fix: 修复授权系统对sqlserver异常的问题 #5223

dbm-services/mysql/db-priv/service/add_priv_base_func_for_sqlserver.go

@@ -146,14 +146,42 @@ func ImportSqlserverPrivilege(account TbAccounts, rules []TbAccountRules, bkClou
 		var queryRequest = QueryRequest{[]string{address}, backendSQL, false, 60, bkCloudId}
 		_, err = OneAddressExecuteSqlserverSql(queryRequest)
 		if err != nil {
-			slog.Error("OneAddressExecuteSqlserverSql", err)
+			slog.Error("ImportSqlserverPrivilege failed", err)
 			return err
 		}
 	}
 
 	return nil
 }
 
+// SaveAutoGRant 保存授权配置到实例
+func SaveAutoGRant(account TbAccounts, rules []TbAccountRules, bkCloudId int64, storage []Storage) error {
+	tableName := "[Monitor].[dbo].[AUTO_GRANT]"
+	var sqls []string
+	var addresses []string
+	for _, rule := range rules {
+		for _, p := range strings.Split(rule.Priv, ",") {
+			sqls = append(
+				sqls,
+				fmt.Sprintf("delete from %s where [ACCOUNT] = '%s' and [GRANT_DB] = '%s' and [GRANT_TYPE] = '%s';",
+					tableName, account.User, rule.Dbname, p),
+				fmt.Sprintf("insert into %s values('%s','%s','%s','getdate()');",
+					tableName, account.User, rule.Dbname, p),
+			)
+		}
+	}
+	for _, s := range storage {
+		addresses = append(addresses, fmt.Sprintf("%s:%d", s.IP, s.Port))
+	}
+	var queryRequest = QueryRequest{addresses, sqls, false, 60, bkCloudId}
+	_, err := OneAddressExecuteSqlserverSql(queryRequest)
+	if err != nil {
+		slog.Error("SaveAutoGRant failed", err)
+		return err
+	}
+	return nil
+}
+
 // 获取sqlserver账号对象
 func GetAccount(bkBizId int64, user string) (TbAccounts, error) {
 	var account TbAccounts

dbm-services/mysql/db-priv/service/add_priv_for_sqlserver.go

@@ -1,12 +1,13 @@
 package service
 
 import (
-	"dbm-services/mysql/priv-service/util"
 	"fmt"
 	"log/slog"
 	"strings"
 	"time"
 
+	"dbm-services/mysql/priv-service/util"
+
 	"github.com/spf13/viper"
 )
 
@@ -49,6 +50,15 @@ func (m *PrivTaskPara) AddPrivForSqlserver(jsonPara string) error {
 		); err != nil {
 			return err
 		}
+		// 导入授权配置到实例
+		if err := SaveAutoGRant(
+			account,
+			rules,
+			cluster.BkCloudId,
+			cluster.Storages,
+		); err != nil {
+			return err
+		}
 
 	}
 	return nil

dbm-services/mysql/db-priv/service/db_meta_service.go

@@ -96,7 +96,14 @@ func GetAllClustersInfo(c *util.Client, id BkBizIdPara) ([]Cluster, error) {
 // GetCluster 根据域名获取集群信息
 func GetCluster(c *util.Client, ClusterType string, dns Domain) (Instance, error) {
 	var resp Instance
-	url := fmt.Sprintf("/apis/proxypass/dbmeta/priv_manager/mysql/%s/cluster_instances/", ClusterType)
+	var url string
+	if ClusterType == sqlserverHA || ClusterType == sqlserverSingle || ClusterType == sqlserver {
+		// 走sqlserver授权逻辑
+		url = fmt.Sprintf("/apis/proxypass/dbmeta/priv_manager/sqlserver/%s/cluster_instances/", ClusterType)
+	} else {
+		url = fmt.Sprintf("/apis/proxypass/dbmeta/priv_manager/mysql/%s/cluster_instances/", ClusterType)
+	}
+
 	result, err := c.Do(http.MethodPost, url, dns)
 	if err != nil {
 		slog.Error("msg", url, err)

dbm-ui/backend/db_meta/urls.py

@@ -60,13 +60,13 @@
         ),
         # priv manager sqlserver_single
         path(
-            "priv_manager/sqlserver_single/cluster_instances",
+            "priv_manager/sqlserver/sqlserver_single/cluster_instances",
             views.priv_manager.sqlserver_single_cluster_instances,
             name="priv-manager-sqlserver-single-cluster_instances",
         ),
         # priv manager sqlserver_ha
         path(
-            "priv_manager/sqlserver_ha/cluster_instances",
+            "priv_manager/sqlserver/sqlserver_ha/cluster_instances",
             views.priv_manager.sqlserver_ha_cluster_instances,
             name="priv-manager-sqlserver_ha-cluster_instances",
         ),