- Fix quoting of various fields, including usernames and passwords

 - Restore ability to edit passwords
 - Fix the "Refresh" gear menu item not being connected to the action
 - Add support in code for renaming users - previously interface changes weren't saved
 - Fix user deletion support, including non-existant hosts.  This addresses Issue #653.

1 files changed, 62 insertions, 22 deletions

diff --git a/Source/SPUserManager.m b/Source/SPUserManager.m
index 369cbbc7..6594d75f 100644
--- a/Source/SPUserManager.m
+++ b/Source/SPUserManager.m
@@ -181,7 +181,7 @@
  * it's data from the SPUser Entity objects in the current managedObjectContext.
  */
 - (void)_initializeTree:(NSArray *)items
-{	
+{
 	// Go through each item that contains a dictionary of key-value pairs
 	// for each user currently in the database.
 	for(NSInteger i = 0; i < [items count]; i++)
@@ -208,9 +208,12 @@
 			NSManagedObject *parent = [self _createNewSPUser];
 			NSManagedObject *child = [self _createNewSPUser];
 			
-			// We only care about setting the user and password keys on the parent
+			// We only care about setting the user and password keys on the parent, together with their
+			// original values for comparison purposes
 			[parent setValue:username forKey:@"user"];
+			[parent setValue:username forKey:@"originaluser"];
 			[parent setValue:[item objectForKey:@"Password"] forKey:@"password"];
+			[parent setValue:[item objectForKey:@"Password"] forKey:@"originalpassword"];
 
 			[self _initializeChild:child withItem:item];
 			
@@ -330,8 +333,8 @@
 	// Assumes that the child has already been initialized with values from the
 	// global user table.
 	// Select rows from the db table that contains schema privs for each user/host
-	NSString *queryString = [NSString stringWithFormat:@"SELECT * from `mysql`.`db` d WHERE d.user = '%@' and d.host = '%@'", 
-							 [[child parent] valueForKey:@"user"], [child valueForKey:@"host"]];
+	NSString *queryString = [NSString stringWithFormat:@"SELECT * from `mysql`.`db` d WHERE d.user = %@ and d.host = %@", 
+							 [[[child parent] valueForKey:@"user"] tickQuotedString], [[child valueForKey:@"host"] tickQuotedString]];
 	MCPResult *queryResults = [self.mySqlConnection queryString:queryString];
 	if ([queryResults numOfRows] > 0)
 	{
@@ -636,14 +639,20 @@
 - (IBAction)removeUser:(id)sender
 {
     NSString *username = [[[treeController selectedObjects] objectAtIndex:0]
-                          valueForKey:@"user"];
+                          valueForKey:@"originaluser"];
     NSArray *children = [[[treeController selectedObjects] objectAtIndex:0] 
                          valueForKey:@"children"];
+
+	// On all the children - host entries - set the username to be deleted,
+	// for later query contruction.
     for(NSManagedObject *child in children)
     {
         [child setPrimitiveValue:username forKey:@"user"];
     }
 	
+	// Unset the host on the user, so that only the host entries are dropped
+	[[[treeController selectedObjects] objectAtIndex:0] setPrimitiveValue:nil forKey:@"host"];
+
 	[treeController remove:sender];
 }
 
@@ -750,6 +759,19 @@
 	[grantedTableView reloadData];
 	[self _initializeAvailablePrivs];	
 	[treeController fetch:nil];
+
+	// After the reset, ensure all original password and user values are up-to-date.
+	NSEntityDescription *entityDescription = [NSEntityDescription entityForName:@"SPUser"
+														 inManagedObjectContext:self.managedObjectContext];
+	NSFetchRequest *request = [[[NSFetchRequest alloc] init] autorelease];
+	[request setEntity:entityDescription];
+	NSArray *userArray = [self.managedObjectContext executeFetchRequest:request error:nil];
+	for (NSManagedObject *user in userArray) {
+		if (![user parent]) {
+			[user setValue:[user valueForKey:@"user"] forKey:@"originaluser"];
+			[user setValue:[user valueForKey:@"password"] forKey:@"originalpassword"];
+		}
+	}
 }
 
 - (void)_setSchemaPrivValues:(NSArray *)objects enabled:(BOOL)enabled
@@ -866,6 +888,7 @@
 - (void)contextDidSave:(NSNotification *)notification
 {	
 	NSManagedObjectContext *notificationContext = (NSManagedObjectContext *)[notification object];
+
 	// If there are multiple user manager windows open, it's possible to get this
 	// notification from foreign windows.  Ignore those notifications.
 	if (notificationContext != self.managedObjectContext) return;
@@ -907,22 +930,39 @@
 		if ([[[user entity] name] isEqualToString:@"Privileges"])
 		{
 			[self grantDbPrivilegesWithPrivilege:user];
+
+
+		// If the parent user has changed, either the username or password have been edited.
 		}
-		else if (![user host])
+		else if (![user parent])
 		{
-			// Just the user password was changed.
-			// Change password to be the same on all hosts.
 			NSArray *hosts = [user valueForKey:@"children"];
-			
-			for(NSManagedObject *child in hosts)
-			{
-				NSString *changePasswordStatement = [NSString stringWithFormat:
-													 @"SET PASSWORD FOR %@@%@ = PASSWORD('%@')",
-													 [[user valueForKey:@"user"] tickQuotedString],
-													 [[child host] tickQuotedString],
-													 [user valueForKey:@"password"]];
-				[self.mySqlConnection queryString:changePasswordStatement];	
-				[self checkAndDisplayMySqlError];
+
+			// If the user has been changed, update the username on all hosts.  Don't check for errors, as some
+			// hosts may be new.
+			if (![[user valueForKey:@"user"] isEqualToString:[user valueForKey:@"originaluser"]]) {
+				for (NSManagedObject *child in hosts) {
+					NSString *renameUserStatement = [NSString stringWithFormat:
+														@"RENAME USER %@@%@ TO %@@%@",
+														 [[user valueForKey:@"originaluser"] tickQuotedString],
+														 [[child host] tickQuotedString],
+														 [[user valueForKey:@"user"] tickQuotedString],
+														 [[child host] tickQuotedString]];
+					[self.mySqlConnection queryString:renameUserStatement];	
+				}
+			}
+
+			// If the password has been changed, use the same password on all hosts
+			if (![[user valueForKey:@"password"] isEqualToString:[user valueForKey:@"originalpassword"]]) {
+				for (NSManagedObject *child in hosts) {
+					NSString *changePasswordStatement = [NSString stringWithFormat:
+														 @"SET PASSWORD FOR %@@%@ = PASSWORD(%@)",
+														 [[user valueForKey:@"user"] tickQuotedString],
+														 [[child host] tickQuotedString],
+														 [[user valueForKey:@"password"] tickQuotedString]];
+					[self.mySqlConnection queryString:changePasswordStatement];	
+					[self checkAndDisplayMySqlError];
+				}
 			}
 		} else {
 			[self grantPrivilegesToUser:user];			
@@ -935,18 +975,18 @@
 - (BOOL)deleteUsers:(NSArray *)deletedUsers
 {
 	NSMutableString *droppedUsers = [NSMutableString string];
-	
+
 	for (NSManagedObject *user in deletedUsers)
 	{
         if (![[[user entity] name] isEqualToString:@"Privileges"] && [user valueForKey:@"host"] != nil)
 		{
 			[droppedUsers appendString:[NSString stringWithFormat:@"%@@%@, ", 
-										[[user valueForKey:@"user"] backtickQuotedString], 
-										[[user valueForKey:@"host"] backtickQuotedString]]];
+										[[user valueForKey:@"user"] tickQuotedString], 
+										[[user valueForKey:@"host"] tickQuotedString]]];
 		}
 		
 	}
-	
+
 	droppedUsers = [[droppedUsers substringToIndex:[droppedUsers length]-2] mutableCopy];
 	[self.mySqlConnection queryString:[NSString stringWithFormat:@"DROP USER %@", droppedUsers]];
 	[droppedUsers release];