From a839d76d1ff38ddba11392c2d0ac281b34ac3400 Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Tue, 3 Dec 2024 21:20:26 +0100
Subject: [PATCH] adjust permissions for customer global mysql user to access
 existing databases

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 install/updates/froxlor/update_2.2.inc.php      | 3 ++-
 lib/Froxlor/Database/Manager/DbManagerMySQL.php | 5 +++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/install/updates/froxlor/update_2.2.inc.php b/install/updates/froxlor/update_2.2.inc.php
index 2c773ab13..ae61ad402 100644
--- a/install/updates/froxlor/update_2.2.inc.php
+++ b/install/updates/froxlor/update_2.2.inc.php
@@ -26,6 +26,7 @@
 use Froxlor\Database\Database;
 use Froxlor\Database\DbManager;
 use Froxlor\Froxlor;
+use Froxlor\FroxlorLogger;
 use Froxlor\Install\Update;
 use Froxlor\Settings;
 
@@ -227,7 +228,7 @@
 			// require privileged access for target db-server
 			Database::needRoot(true, $dbserver, true);
 			// get DbManager
-			$dbm = new DbManager($this->logger());
+			$dbm = new DbManager(FroxlorLogger::getInstanceOf());
 			foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
 				if ($dbm->getManager()->userExistsOnHost($customer['loginname'], $mysql_access_host)) {
 					// deactivate temporarily
diff --git a/lib/Froxlor/Database/Manager/DbManagerMySQL.php b/lib/Froxlor/Database/Manager/DbManagerMySQL.php
index 178354cdf..b73992a4d 100644
--- a/lib/Froxlor/Database/Manager/DbManagerMySQL.php
+++ b/lib/Froxlor/Database/Manager/DbManagerMySQL.php
@@ -334,7 +334,7 @@ private function grantCreateToCustomerDbs(string $username, string $access_host)
 			Database::pexecute($sel_stmt, ['cid' => $cust['customerid']]);
 			while ($dbdata = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$stmt = Database::prepare("
-					GRANT CREATE ON `" . $dbdata['databasename'] . "`.* TO :username@:host
+					GRANT ALL ON `" . $dbdata['databasename'] . "`.* TO :username@:host
 				");
 				Database::pexecute($stmt, [
 					"username" => $username,
@@ -348,6 +348,7 @@ private function grantCreateToCustomerDbs(string $username, string $access_host)
 	 * grant "CREATE" for prefix user to all existing databases of that customer
 	 *
 	 * @param string $username
+	 * @param string $database
 	 * @param string $access_host
 	 * @return void
 	 * @throws \Exception
@@ -355,7 +356,7 @@ private function grantCreateToCustomerDbs(string $username, string $access_host)
 	public function grantCreateToDb(string $username, string $database, string $access_host)
 	{
 		$stmt = Database::prepare("
-			GRANT CREATE ON `" . $database . "`.* TO :username@:host
+			GRANT ALL ON `" . $database . "`.* TO :username@:host
 		");
 		Database::pexecute($stmt, [
 			"username" => $username,