Update script for grant more permission on app user

Author: quangnhut123

mysql-user-creator.sh

@@ -28,8 +28,8 @@ generate_password() {
 # Flags
 CREATED_ANY_USER=false
 
-# Function to create user if not exists
-create_user_if_not_exists() {
+# Function to create MYSQL user
+create_mysql_user() {
   local USERNAME=$1
   local PASSWORD=$2
   local GRANTS=$3
@@ -54,16 +54,31 @@ EOF
     echo "  Password:     $PASSWORD"
     echo ""
     CREATED_ANY_USER=true
+  else
+    # User exists, just update grants
+    mysql \
+      -h "$MYSQL_HOST" \
+      -u "$MYSQL_USER" \
+      -p"$MYSQL_PASSWORD" \
+      --ssl-ca="$SSL_CA" <<EOF
+$GRANTS
+FLUSH PRIVILEGES;
+EOF
+    echo "🔄 Updated grants for user: $USERNAME"
   fi
 }
 
 # Create readonly user if not exists
 READONLY_PASSWORD=$(generate_password)
-create_user_if_not_exists "$READONLY_USER" "$READONLY_PASSWORD" "GRANT SELECT ON \`$TARGET_DB\`.* TO '$READONLY_USER'@'%';"
+create_mysql_user "$READONLY_USER" "$READONLY_PASSWORD" "GRANT SELECT ON \`$TARGET_DB\`.* TO '$READONLY_USER'@'%';"
 
 # Create app user if not exists
 APP_PASSWORD=$(generate_password)
-create_user_if_not_exists "$APP_USER" "$APP_PASSWORD" "GRANT ALL PRIVILEGES ON \`$TARGET_DB\`.* TO '$APP_USER'@'%';"
+create_mysql_user "$APP_USER" "$APP_PASSWORD" "
+GRANT ALL PRIVILEGES ON \`$TARGET_DB\`.* TO '$APP_USER'@'%';
+GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO '$APP_USER'@'%';
+GRANT RELOAD, SHOW DATABASES ON *.* TO '$APP_USER'@'%';
+"
 
 if [ "$CREATED_ANY_USER" = false ]; then
   echo "ℹ️  No new users created. Both users already exist."