do not create unnecessary logins for mssql (#484)

Azure · Jun 15, 2018 · 28ec808 · 28ec808
1 parent f2311e8
commit 28ec808
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 65 deletions.
diff --git a/pkg/services/mssql/all_in_one_bind.go b/pkg/services/mssql/all_in_one_bind.go
@@ -26,7 +26,7 @@ func (a *allInOneManager) GetCredentials(
 	creds := createCredential(
 		dt.FullyQualifiedDomainName,
 		dt.DatabaseName,
-		bd.LoginName,
+		bd.Username,
 		string(bd.Password),
 	)
 	return creds, nil

diff --git a/pkg/services/mssql/common_bind.go b/pkg/services/mssql/common_bind.go
@@ -16,32 +16,10 @@ func bind(
 	databaseName string,
 ) (service.BindingDetails, error) {
 
-	loginName := generate.NewIdentifier()
+	username := generate.NewIdentifier()
 	password := generate.NewPassword()
 
-	// connect to master database to create login
-	masterDb, err := getDBConnection(
-		administratorLogin,
-		administratorPassword,
-		fqdn,
-		"master",
-	)
-	if err != nil {
-		return nil, err
-	}
-	defer masterDb.Close() // nolint: errcheck
-
-	if _, err = masterDb.Exec(
-		fmt.Sprintf("CREATE LOGIN \"%s\" WITH PASSWORD='%s'", loginName, password),
-	); err != nil {
-		return nil, fmt.Errorf(
-			`error creating login "%s": %s`,
-			loginName,
-			err,
-		)
-	}
-
-	// connect to new database to create user for the login
+	// connect to new database to create user
 	db, err := getDBConnection(
 		administratorLogin,
 		administratorPassword,
@@ -66,30 +44,23 @@ func bind(
 				log.WithField("error", err).
 					Error("error rolling back transaction on the new database")
 			}
-			// Drop the login created in the last step
-			if _, err = masterDb.Exec(
-				fmt.Sprintf("DROP LOGIN \"%s\"", loginName),
-			); err != nil {
-				log.WithField("error", err).
-					Error("error dropping login on master database")
-			}
 		}
 	}()
 	if _, err = tx.Exec(
-		fmt.Sprintf("CREATE USER \"%s\" FOR LOGIN \"%s\"", loginName, loginName),
+		fmt.Sprintf("CREATE USER \"%s\" WITH PASSWORD='%s'", username, password),
 	); err != nil {
 		return nil, fmt.Errorf(
 			`error creating user "%s": %s`,
-			loginName,
+			username,
 			err,
 		)
 	}
 	if _, err = tx.Exec(
-		fmt.Sprintf("GRANT CONTROL to \"%s\"", loginName),
+		fmt.Sprintf("GRANT CONTROL to \"%s\"", username),
 	); err != nil {
 		return nil, fmt.Errorf(
 			`error granting CONTROL to user "%s": %s`,
-			loginName,
+			username,
 			err,
 		)
 	}
@@ -100,8 +71,8 @@ func bind(
 		)
 	}
 	return &bindingDetails{
-		LoginName: loginName,
-		Password:  service.SecureString(password),
+		Username: username,
+		Password: service.SecureString(password),
 	}, nil
 }
 

diff --git a/pkg/services/mssql/common_types.go b/pkg/services/mssql/common_types.go
@@ -3,8 +3,8 @@ package mssql
 import "github.com/Azure/open-service-broker-azure/pkg/service"
 
 type bindingDetails struct {
-	LoginName string               `json:"loginName"`
-	Password  service.SecureString `json:"password"`
+	Username string               `json:"username"`
+	Password service.SecureString `json:"password"`
 }
 
 // Credentials encapsulates MSSQL-specific coonection details and credentials.

diff --git a/pkg/services/mssql/common_unbind.go b/pkg/services/mssql/common_unbind.go
@@ -11,7 +11,7 @@ func unbind(
 	databaseName string,
 	bd *bindingDetails,
 ) error {
-	// connect to new database to drop user for the login
+	// connect to database to drop user
 	db, err := getDBConnection(
 		administratorLogin,
 		administratorPassword,
@@ -23,32 +23,11 @@ func unbind(
 	defer db.Close() // nolint: errcheck
 
 	if _, err = db.Exec(
-		fmt.Sprintf("DROP USER \"%s\"", bd.LoginName),
+		fmt.Sprintf("DROP USER \"%s\"", bd.Username),
 	); err != nil {
 		return fmt.Errorf(
 			`error dropping user "%s": %s`,
-			bd.LoginName,
-			err,
-		)
-	}
-
-	// connect to master database to drop login
-	masterDb, err := getDBConnection(
-		administratorLogin,
-		administratorPassword,
-		fqdn,
-		"master")
-	if err != nil {
-		return err
-	}
-	defer masterDb.Close() // nolint: errcheck
-
-	if _, err = masterDb.Exec(
-		fmt.Sprintf("DROP LOGIN \"%s\"", bd.LoginName),
-	); err != nil {
-		return fmt.Errorf(
-			`error dropping login "%s": %s`,
-			bd.LoginName,
+			bd.Username,
 			err,
 		)
 	}

diff --git a/pkg/services/mssql/database_bind.go b/pkg/services/mssql/database_bind.go
@@ -28,7 +28,7 @@ func (d *databaseManager) GetCredentials(
 	return createCredential(
 		pdt.FullyQualifiedDomainName,
 		dt.DatabaseName,
-		bd.LoginName,
+		bd.Username,
 		string(bd.Password),
 	), nil
 }