postgresql.php 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141
  1. <?php
  2. namespace OC\Setup;
  3. class PostgreSQL extends AbstractDatabase {
  4. public $dbprettyname = 'PostgreSQL';
  5. public function setupDatabase($username) {
  6. $e_host = addslashes($this->dbhost);
  7. $e_user = addslashes($this->dbuser);
  8. $e_password = addslashes($this->dbpassword);
  9. //check if the database user has admin rights
  10. $connection_string = "host='$e_host' dbname=postgres user='$e_user' password='$e_password'";
  11. $connection = @pg_connect($connection_string);
  12. if(!$connection) {
  13. // Try if we can connect to the DB with the specified name
  14. $e_dbname = addslashes($this->dbname);
  15. $connection_string = "host='$e_host' dbname='$e_dbname' user='$e_user' password='$e_password'";
  16. $connection = @pg_connect($connection_string);
  17. if(!$connection)
  18. throw new \DatabaseSetupException($this->trans->t('PostgreSQL username and/or password not valid'),
  19. $this->trans->t('You need to enter either an existing account or the administrator.'));
  20. }
  21. $e_user = pg_escape_string($this->dbuser);
  22. //check for roles creation rights in postgresql
  23. $query="SELECT 1 FROM pg_roles WHERE rolcreaterole=TRUE AND rolname='$e_user'";
  24. $result = pg_query($connection, $query);
  25. if($result and pg_num_rows($result) > 0) {
  26. //use the admin login data for the new database user
  27. //add prefix to the postgresql user name to prevent collisions
  28. $this->dbuser='oc_'.$username;
  29. //create a new password so we don't need to store the admin config in the config file
  30. $this->dbpassword=\OC_Util::generate_random_bytes(30);
  31. $this->createDBUser($connection);
  32. \OC_Config::setValue('dbuser', $this->dbuser);
  33. \OC_Config::setValue('dbpassword', $this->dbpassword);
  34. //create the database
  35. $this->createDatabase($connection);
  36. }
  37. else {
  38. \OC_Config::setValue('dbuser', $this->dbuser);
  39. \OC_Config::setValue('dbpassword', $this->dbpassword);
  40. //create the database
  41. $this->createDatabase($connection);
  42. }
  43. // the connection to dbname=postgres is not needed anymore
  44. pg_close($connection);
  45. // connect to the ownCloud database (dbname=$this->dbname) and check if it needs to be filled
  46. $this->dbuser = \OC_Config::getValue('dbuser');
  47. $this->dbpassword = \OC_Config::getValue('dbpassword');
  48. $e_host = addslashes($this->dbhost);
  49. $e_dbname = addslashes($this->dbname);
  50. $e_user = addslashes($this->dbuser);
  51. $e_password = addslashes($this->dbpassword);
  52. $connection_string = "host='$e_host' dbname='$e_dbname' user='$e_user' password='$e_password'";
  53. $connection = @pg_connect($connection_string);
  54. if(!$connection) {
  55. throw new \DatabaseSetupException($this->trans->t('PostgreSQL username and/or password not valid'),
  56. $this->trans->t('You need to enter either an existing account or the administrator.'));
  57. }
  58. $query = "select count(*) FROM pg_class WHERE relname='".$this->tableprefix."users' limit 1";
  59. $result = pg_query($connection, $query);
  60. if($result) {
  61. $row = pg_fetch_row($result);
  62. }
  63. if(!$result or $row[0]==0) {
  64. \OC_DB::createDbFromStructure($this->dbDefinitionFile);
  65. }
  66. }
  67. private function createDatabase($connection) {
  68. //we cant use OC_BD functions here because we need to connect as the administrative user.
  69. $e_name = pg_escape_string($this->dbname);
  70. $e_user = pg_escape_string($this->dbuser);
  71. $query = "select datname from pg_database where datname = '$e_name'";
  72. $result = pg_query($connection, $query);
  73. if(!$result) {
  74. $entry = $this->trans->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  75. $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
  76. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  77. }
  78. if(! pg_fetch_row($result)) {
  79. //The database does not exists... let's create it
  80. $query = "CREATE DATABASE \"$e_name\" OWNER \"$e_user\"";
  81. $result = pg_query($connection, $query);
  82. if(!$result) {
  83. $entry = $this->trans->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  84. $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
  85. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  86. }
  87. else {
  88. $query = "REVOKE ALL PRIVILEGES ON DATABASE \"$e_name\" FROM PUBLIC";
  89. pg_query($connection, $query);
  90. }
  91. }
  92. }
  93. private function createDBUser($connection) {
  94. $e_name = pg_escape_string($this->dbuser);
  95. $e_password = pg_escape_string($this->dbpassword);
  96. $query = "select * from pg_roles where rolname='$e_name';";
  97. $result = pg_query($connection, $query);
  98. if(!$result) {
  99. $entry = $this->trans->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  100. $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
  101. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  102. }
  103. if(! pg_fetch_row($result)) {
  104. //user does not exists let's create it :)
  105. $query = "CREATE USER \"$e_name\" CREATEDB PASSWORD '$e_password';";
  106. $result = pg_query($connection, $query);
  107. if(!$result) {
  108. $entry = $this->trans->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  109. $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
  110. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  111. }
  112. }
  113. else { // change password of the existing role
  114. $query = "ALTER ROLE \"$e_name\" WITH PASSWORD '$e_password';";
  115. $result = pg_query($connection, $query);
  116. if(!$result) {
  117. $entry = $this->trans->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  118. $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
  119. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  120. }
  121. }
  122. }
  123. }