func/main.sh
 source $HESTIA/func/db.sh
@@ -60,7 +56,12 @@ update_object_value 'db' 'DB' "$database" '$DBUSER' "$dbuser"
 # Get database values
 get_database_values
 
-# Rebuild datbase
+#Fix issue #1084 with "Upper case not allowed with PGSQL"
+if [ "$TYPE" = "pgsql" ]; then
+   dbuser=$(echo $dbuser | tr '[:upper:]' '[:lower:]'); 
+fi
+
+# Rebuild database
 case $TYPE in
     mysql) rebuild_mysql_database ;;
     pgsql) rebuild_pgsql_database ;;

func/main.sh

@@ -724,14 +724,9 @@ is_common_format_valid() {
 
 # Database format validator
 is_database_format_valid() {
-    if [ "$3" == "pgsql" ]; then
-        if ! [[ "$1" =~ ^[0-9a-z_]{1,63}$ ]]; then
-            check_result $E_INVALID "invalid $2 format :: $1"
-        fi  
-    else
-        if ! [[ "$1" =~ ^[0-9a-zA-Z_]{1,64}$ ]]; then
-            check_result $E_INVALID "invalid $2 format :: $1"
-        fi  
+    exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]"
+    if [[ "$1" =~ $exclude ]] || [ 64 -le ${#1} ]; then
+        check_result $E_INVALID "invalid $2 format :: $1"
     fi
 }
 
@@ -744,17 +739,12 @@ is_date_format_valid() {
 
 # Database user validator
 is_dbuser_format_valid() {
-    if [ "$3" == "pgsql" ]; then
-        if ! [[ "$1" =~ ^[0-9a-z_]{1,63}$ ]]; then
-            check_result $E_INVALID "invalid $2 format :: $1"
-        fi 
-    else
-        if [ 33 -le ${#1} ]; then
-            check_result $E_INVALID "mysql username can be up to 32 characters long"
-        fi
-        if ! [[ "$1" =~ ^[0-9a-zA-Z_]{1,64}$ ]]; then
-            check_result $E_INVALID "invalid $2 format :: $1"
-        fi           
+    exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]"
+    if [ 33 -le ${#1} ]; then
+        check_result $E_INVALID "mysql username can be up to 32 characters long"
+    fi
+    if [[ "$1" =~ $exclude ]]; then
+        check_result $E_INVALID "invalid $2 format :: $1"
     fi
 }
 
@@ -948,10 +938,10 @@ is_format_valid() {
                 charset)        is_object_format_valid "$arg" "$arg_name" ;;
                 charsets)       is_common_format_valid "$arg" 'charsets' ;;
                 comment)        is_object_format_valid "$arg" 'comment' ;;
-                database)       is_database_format_valid "$arg" 'database' $type;;
+                database)       is_database_format_valid "$arg" 'database';;
                 day)            is_cron_format_valid "$arg" $arg_name ;;
                 dbpass)         is_password_format_valid "$arg" ;;
-                dbuser)         is_dbuser_format_valid "$arg" 'dbuser' $type;;
+                dbuser)         is_dbuser_format_valid "$arg" 'dbuser';;
                 dkim)           is_boolean_format_valid "$arg" 'dkim' ;;
                 dkim_size)      is_int_format_valid "$arg" ;;
                 domain)         is_domain_format_valid "$arg" ;;