Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
lanfr
/
LocalFoodAI_lanfr144
1
0
Fork 0
Súbory Issues 0 Wiki
Strom: 9c6abcff81
Branche Tagy
LocalFoodAI_lan...
/
setup_db.py

setup_db.py 4.2 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 
  1. import pymysql
    2. 

  2. import getpass
    3. 

  3. import os
    4. 

  4. 

  5. def run_db_setup():
    6. 

  6.     """ 
    7. 

  7.     This Python script prompts for passwords securely and executes CREATE USER / GRANT 
    8. 

  8.     statements to provision the MySQL server dynamically without config files.
    9. 

  9.     """
    10. 

  10.     print("Welcome to Local Food AI Initial Setup.")
    11. 

  11.     print("WARNING: This will configure your MySQL server. You must know the MySQL root password.\n")
    12. 

  12.     
    13. 

  13.     root_password = getpass.getpass("Enter the MySQL 'root' password: ")
    14. 

  14.     
    15. 

  15.     # Prompt for the new user passwords (so they aren't stored anywhere!)
    16. 

  16.     print("\nPlease define the passwords for the service accounts:")
    17. 

  17.     owner_pass = getpass.getpass("  1. Enter password for 'db_owner': ")
    18. 

  18.     reader_pass = getpass.getpass("  2. Enter password for 'db_reader' (Used by Web UI): ")
    19. 

  19.     loader_pass = getpass.getpass("  3. Enter password for 'db_loader' (Used by Scripts): ")
    20. 

  20.     app_auth_pass = getpass.getpass("  4. Enter password for 'db_app_auth' (Used for User Login): ")
    21. 

  21. 

  22.     print("\nConnecting as root to configure server...")
    23. 

  23.     try:
    24. 

  24.         conn = pymysql.connect(
    25. 

  25.             host='127.0.0.1',  # Local host execution context
    26. 

  26.             user='root',
    27. 

  27.             password=root_password,
    28. 

  28.             autocommit=True
    29. 

  29.         )
    30. 

  30.         cursor = conn.cursor()
    31. 

  31.     except Exception as e:
    32. 

  32.         print(f"Failed to connect: {e}")
    33. 

  33.         return
    34. 

  34. 

  35.     queries = [
    36. 

  36.         "CREATE DATABASE IF NOT EXISTS food_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;",
    37. 

  37.         
    38. 

  38.         # Owner User
    39. 

  39.         f"CREATE USER IF NOT EXISTS 'db_owner'@'%' IDENTIFIED BY '{owner_pass}';",
    40. 

  40.         "GRANT ALL PRIVILEGES ON food_db.* TO 'db_owner'@'%' WITH GRANT OPTION;",
    41. 

  41.         
    42. 

  42.         # Reader User
    43. 

  43.         f"CREATE USER IF NOT EXISTS 'db_reader'@'%' IDENTIFIED BY '{reader_pass}';",
    44. 

  44.         "GRANT USAGE ON *.* TO 'db_reader'@'%';",
    45. 

  45.         
    46. 

  46.         # Loader User
    47. 

  47.         f"CREATE USER IF NOT EXISTS 'db_loader'@'%' IDENTIFIED BY '{loader_pass}';",
    48. 

  48.         "GRANT USAGE ON *.* TO 'db_loader'@'%';",
    49. 

  49.         "GRANT FILE ON *.* TO 'db_loader'@'%';",  
    50. 

  50.         
    51. 

  51.         # App Auth User (PoLP)
    52. 

  52.         f"CREATE USER IF NOT EXISTS 'db_app_auth'@'%' IDENTIFIED BY '{app_auth_pass}';",
    53. 

  53.         "GRANT USAGE ON *.* TO 'db_app_auth'@'%';",
    54. 

  54.         
    55. 

  55.         "FLUSH PRIVILEGES;"
    56. 

  56.     ]
    57. 

  57. 

  58.     for q in queries:
    59. 

  59.         print(f"Executing: {q[:60]}...")
    60. 

  60.         cursor.execute(q)
    61. 

  61. 

  62.     # Now create the table logic safely
    63. 

  63.     print("\nCreating Tables and Granting Table-Specific Access...")
    64. 

  64.     
    65. 

  65.     # 1. Users Table
    66. 

  66.     cursor.execute("""
    67. 

  67.     CREATE TABLE IF NOT EXISTS food_db.users (
    68. 

  68.         id INT AUTO_INCREMENT PRIMARY KEY,
    69. 

  69.         username VARCHAR(100) UNIQUE NOT NULL,
    70. 

  70.         password_hash VARCHAR(255) NOT NULL,
    71. 

  71.         created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
    72. 

  72.     ) ENGINE=InnoDB;
    73. 

  73.     """)
    74. 

  74.     # 2. Products Table
    75. 

  75.     cursor.execute("""
    76. 

  76.     CREATE TABLE IF NOT EXISTS food_db.products (
    77. 

  77.         code VARCHAR(50) PRIMARY KEY, url TEXT, creator VARCHAR(255), created_t VARCHAR(50), 
    78. 

  78.         created_datetime VARCHAR(50), last_modified_t VARCHAR(50), last_modified_datetime VARCHAR(50), 
    79. 

  79.         product_name TEXT, generic_name TEXT, quantity VARCHAR(255), packaging TEXT, brands TEXT, 
    80. 

  80.         categories TEXT, origins TEXT, labels TEXT, stores TEXT, countries TEXT, ingredients_text TEXT, 
    81. 

  81.         allergens TEXT, traces TEXT, 
    82. 

  82.         FULLTEXT INDEX ft_idx_search (product_name, ingredients_text)
    83. 

  83.     ) ENGINE=InnoDB;
    84. 

  84.     """)
    85. 

  85.     
    86. 

  86.     # Table Context Grants (SoD)
    87. 

  87.     cursor.execute("GRANT SELECT, INSERT, UPDATE ON food_db.users TO 'db_app_auth'@'%';")
    88. 

  88.     cursor.execute("GRANT SELECT ON food_db.products TO 'db_reader'@'%';")
    89. 

  89.     cursor.execute("GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE ON food_db.products TO 'db_loader'@'%';")
    90. 

  90.     cursor.execute("FLUSH PRIVILEGES;")
    91. 

  91. 

  92.     print("\n✅ Database, Users, and Tables created successfully!")
    93. 

  93.     cursor.close()
    94. 

  94.     conn.close()
    95. 

  95. 

  96.     print("\n🎉 Setup Complete.")
    97. 

  97.     print("\n!!! IMPORTANT NEXT STEPS !!!")
    98. 

  98.     print("Now, use `mysql_config_editor` to store these passwords locally so the app can use them:")
    99. 

  99.     print("  mysql_config_editor set --login-path=app_reader --host=127.0.0.1 --user=db_reader --password")
    100. 

  100.     print("  mysql_config_editor set --login-path=app_auth --host=127.0.0.1 --user=db_app_auth --password")
    101. 

  101. 

  102. if __name__ == "__main__":
    103. 

  103.     run_db_setup()
    104.