55ce478281
Postgres connection handling gave the caller a way to specify what sort
of domain it needed, whereas the base class was implicitly relying on
the sequence of installer steps to ensure that the current connection
was correctly configured. The PG way of doing this is better for planned
work in this area. Exposing PG-style connection management in the base
class reduces the number of differences between PG and everything else.
Instead of PG's method of having up to three connections open, I am just
holding a single connection open, with state transitions properly
implemented.
Also:
* Deprecate direct access to $this->db.
* Factor out definitelyGetConnection(), a throwing variant of
getConnection().
* Deprecate caling getConnection() with no parameter.
* Remove setupSchemaVars(), since this was a sequence-dependent pattern.
Instead configure schema vars on transition to the create-schema
connection type.
* Use SelectQueryBuilder in databaseExists().
* Remove the pg-commit install step. This commit dates back to
bca55fa58f (March 2007), where in the old installer a commit was
done after all installation. It was moved here in 2010, but now we
have a commit in createTables() serving the same purpose. If we need a
transaction around interwiki insertion, we could do that in the base
class, but that's not what the original code was trying to do.
Change-Id: I073fb57c1b578361ac2a46ecd0cd1312c31747d4
510 lines
15 KiB
PHP
510 lines
15 KiB
PHP
<?php
|
|
/**
|
|
* PostgreSQL-specific installer.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
*
|
|
* @file
|
|
* @ingroup Installer
|
|
*/
|
|
|
|
namespace MediaWiki\Installer;
|
|
|
|
use InvalidArgumentException;
|
|
use MediaWiki\MediaWikiServices;
|
|
use MediaWiki\Status\Status;
|
|
use Wikimedia\Rdbms\Database;
|
|
use Wikimedia\Rdbms\DatabaseFactory;
|
|
use Wikimedia\Rdbms\DatabasePostgres;
|
|
use Wikimedia\Rdbms\DBConnectionError;
|
|
use Wikimedia\Rdbms\DBQueryError;
|
|
|
|
/**
|
|
* Class for setting up the MediaWiki database using Postgres.
|
|
*
|
|
* @ingroup Installer
|
|
* @since 1.17
|
|
*/
|
|
class PostgresInstaller extends DatabaseInstaller {
|
|
|
|
/** @inheritDoc */
|
|
protected $globalNames = [
|
|
'wgDBserver',
|
|
'wgDBport',
|
|
'wgDBname',
|
|
'wgDBuser',
|
|
'wgDBpassword',
|
|
'wgDBssl',
|
|
'wgDBmwschema',
|
|
];
|
|
|
|
/** @inheritDoc */
|
|
protected $internalDefaults = [
|
|
'_InstallUser' => 'postgres',
|
|
];
|
|
|
|
/** @inheritDoc */
|
|
public static $minimumVersion = '10';
|
|
/** @inheritDoc */
|
|
protected static $notMinimumVersionMessage = 'config-postgres-old';
|
|
/** @var int */
|
|
public $maxRoleSearchDepth = 5;
|
|
|
|
public function getName() {
|
|
return 'postgres';
|
|
}
|
|
|
|
public function isCompiled() {
|
|
return self::checkExtension( 'pgsql' );
|
|
}
|
|
|
|
public function getConnectForm( WebInstaller $webInstaller ): DatabaseConnectForm {
|
|
return new PostgresConnectForm( $webInstaller, $this );
|
|
}
|
|
|
|
public function getSettingsForm( WebInstaller $webInstaller ): DatabaseSettingsForm {
|
|
return new PostgresSettingsForm( $webInstaller, $this );
|
|
}
|
|
|
|
/**
|
|
* Open a PG connection with given parameters
|
|
* @param string $user User name
|
|
* @param string $password
|
|
* @param string $dbName Database name
|
|
* @param string $schema Database schema
|
|
* @return ConnectionStatus
|
|
*/
|
|
protected function openConnectionWithParams( $user, $password, $dbName, $schema ) {
|
|
$status = new ConnectionStatus;
|
|
try {
|
|
$db = MediaWikiServices::getInstance()->getDatabaseFactory()->create( 'postgres', [
|
|
'host' => $this->getVar( 'wgDBserver' ),
|
|
'port' => $this->getVar( 'wgDBport' ),
|
|
'user' => $user,
|
|
'password' => $password,
|
|
'ssl' => $this->getVar( 'wgDBssl' ),
|
|
'dbname' => $dbName,
|
|
'schema' => $schema,
|
|
] );
|
|
$status->setDB( $db );
|
|
} catch ( DBConnectionError $e ) {
|
|
$status->fatal( 'config-connection-error', $e->getMessage() );
|
|
}
|
|
|
|
return $status;
|
|
}
|
|
|
|
/**
|
|
* Get a connection of a specific PostgreSQL-specific type. Connections
|
|
* of a given type are cached.
|
|
*
|
|
* PostgreSQL lacks cross-database operations, so after the new database is
|
|
* created, you need to make a separate connection to connect to that
|
|
* database and add tables to it.
|
|
*
|
|
* New tables are owned by the user that creates them, and MediaWiki's
|
|
* PostgreSQL support has always assumed that the table owner will be
|
|
* $wgDBuser. So before we create new tables, we either need to either
|
|
* connect as the other user or to execute a SET ROLE command. Using a
|
|
* separate connection for this allows us to avoid accidental cross-module
|
|
* dependencies.
|
|
*
|
|
* @param string $type The type of connection to get:
|
|
* - self::CONN_CREATE_DATABASE: A connection for creating DBs, suitable for pre-
|
|
* installation.
|
|
* - self::CONN_CREATE_SCHEMA: A connection to the new DB, for creating schemas and
|
|
* other similar objects in the new DB.
|
|
* - self::CONN_CREATE_TABLES: A connection with a role suitable for creating tables.
|
|
* @return ConnectionStatus On success, a connection object will be in the value member.
|
|
*/
|
|
protected function openConnection( string $type ) {
|
|
switch ( $type ) {
|
|
case self::CONN_CREATE_DATABASE:
|
|
return $this->openConnectionToAnyDB(
|
|
$this->getVar( '_InstallUser' ),
|
|
$this->getVar( '_InstallPassword' ) );
|
|
case self::CONN_CREATE_SCHEMA:
|
|
return $this->openConnectionWithParams(
|
|
$this->getVar( '_InstallUser' ),
|
|
$this->getVar( '_InstallPassword' ),
|
|
$this->getVar( 'wgDBname' ),
|
|
$this->getVar( 'wgDBmwschema' ) );
|
|
case self::CONN_CREATE_TABLES:
|
|
$status = $this->openConnection( self::CONN_CREATE_SCHEMA );
|
|
if ( $status->isOK() ) {
|
|
$conn = $status->getDB();
|
|
$safeRole = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
|
|
$conn->query( "SET ROLE $safeRole", __METHOD__ );
|
|
}
|
|
|
|
return $status;
|
|
default:
|
|
throw new InvalidArgumentException( "Invalid connection type: \"$type\"" );
|
|
}
|
|
}
|
|
|
|
protected function changeConnTypeFromSchemaToTables( Database $conn ) {
|
|
$safeRole = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
|
|
$conn->query( "SET ROLE $safeRole", __METHOD__ );
|
|
return new ConnectionStatus( $conn );
|
|
}
|
|
|
|
public function openConnectionToAnyDB( $user, $password ) {
|
|
$dbs = [
|
|
'template1',
|
|
'postgres',
|
|
];
|
|
if ( !in_array( $this->getVar( 'wgDBname' ), $dbs ) ) {
|
|
array_unshift( $dbs, $this->getVar( 'wgDBname' ) );
|
|
}
|
|
$conn = false;
|
|
$status = new ConnectionStatus;
|
|
foreach ( $dbs as $db ) {
|
|
try {
|
|
$p = [
|
|
'host' => $this->getVar( 'wgDBserver' ),
|
|
'port' => $this->getVar( 'wgDBport' ),
|
|
'user' => $user,
|
|
'password' => $password,
|
|
'ssl' => $this->getVar( 'wgDBssl' ),
|
|
'dbname' => $db
|
|
];
|
|
$conn = ( new DatabaseFactory() )->create( 'postgres', $p );
|
|
} catch ( DBConnectionError $error ) {
|
|
$conn = false;
|
|
$status->fatal( 'config-pg-test-error', $db,
|
|
$error->getMessage() );
|
|
}
|
|
if ( $conn !== false ) {
|
|
break;
|
|
}
|
|
}
|
|
if ( $conn !== false ) {
|
|
return new ConnectionStatus( $conn );
|
|
} else {
|
|
return $status;
|
|
}
|
|
}
|
|
|
|
protected function getInstallUserPermissions() {
|
|
$status = $this->getConnection( self::CONN_CREATE_DATABASE );
|
|
if ( !$status->isOK() ) {
|
|
return false;
|
|
}
|
|
$conn = $status->getDB();
|
|
$superuser = $this->getVar( '_InstallUser' );
|
|
|
|
$row = $conn->selectRow( '"pg_catalog"."pg_roles"', '*',
|
|
[ 'rolname' => $superuser ], __METHOD__ );
|
|
|
|
return $row;
|
|
}
|
|
|
|
public function canCreateAccounts() {
|
|
$perms = $this->getInstallUserPermissions();
|
|
return ( $perms && $perms->rolsuper ) || $perms->rolcreaterole;
|
|
}
|
|
|
|
protected function isSuperUser() {
|
|
$perms = $this->getInstallUserPermissions();
|
|
return $perms && $perms->rolsuper;
|
|
}
|
|
|
|
/**
|
|
* Returns true if the install user is able to create objects owned
|
|
* by the web user, false otherwise.
|
|
* @return bool
|
|
*/
|
|
public function canCreateObjectsForWebUser() {
|
|
if ( $this->isSuperUser() ) {
|
|
return true;
|
|
}
|
|
|
|
$status = $this->getConnection( self::CONN_CREATE_DATABASE );
|
|
if ( !$status->isOK() ) {
|
|
return false;
|
|
}
|
|
$conn = $status->getDB();
|
|
$installerId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
|
|
[ 'rolname' => $this->getVar( '_InstallUser' ) ], __METHOD__ );
|
|
$webId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
|
|
[ 'rolname' => $this->getVar( 'wgDBuser' ) ], __METHOD__ );
|
|
|
|
return $this->isRoleMember( $conn, $installerId, $webId, $this->maxRoleSearchDepth );
|
|
}
|
|
|
|
/**
|
|
* Recursive helper for canCreateObjectsForWebUser().
|
|
* @param Database $conn
|
|
* @param int $targetMember Role ID of the member to look for
|
|
* @param int $group Role ID of the group to look for
|
|
* @param int $maxDepth Maximum recursive search depth
|
|
* @return bool
|
|
*/
|
|
protected function isRoleMember( $conn, $targetMember, $group, $maxDepth ) {
|
|
if ( $targetMember === $group ) {
|
|
// A role is always a member of itself
|
|
return true;
|
|
}
|
|
// Get all members of the given group
|
|
$res = $conn->select( '"pg_catalog"."pg_auth_members"', [ 'member' ],
|
|
[ 'roleid' => $group ], __METHOD__ );
|
|
foreach ( $res as $row ) {
|
|
if ( $row->member == $targetMember ) {
|
|
// Found target member
|
|
return true;
|
|
}
|
|
// Recursively search each member of the group to see if the target
|
|
// is a member of it, up to the given maximum depth.
|
|
if ( $maxDepth > 0 &&
|
|
$this->isRoleMember( $conn, $targetMember, $row->member, $maxDepth - 1 )
|
|
) {
|
|
// Found member of member
|
|
return true;
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
public function preInstall() {
|
|
$createDbAccount = [
|
|
'name' => 'user',
|
|
'callback' => [ $this, 'setupUser' ],
|
|
];
|
|
$plpgCB = [
|
|
'name' => 'pg-plpgsql',
|
|
'callback' => [ $this, 'setupPLpgSQL' ],
|
|
];
|
|
$schemaCB = [
|
|
'name' => 'schema',
|
|
'callback' => [ $this, 'setupSchema' ]
|
|
];
|
|
|
|
if ( $this->getVar( '_CreateDBAccount' ) ) {
|
|
$this->parent->addInstallStep( $createDbAccount, 'database' );
|
|
}
|
|
$this->parent->addInstallStep( $plpgCB, 'database' );
|
|
$this->parent->addInstallStep( $schemaCB, 'database' );
|
|
}
|
|
|
|
public function setupDatabase() {
|
|
$status = $this->getConnection( self::CONN_CREATE_DATABASE );
|
|
if ( !$status->isOK() ) {
|
|
return $status;
|
|
}
|
|
|
|
$conn = $status->getDB();
|
|
$dbName = $this->getVar( 'wgDBname' );
|
|
|
|
$exists = (bool)$conn->selectField( '"pg_catalog"."pg_database"', '1',
|
|
[ 'datname' => $dbName ], __METHOD__ );
|
|
if ( !$exists ) {
|
|
$safedb = $conn->addIdentifierQuotes( $dbName );
|
|
$conn->query( "CREATE DATABASE $safedb", __METHOD__ );
|
|
}
|
|
|
|
return Status::newGood();
|
|
}
|
|
|
|
public function setupSchema() {
|
|
// Get a connection to the target database
|
|
$status = $this->getConnection( self::CONN_CREATE_SCHEMA );
|
|
if ( !$status->isOK() ) {
|
|
return $status;
|
|
}
|
|
$conn = $status->getDB();
|
|
'@phan-var DatabasePostgres $conn'; /** @var DatabasePostgres $conn */
|
|
|
|
// Create the schema if necessary
|
|
$schema = $this->getVar( 'wgDBmwschema' );
|
|
$safeschema = $conn->addIdentifierQuotes( $schema );
|
|
$safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
|
|
if ( !$conn->schemaExists( $schema ) ) {
|
|
try {
|
|
$conn->query( "CREATE SCHEMA $safeschema AUTHORIZATION $safeuser", __METHOD__ );
|
|
} catch ( DBQueryError $e ) {
|
|
return Status::newFatal( 'config-install-pg-schema-failed',
|
|
$this->getVar( '_InstallUser' ), $schema );
|
|
}
|
|
}
|
|
|
|
// Select the new schema in the current connection
|
|
$conn->determineCoreSchema( $schema );
|
|
|
|
return Status::newGood();
|
|
}
|
|
|
|
public function setupUser() {
|
|
if ( !$this->getVar( '_CreateDBAccount' ) ) {
|
|
return Status::newGood();
|
|
}
|
|
|
|
$status = $this->getConnection( self::CONN_CREATE_DATABASE );
|
|
if ( !$status->isOK() ) {
|
|
return $status;
|
|
}
|
|
$conn = $status->getDB();
|
|
'@phan-var DatabasePostgres $conn'; /** @var DatabasePostgres $conn */
|
|
|
|
$safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
|
|
$safepass = $conn->addQuotes( $this->getVar( 'wgDBpassword' ) );
|
|
|
|
// Check if the user already exists
|
|
$userExists = $conn->roleExists( $this->getVar( 'wgDBuser' ) );
|
|
if ( !$userExists ) {
|
|
// Create the user
|
|
try {
|
|
$sql = "CREATE ROLE $safeuser NOCREATEDB LOGIN PASSWORD $safepass";
|
|
|
|
// If the install user is not a superuser, we need to make the install
|
|
// user a member of the new user's group, so that the install user will
|
|
// be able to create a schema and other objects on behalf of the new user.
|
|
if ( !$this->isSuperUser() ) {
|
|
$sql .= ' ROLE' . $conn->addIdentifierQuotes( $this->getVar( '_InstallUser' ) );
|
|
}
|
|
|
|
$conn->query( $sql, __METHOD__ );
|
|
} catch ( DBQueryError $e ) {
|
|
return Status::newFatal( 'config-install-user-create-failed',
|
|
$this->getVar( 'wgDBuser' ), $e->getMessage() );
|
|
}
|
|
}
|
|
|
|
return Status::newGood();
|
|
}
|
|
|
|
public function getLocalSettings() {
|
|
$port = $this->getVar( 'wgDBport' );
|
|
$useSsl = $this->getVar( 'wgDBssl' ) ? 'true' : 'false';
|
|
$schema = $this->getVar( 'wgDBmwschema' );
|
|
|
|
return "# Postgres specific settings
|
|
\$wgDBport = \"{$port}\";
|
|
\$wgDBssl = {$useSsl};
|
|
\$wgDBmwschema = \"{$schema}\";";
|
|
}
|
|
|
|
public function preUpgrade() {
|
|
global $wgDBuser, $wgDBpassword;
|
|
|
|
# Normal user and password are selected after this step, so for now
|
|
# just copy these two
|
|
$wgDBuser = $this->getVar( '_InstallUser' );
|
|
$wgDBpassword = $this->getVar( '_InstallPassword' );
|
|
}
|
|
|
|
public function createTables() {
|
|
$schema = $this->getVar( 'wgDBmwschema' );
|
|
|
|
$status = $this->getConnection( self::CONN_CREATE_TABLES );
|
|
if ( !$status->isOK() ) {
|
|
return $status;
|
|
}
|
|
$conn = $status->getDB();
|
|
'@phan-var DatabasePostgres $conn'; /** @var DatabasePostgres $conn */
|
|
|
|
if ( $conn->tableExists( 'archive', __METHOD__ ) ) {
|
|
$status->warning( 'config-install-tables-exist' );
|
|
$this->enableLB();
|
|
|
|
return $status;
|
|
}
|
|
|
|
$conn->begin( __METHOD__ );
|
|
|
|
if ( !$conn->schemaExists( $schema ) ) {
|
|
$status->fatal( 'config-install-pg-schema-not-exist' );
|
|
|
|
return $status;
|
|
}
|
|
|
|
$error = $conn->sourceFile( $this->getGeneratedSchemaPath( $conn ) );
|
|
if ( $error !== true ) {
|
|
$conn->reportQueryError( $error, 0, '', __METHOD__ );
|
|
$conn->rollback( __METHOD__ );
|
|
$status->fatal( 'config-install-tables-failed', $error );
|
|
} else {
|
|
$error = $conn->sourceFile( $this->getSchemaPath( $conn ) );
|
|
if ( $error !== true ) {
|
|
$conn->reportQueryError( $error, 0, '', __METHOD__ );
|
|
$conn->rollback( __METHOD__ );
|
|
$status->fatal( 'config-install-tables-manual-failed', $error );
|
|
} else {
|
|
$conn->commit( __METHOD__ );
|
|
}
|
|
}
|
|
// Resume normal operations
|
|
if ( $status->isOK() ) {
|
|
$this->enableLB();
|
|
}
|
|
|
|
return $status;
|
|
}
|
|
|
|
public function createManualTables() {
|
|
// Already handled above. Do nothing.
|
|
return Status::newGood();
|
|
}
|
|
|
|
public function getGlobalDefaults() {
|
|
// The default $wgDBmwschema is null, which breaks Postgres and other DBMSes that require
|
|
// the use of a schema, so we need to set it here
|
|
return array_merge( parent::getGlobalDefaults(), [
|
|
'wgDBmwschema' => 'mediawiki',
|
|
] );
|
|
}
|
|
|
|
public function setupPLpgSQL() {
|
|
// Connect as the install user, since it owns the database and so is
|
|
// the user that needs to run "CREATE LANGUAGE"
|
|
$status = $this->getConnection( self::CONN_CREATE_SCHEMA );
|
|
if ( !$status->isOK() ) {
|
|
return $status;
|
|
}
|
|
$conn = $status->getDB();
|
|
|
|
$exists = (bool)$conn->selectField( '"pg_catalog"."pg_language"', '1',
|
|
[ 'lanname' => 'plpgsql' ], __METHOD__ );
|
|
if ( $exists ) {
|
|
// Already exists, nothing to do
|
|
return Status::newGood();
|
|
}
|
|
|
|
// plpgsql is not installed, but if we have a pg_pltemplate table, we
|
|
// should be able to create it
|
|
$exists = (bool)$conn->selectField(
|
|
[ '"pg_catalog"."pg_class"', '"pg_catalog"."pg_namespace"' ],
|
|
'1',
|
|
[
|
|
'pg_namespace.oid=relnamespace',
|
|
'nspname' => 'pg_catalog',
|
|
'relname' => 'pg_pltemplate',
|
|
],
|
|
__METHOD__ );
|
|
if ( $exists ) {
|
|
try {
|
|
$conn->query( 'CREATE LANGUAGE plpgsql', __METHOD__ );
|
|
} catch ( DBQueryError $e ) {
|
|
return Status::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
|
|
}
|
|
} else {
|
|
return Status::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
|
|
}
|
|
|
|
return Status::newGood();
|
|
}
|
|
}
|