verdnatura/grafana-find
verdnatura
/
grafana-find
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
grafana-find/main.js

462 lines
13 KiB
JavaScript
Raw Blame History

#!/usr/bin/env node
const packageJson = require('./package.json');
const fetch = require('node-fetch');
const colors = require('colors');
const os = require('os');
const fs = require('fs');
const getopts = require('getopts');
const mysql = require('mysql2/promise');
const conGrafana = mysql.createPool({
host: "dev-db.verdnatura.es",
user: "grafanaPermissions",
password: "grafana",
port : 3307
});
const conVicent = mysql.createPool({
host: "dev-db.verdnatura.es",
user: "vicent",
password: "llopis.19263",
port : 3307
});
// con.connect(function(err) {
// if (err) {
// return console.error('error: ' + err.message);
// }
// console.log('Connected to the MySQL server.');
// });
const error = `[ERROR]: `.bold;
console.log(
`Grafana-Find (${packageJson.description})`.yellow.bold,
`v${packageJson.version}`.cyan.bold
);
const usage = {
description: 'Utility to find strings in dashboards',
params: {
user: 'Grafana username',
version: 'Display the version number and exit',
help: 'Display this help message'
}
};
const opts = getopts(process.argv.slice(2), {
alias: {
version: 'v',
help: 'h'
},
boolean: [
'version',
'help'
]
});
if (opts.version) {
process.exit();
}
if (opts.help) {
console.log(`Usage:`.gray, `grafana-find`, `<string to search>`.magenta);
process.exit();
}
if (!opts._[0]) {
console.error(`${error}The string to search for is missing`.red);
process.exit(1);
}
if (opts._.length > 1) {
console.error(`${error}This command doesn't allow more parameters`.red);
process.exit(1);
}
let config;
const configPaths = [
os.homedir(),
`${__dirname}`
];
for (const configPath of configPaths) {
const configFile = `${configPath}/.grafana-find.json`;
if (fs.existsSync(configFile)) {
config = require(configFile);
break;
}
}
if (!config) {
console.error(`${error}Configuration file not found, search paths: .grafana-find.json: ${configPaths.join(':')}\n`.red);
process.exit(1);
}
const findAll = opts._[0];
const grafanaUrl = config.grafanaUrl;
let user = config.user;
let passw = config.password;
const grafanaApi = `${grafanaUrl}/api`;
const urlOrganizations = `${grafanaUrl}/api/orgs`;
const urlDashboards = `${grafanaApi}/search?orgId=`;
const urlUID = `${grafanaApi}/dashboards/uid/`;
let numberOfDashboards = 0;
let totalDashboards = 0;
let numberOfPanels = 0;
let numberOfVariables = 0;
let numberOfObjects = 0;
let titlePanels = new Array;
let nameVariables = new Array;
const regexRawSQL = new RegExp(findAll, 'i');
async function main(){
if (!user) {
const readline = require('readline');
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout
});
const answer = await new Promise(resolve => {
rl.question(colors.green('Enter your user: '), resolve);
});
user = `${answer}`;
if (!answer) {
console.error(`\n${error}You need to put a user\n`.red);
process.exit(0);
}
rl.close();
}
if (!passw) {
const readline = require('readline');
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout
});
rl.stdoutMuted = true;
const answer = await new Promise(resolve => {
rl.question(colors.green('Enter your password: '), resolve);
rl._writeToOutput = function _writeToOutput(stringToWrite) {
if (rl.stdoutMuted)
rl.output.write("*");
else
rl.output.write(stringToWrite);
};
});
passw = `${answer}`;
if (!answer) {
console.error(`\n${error}You need to put a password\n`.red);
process.exit(0);
}
rl.close();
}
const credentials = `Basic ` + Buffer.from(`${user}:${passw}`).toString('base64');
try {
var response = await fetch(urlOrganizations, {
method: "GET",
headers: {
Authorization: credentials
}
});
} catch (notfound) {
console.error(`${error}Server '${config.grafanaUrl}' not found`.red);
process.exit(1);
};
let AllOrganizations = await response.json();
if (AllOrganizations.message==='invalid username or password') {
console.error(`\n${error}Invalid username or password\n`.red);
process.exit(1);
}
console.clear();
console.log(
`───────── Grafana-Find LOCAL (${packageJson.description}) v${packageJson.version} ────────`.yellow.bold
);
console.log(colors.green.bold(`──────────────────── Starting process ────────────────────\n`));
for (let x in AllOrganizations) {
console.log(colors.gray.bold(`-{Organization: ${AllOrganizations[x].name}}-\n`));
response = await fetch(`${urlDashboards}${AllOrganizations[x].id}`, {
method: "GET",
headers: {
Authorization: credentials
},
redirect: 'manual'
});
if (response.status === 302) {
response = await fetch(`${urlDashboards}${AllOrganizations[x].id}`, {
method: 'GET',
headers: {
Accept: 'application/json'
},
redirect: 'manual'
});
}
let allUID = await response.json();
for (let i in allUID) {
let url = `${urlUID}${allUID[i].uid}`;
response = await fetch(url, {
method: "GET",
headers: {
Authorization: credentials,
},
redirect: 'manual'
});
if (response.status === 404) {
response = await fetch(url, {
method: 'GET',
headers: {
Accept: 'application/json'
},
redirect: 'manual'
});
}
let data = await response.json();
let isFound = false;
let isFoundSomething = false;
const dashboard = data.dashboard;
if (dashboard) {
if (dashboard.panels)
for (const panel of dashboard.panels) {
if (panel.targets)
for (const target of panel.targets) {
const firstWordAfterFrom = getFirstWordAfterFrom(target.rawSql);
if(firstWordAfterFrom == 'ost_ticket') continue;
const sql = replaceVariables(target.rawSql);
await queryAndGrant(sql);
}
}
if (dashboard.templating){
for (const list of dashboard.templating.list) {
const firstWord = getFirstWord(list.query);
if (firstWord != 'SELECT' || firstWord != 'WITH') continue;
const sql = replaceVariables(list.query);
await queryAndGrant(sql);
}
}
}
if (isFoundSomething) {
const linkUrl = `${grafanaUrl}/d/${allUID[i].uid}?orgId=${AllOrganizations[x].id}`;
console.log((linkUrl).yellow.underline, dashboard.title);
if (numberOfPanels) {
console.log(colors.cyan.bold(`[${numberOfPanels}] panels`));
for (let q in titlePanels) {
if (q==(titlePanels.length-1)) {
console.log(` └─${titlePanels[q]}`.cyan)
break
}
console.log(` ├─${titlePanels[q]}`.cyan)
}
}
if (numberOfVariables) {
console.log(colors.magenta.bold(`[${numberOfVariables}] variables`));
for (let q in nameVariables) {
if (q==(nameVariables.length-1)) {
console.log(` └─${nameVariables[q]}`.magenta)
break
}
console.log(` ├─${nameVariables[q]}`.magenta)
}
}
console.log('')
numberOfDashboards++;
}
titlePanels = [];
nameVariables= [];
numberOfObjects = numberOfPanels + numberOfVariables + numberOfObjects;
numberOfPanels = 0;
numberOfVariables = 0;
}
totalDashboards = numberOfDashboards + totalDashboards;
if (!numberOfDashboards)
console.log(`No results found\n`.green);
numberOfDashboards = 0;
};
console.log(colors.green.bold(`──────── Have been found ${numberOfObjects} results in ${totalDashboards} dashboards ────────\n`));
if (!response) {
console.log(`${error}The server don't exists`);
process.exit(1);
}
process.exit();
}
main();
function haveDatabaseInFrom(str){
let fromIndex = str.indexOf("FROM") + 5;
let firstWord = str.substring(fromIndex, str.indexOf(" ", fromIndex));
if (firstWord.indexOf(".") !== -1) {
return true;
} else {
return false;
}
}
function haveDatabaseInJoin(str){
let fromIndex = str.indexOf("JOIN") + 5;
let firstWord = str.substring(fromIndex, str.indexOf(" ", fromIndex));
if (firstWord.indexOf(".") !== -1) {
return true;
} else {
return false;
}
}
function getFirstWord(text) {
const words = text.split(" ");
if (words.length > 0) {
return words[0];
}
return null;
}
function getLastWord(text) {
const words = text.split(" ");
if (words.length > 0) {
return words[words.length - 1];
}
return null;
}
function getFirstWordBetweenQuotes(text) {
const pattern = /'([^']+)'/;
const match = text.match(pattern);
if (match) {
return match[1];
}
return null;
}
function replaceVariables(text){
let sql = text;
sql = sql.replaceAll('$__timeFilter', 'util.mock');
sql = sql.replaceAll('$__timeFrom()', 1);
sql = sql.replaceAll('$__timeTo()', 1);
sql = sql.replaceAll(/\$\w+/g, 1);
sql = sql.replaceAll('${__from}', 1);
sql = sql.replaceAll('${__to}', 1);
return sql;
}
function getFirstWordAfterFrom(text) {
const pattern = /FROM\s+(\w+)/;
const match = text.match(pattern);
if (match) {
return match[1];
}
return null;
}
function addVnInFom(query) {
return query.replace(/(FROM)\s/g, '$1 vn.');
}
function addVnInJoin(query) {
return query.replace(/(JOIN)\s/g, '$1 vn.');
}
// function addVnInFunctions(query) {
// return query.replace(/(firstDayOfWeek|lastDayOfWeek)\s*\(\s*(\w+)\s*\)/g, function(match, functionName, argument) {
// if (!/\./.test(argument)) {
// return `vn.${functionName}(${argument})`;
// }
// return match;
// });
// }
function addVn(query) {
return query.replace(/(FROM|JOIN)\s+(?!\w+\.)(\w+)/g, '$1 vn.$2');
}
async function queryAndGrant(sql){
console.log(sql);
try{
await conGrafana.query(sql);
} catch (err) {
if(err.code == 'ER_TABLEACCESS_DENIED_ERROR') {
const table = getLastWord(err.sqlMessage); // p.e: `account`.`user`
const user = getFirstWordBetweenQuotes(err.sqlMessage); // p.e: grafanaPermissions
const grant = `GRANT SELECT ON ${table} TO '${user}'@'%';`;
console.log(grant);
try{
await conVicent.query(grant)
} catch (err){
// console.log(err);
if(err.code != 'ER_NO_SUCH_TABLE') await queryAndGrant(sql);
}
} else if(err.code == 'ER_PROCACCESS_DENIED_ERROR'){
const routine = getLastWord(err.sqlMessage); // p.e: 'util.mock'
const test = routine.replace(/'/g, "");
const user = getFirstWordBetweenQuotes(err.sqlMessage); // p.e: grafanaPermissions
const grant = `GRANT EXECUTE ON FUNCTION ${test} TO '${user}'@'%';`;
console.log(grant);
try{
await conVicent.query(grant)
} catch (err){
// console.log(err);
await queryAndGrant(sql)
}
} else if(err.code == 'ER_NO_DB_ERROR'){
console.log(err);
sql = addVn(sql)
await queryAndGrant(sql);
} else if(err.code == 'ER_SP_DOES_NOT_EXIST'){
console.log(err);
const sqlComplete = addVnInFunctions(sql);
await queryAndGrant(sqlComplete);
} else {
console.log(err);
throw 'ELSE ' + err;
}
}
function addVnInFunctions(str){
let words = str.split(" ");
for (let i = 0; i < words.length; i++) {
if (words[i].startsWith("firstDayOfWeek") || words[i].startsWith("lastDayOfWeek")) {
words[i] = "vn." + words[i];
}
}
str = words.join(" ");
return str;
}
}
Reference in New Issue View Git Blame Copy Permalink