daUser->username(); $prefix = $ctx->daUser->prefix(); $showRemoteHosts = $ctx->settings->allowRemoteHosts(); $fixedHosts = array_flip($ctx->mysql->requiredAccessHosts()); $databases = $ctx->mysql->listDatabasesForUser($daUser); $dbNames = array_map(static fn(array $db): string => $db['name'], $databases); if ($ctx->isPost()) { try { $ctx->requireCsrf('create_user_submit'); $role = NamePolicy::normalizeRoleName($ctx->postString('role_name'), $prefix); if ($ctx->mysql->roleExists($role)) { throw new RuntimeException('Użytkownik MySQL już istnieje: ' . $role); } $password = $ctx->postString('password'); if (strlen($password) < 12) { throw new RuntimeException('Hasło użytkownika musi mieć co najmniej 12 znaków.'); } $selectedDbsRaw = $ctx->postArray('databases'); $selectedDbs = []; foreach ($selectedDbsRaw as $db) { $normalizedDb = NamePolicy::normalizeDatabaseName($db, $prefix); if (!in_array($normalizedDb, $dbNames, true)) { throw new RuntimeException('Nieprawidłowa baza do przypisania: ' . $normalizedDb); } $selectedDbs[] = $normalizedDb; } $selectedDbs = array_values(array_unique($selectedDbs)); $privileges = NamePolicy::sanitizePrivileges($ctx->postArray('privileges')); if (empty($privileges)) { $privileges = NamePolicy::defaultPrivileges(); } $hostMap = []; if ($showRemoteHosts) { $remoteHostRaw = trim($ctx->postString('remote_host')); if ($remoteHostRaw !== '') { $remoteHost = NamePolicy::normalizeRemoteIpv4Host($remoteHostRaw); $remoteComment = NamePolicy::normalizeHostComment($ctx->postString('remote_comment')); $hostMap[$remoteHost] = $remoteComment; } } $customHostsCount = 0; foreach (array_keys($hostMap) as $host) { if (!isset($fixedHosts[$host])) { $customHostsCount++; } } if ($customHostsCount > $ctx->settings->maxHostsPerUser()) { throw new RuntimeException('Przekroczono limit hostów dla użytkownika MySQL.'); } $hostEntries = []; foreach ($hostMap as $host => $note) { $hostEntries[] = ['host' => $host, 'note' => $note]; } $ctx->mysql->createRole($role, $password); try { $ctx->mysql->replaceRoleHostsWithNotes($daUser, $role, $hostEntries); foreach ($selectedDbs as $dbName) { $ctx->mysql->grantPrivileges($dbName, $role, $privileges); } $sync = $ctx->mysql->syncHostRules(); if (!$sync['ok']) { $errors[] = 'Użytkownik został utworzony, ale synchronizacja hostów MySQL nie powiodła się: ' . $sync['output']; } $ok[] = 'Utworzono użytkownika ' . $role . ' i przypisano ' . count($selectedDbs) . ' baz(y).'; } catch (Throwable $inner) { try { foreach ($selectedDbs as $dbName) { $ctx->mysql->revokePrivileges($dbName, $role); } $ctx->mysql->deleteRoleHosts($daUser, $role); $ctx->mysql->dropRole($role); } catch (Throwable $ignored) { } throw $inner; } } catch (Throwable $e) { $errors[] = $e->getMessage(); } } $dbCheckboxes = ''; foreach ($dbNames as $dbName) { $dbCheckboxes .= ''; } if ($dbCheckboxes === '') { $dbCheckboxes = '
Brak baz do przypisania.
'; } $privCheckboxes = ''; foreach (NamePolicy::PRIVILEGE_LABELS as $code => $label) { $checked = ($code === 'ALL') ? ' checked' : ''; $privCheckboxes .= ''; } $remoteFields = ''; if ($showRemoteHosts) { $remoteFields .= 'Hosty zdalne są wyłączone w konfiguracji pluginu (`allow_remote_hosts=0`).
'; } $body = ''; $body .= ''; $ctx->renderPage('Tworzenie Użytkownika MySQL', $body, $ok, $errors); };