Unlocking Locked Users Due to Excessive BK Password Retries

• Scope: BK users who have entered their login password too many times and have been locked out, need to be unlocked.

#!/usr/bin/env bash

set -e

MYSQL_COMMAND=${MYSQL_COMMAND:-/usr/bin/mysql --login-path=mysql-default}

usage_and_exit () {
  cat <<EOF
用法: 
    $PROGRAM [--find-user|--unlock-id]
EOF
  exit 1
}

find_user_id () {
  local user_name=$1
  $MYSQL_COMMAND \
    -NBe "select id from bk_user.profiles_profile where username = "\'"${user_name}"\'";"
}

find_audit_log_id () {
  local user_id=$1
  $MYSQL_COMMAND \
    -NBe "select id from bk_user.audit_login where profile_id=$user_id order by id desc limit 1;"
}

unlock_user () {
  local user_id=$1
  local audit_log_id=$2
  $MYSQL_COMMAND \
    -NBe "update bk_user.audit_login set is_success = 1 where profile_id=$user_id and id=$audit_log_id;"
}

# 解析命令行参数，长短混合模式
(( $# == 0 )) && usage_and_exit 1
while (( $# > 0 )); do 
    case "$1" in
        --find-user )
            shift
            USER_NAME=$1
            ;;
        --unlock-id )
            shift
            USER_ID=$1
            ;;
        -*)
            error "不可识别的参数: $1"
            ;;
        *) 
            break
            ;;
    esac
    shift 
done 

if [ "$USER_NAME" != '' ]; then
  USER_ID=$(find_user_id "$USER_NAME")
fi

if [ "USER_ID" == '' ]; then
  usage_and_exit
fi

unlock_user "${USER_ID}" "$(find_audit_log_id $USER_ID)"