Fakultas Ilmu Komputer UI

Commit e8f246e9 authored by Muhammad Indra Ramadhan's avatar Muhammad Indra Ramadhan
Browse files

Create psql user and db via admin dashboard

parent 77147dc9
......@@ -6,6 +6,8 @@ use Adminer;
use App\Models\AdminerDatabase;
use Illuminate\Http\Request;
use App\Services\AdminerDatabaseService;
use App\Models\Mahasiswa;
use Illuminate\Support\Facades\DB;
class AdminerDatabaseController extends Controller
{
......@@ -44,13 +46,41 @@ class AdminerDatabaseController extends Controller
*/
public function store(Request $request)
{
//
function generateRandomString($length = 10)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$mahasiswa_list = Mahasiswa::where('user_id', $request->user_id)->get();
$mahasiswa = null;
if (count($mahasiswa_list) > 0) {
$mahasiswa = $mahasiswa_list[0];
} else {
$mahasiswa = new Mahasiswa;
$mahasiswa->user_id = $request->user_id;
$mahasiswa->password = generateRandomString();
$mahasiswa->save();
$username = str_replace(".", "_", $mahasiswa->user_id);
DB::statement("CREATE USER $username WITH ENCRYPTED PASSWORD '$mahasiswa->password';");
}
$db = new AdminerDatabase;
$db->name = $request->db_name;
$db->user_id = $request->user_id;
$db->user_id = $mahasiswa->id;
$db->save();
// @TODO: create db and give it's permission to user
$username = str_replace(".", "_", $mahasiswa->user_id);
DB::statement("CREATE DATABASE $db->name;");
DB::statement("REVOKE ALL PRIVILEGES ON DATABASE $db->name FROM public;");
DB::statement("GRANT ALL PRIVILEGES ON DATABASE $db->name TO $username;");
}
/**
......
......@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
use App\Models\Mahasiswa;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class MahasiswaController extends Controller
{
......@@ -59,7 +60,8 @@ class MahasiswaController extends Controller
$mahasiswa->save();
// @TODO: create psql account
$username = str_replace(".", "_", $mahasiswa->user_id);
DB::statement("CREATE USER $username WITH ENCRYPTED PASSWORD '$mahasiswa->password';");
}
/**
......
<template>
<div class="container-fluid">
<div class="row">
<div class="col-12">
<div class="card m-b-20">
<div class="card-body">
<table
id="datatable"
class="table table-bordered dt-responsive nowrap"
cellspacing="0"
width="100%"
>
<thead>
<tr>
<th>ID</th>
<th>Name</th>
<th>User.ID</th>
</tr>
</thead>
<tbody>
<tr v-for="database in adminer_databases" :key="database.id">
<td>{{ database.id }}</td>
<td>{{ database.name }}</td>
<td>{{ database.user_id }}</td>
</tr>
</tbody>
</table>
<form @submit="submitForm">
<strong>User.id(bukan username):</strong>
<textarea class="form-control" v-model="user_id"></textarea>
<strong>Database Name</strong>
<textarea class="form-control" v-model="db_name"></textarea>
<button class="btn btn-success">Submit</button>
</form>
</div>
<div class="container-fluid">
<div class="row">
<div class="col-12">
<div class="card m-b-20">
<div class="card-body">
<form @submit="submitForm">
<h2>Buat Database Baru</h2>
<strong>Username SSO/Postgres:</strong>
<input
type="text"
class="form-control"
v-model="user_id"
style="margin-bottom: 20px"
/>
<strong>Database Name</strong>
<input
type="text"
class="form-control"
v-model="db_name"
style="margin-bottom: 20px"
/>
<button class="btn btn-success">Create</button>
</form>
<hr />
<table
id="datatable"
class="table table-bordered dt-responsive nowrap"
cellspacing="0"
width="100%"
>
<thead>
<tr>
<th>Database Name</th>
<th>Username Mahasiswa</th>
</tr>
</thead>
<tbody>
<tr
v-for="database in adminer_databases"
:key="database.id"
>
<td>{{ database.name }}</td>
<td>{{ database.user.user_id }}</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</template>
<script>
export default {
data() {
return {
adminer_databases: [],
admins_uri: "/admin/resource/adminerdatabases",
user_id: "",
db_name: "",
};
},
methods: {
loadData() {
axios.get(this.admins_uri).then((response) => {
$.when(this.putAsyncData(response.data)).then(function () {
$("#datatable").DataTable();
});
});
data() {
return {
adminer_databases: [],
admins_uri: "/admin/resource/adminerdatabases",
user_id: "",
db_name: ""
};
},
putAsyncData(data) {
this.adminer_databases = data;
methods: {
loadData() {
axios.get(this.admins_uri).then(response => {
$.when(this.putAsyncData(response.data)).then(function() {
$("#datatable").DataTable();
});
});
},
putAsyncData(data) {
this.adminer_databases = data;
},
submitForm(e) {
e.preventDefault();
axios
.post(this.admins_uri, {
user_id: this.user_id,
db_name: this.db_name
})
.then(res => this.loadData());
}
},
submitForm(e) {
e.preventDefault();
axios
.post(this.admins_uri, { user_id: this.user_id, db_name: this.db_name })
.then((res) => console.log("berhasil"));
},
},
mounted() {
this.loadData();
},
mounted() {
this.loadData();
}
};
</script>
......@@ -4,21 +4,27 @@
<div class="col-12">
<div class="card m-b-20">
<div class="card-body">
<table id="datatable" class="table table-bordered dt-responsive nowrap" cellspacing="0" width="100%">
<table
id="datatable"
class="table table-bordered dt-responsive nowrap"
cellspacing="0"
width="100%"
>
<thead>
<tr>
<th></th>
<th>Name</th>
<th>Email</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<tr v-for="(admin, index) in admins" :key="admin.id">
<td>{{ index+1 }}</td>
<tr
v-for="(admin, index) in admins"
:key="admin.id"
>
<td>{{ admin.name }}</td>
<td>{{ admin.email }}</td>
<td>Love you</td>
<td></td>
</tr>
</tbody>
</table>
......@@ -30,29 +36,27 @@
</template>
<script>
export default {
data(){
return{
admins: [],
admins_uri : '/admin/resource/users/admins'
}
},
methods: {
loadData(){
axios.get(this.admins_uri)
.then(response=>{
$.when(this.putAsyncData(response.data)).then(function(){
$('#datatable').DataTable();
})
export default {
data() {
return {
admins: [],
admins_uri: "/admin/resource/users/admins"
};
},
methods: {
loadData() {
axios.get(this.admins_uri).then(response => {
$.when(this.putAsyncData(response.data)).then(function() {
$("#datatable").DataTable();
});
},
putAsyncData(data){
this.admins = data
}
});
},
mounted() {
this.loadData();
putAsyncData(data) {
this.admins = data;
}
},
mounted() {
this.loadData();
}
};
</script>
<template>
<div class="container-fluid">
<div class="row">
<div class="col-12">
<div class="card m-b-20">
<div class="card-body">
<table
id="datatable"
class="table table-bordered dt-responsive nowrap"
cellspacing="0"
width="100%"
>
<thead>
<tr>
<th>ID</th>
<th>Username</th>
<th>Password</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<tr v-for="mahasiswa in mahasiswas" :key="mahasiswa.id">
<td>{{ mahasiswa.id }}</td>
<td>{{ mahasiswa.user_id }}</td>
<td>{{ mahasiswa.password }}</td>
<td>Love you</td>
</tr>
</tbody>
</table>
<form @submit="submitForm">
<strong>Username:</strong>
<textarea class="form-control" v-model="user_id"></textarea>
<button class="btn btn-success">Submit</button>
</form>
</div>
<div class="container-fluid">
<div class="row">
<div class="col-12">
<div class="card m-b-20">
<div class="card-body">
<form @submit="submitForm">
<h2>Buat Mahasiswa Baru</h2>
<strong>Username SSO/Postgres:</strong>
<input
type="text"
class="form-control"
v-model="user_id"
style="margin-bottom: 10px"
/>
<button class="btn btn-success">Create</button>
</form>
<hr />
<h2>Daftar Mahasiswa</h2>
<table
id="datatable"
class="table table-bordered dt-responsive nowrap"
cellspacing="0"
width="100%"
>
<thead>
<tr>
<th>Username SSO</th>
<th>Username Postgres</th>
<th>Password Postgres</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<tr
v-for="mahasiswa in mahasiswas"
:key="mahasiswa.id"
>
<td>{{ mahasiswa.user_id }}</td>
<td>{{ mahasiswa.user_psql }}</td>
<td>{{ mahasiswa.password }}</td>
<td></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</template>
<script>
export default {
data() {
return {
mahasiswas: [],
mahasiswas_uri: "/admin/resource/mahasiswas",
user_id: "",
};
},
methods: {
loadData() {
axios.get(this.mahasiswas_uri).then((response) => {
console.log(response);
$.when(this.putAsyncData(response.data)).then(function () {
$("#datatable").DataTable();
});
});
data() {
return {
mahasiswas: [],
mahasiswas_uri: "/admin/resource/mahasiswas",
user_id: ""
};
},
putAsyncData(data) {
this.mahasiswas = data;
console.log("mahasiswa:");
console.log(this.mahasiswas);
methods: {
loadData() {
axios.get(this.mahasiswas_uri).then(response => {
console.log(response);
$.when(this.putAsyncData(response.data)).then(function() {
$("#datatable").DataTable();
});
});
},
putAsyncData(data) {
this.mahasiswas = data.map(mahasiswa => ({
...mahasiswa,
user_psql: mahasiswa.user_id.replace(".", "_")
}));
},
submitForm(e) {
e.preventDefault();
axios
.post(this.mahasiswas_uri, { user_id: this.user_id })
.then(res => this.loadData());
}
},
submitForm(e) {
e.preventDefault();
console.log(this.user_id);
axios
.post(this.mahasiswas_uri, { user_id: this.user_id })
.then((res) => console.log("berhasil"));
},
},
mounted() {
this.loadData();
},
mounted() {
this.loadData();
}
};
</script>
......@@ -20,19 +20,18 @@
<div id="sidebar-menu">
<ul>
<li class="menu-title">Main</li>
<li>
<!-- <li>
<a href="{{ route('admin.dashboard') }}" class="waves-effect"><i class="mdi mdi-view-dashboard"></i> <span> Dashboard</span></a>
</li>
<li class="has_sub">
<a href="javascript:void(0);" class="waves-effect"><i class="mdi mdi-account-location"></i><span> Adminer <span class="pull-right"><i class="mdi mdi-chevron-right"></i></span> </span></a>
<ul class="list-unstyled">
<ul class="list-unstyled"> -->
<li><a href="{{ route('admin.admins') }}">Admins</a></li>
<li><a href="{{ route('admin.users') }}">Users</a></li>
<li><a href="{{ route('admin.databases') }}">Databases</a></li>
<li><a href="{{ route('admin.mahasiswas') }}">Mahasiswas</a></li>
</ul>
</li>
<li><a href="{{ route('admin.mahasiswas') }}">Mahasiswa</a></li>
<!-- </ul>
</li> -->
</ul>
</div>
<div class="clearfix"></div>
......
......@@ -48,6 +48,39 @@ function check_invalid_login() {
}
}
// -- BEGIN (OPEN SAUCE) --
function generateRandomString($length = 10) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$user = SSO\SSO::getUser();
$conn = new PDO('pgsql:host='.$server.';dbname=adminer', $username, $password);
$query = $conn->prepare("SELECT * FROM public.mahasiswas WHERE user_id = ?;");
$query->execute([$user->username]);
$result = $query->fetchAll();
$pgsql_username = str_replace(".", "_", $user->username);
$pgsql_password = "";
if (sizeof($result) == 0) {
$pgsql_password = generateRandomString();
$query = $conn->prepare("INSERT INTO public.mahasiswas (user_id, password) VALUES ('$user->username', '$pgsql_password');");
$query->execute([]);
$query = $conn->prepare("CREATE USER ".$pgsql_username." WITH PASSWORD '".$pgsql_password."';");
$query->execute([]);
} else {
$row = $result[0];
$pgsql_password = $row['password'];
}
$username = $pgsql_username;
$password = $pgsql_password;
if ($_SESSION["db"][$vendor][$server][$username][$db] == false) {
$_POST["auth"] = [
"driver" => $vendor,
......@@ -60,6 +93,8 @@ if ($_SESSION["db"][$vendor][$server][$username][$db] == false) {
redirect(auth_url($vendor, $server, $username, ""));
}
// -- END (OPEN SAUCE) --
$auth = $_POST["auth"];
if ($auth) {
session_regenerate_id(); // defense against session fixation
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment