diff options
| author | Hailong Wang <whlsxl@gmail.com> | 2023-06-13 00:29:52 +0800 |
|---|---|---|
| committer | skjnldsv <skjnldsv@protonmail.com> | 2024-08-16 10:59:15 +0200 |
| commit | 67c52d202c3e8b8ccd00684d0c76e7ac5eab4e96 (patch) | |
| tree | f26667b8a14a52a622b5b1a37e4ecc4d69f57c9d /lib | |
| parent | f490a4e8c0f9c52460ddf93408625f49860878c0 (diff) | |
| download | nextcloud-server-67c52d202c3e8b8ccd00684d0c76e7ac5eab4e96.tar.gz nextcloud-server-67c52d202c3e8b8ccd00684d0c76e7ac5eab4e96.zip | |
fix: use `$this->tryCreateDbUser` condition
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/Setup/PostgreSQL.php | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php index ea5ebf66cec..7d204bb6d16 100644 --- a/lib/private/Setup/PostgreSQL.php +++ b/lib/private/Setup/PostgreSQL.php @@ -40,8 +40,7 @@ class PostgreSQL extends AbstractDatabase { } catch (DatabaseException $e) { $canCreateRoles = false; } - - $connectionMainDatabase; + if ($canCreateRoles) { $connectionMainDatabase = $this->connect(); //use the admin login data for the new database user @@ -65,16 +64,18 @@ class PostgreSQL extends AbstractDatabase { // the connection to dbname=postgres is not needed anymore $connection->close(); - if ($canCreateRoles) { - // Go to the main database and grant create on the public schema - // The code below is implemented to make installing possible with PostgreSQL version 15: - // https://www.postgresql.org/docs/release/15.0/ - // From the release notes: For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases - // Therefore we assume that the database is only used by one user/service which is Nextcloud - // Additional services should get installed in a separate database in order to stay secure - // Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS - $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO "' . addslashes($this->dbUser) . '"'); - $connectionMainDatabase->close(); + if ($this->tryCreateDbUser) { + if ($canCreateRoles) { + // Go to the main database and grant create on the public schema + // The code below is implemented to make installing possible with PostgreSQL version 15: + // https://www.postgresql.org/docs/release/15.0/ + // From the release notes: For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases + // Therefore we assume that the database is only used by one user/service which is Nextcloud + // Additional services should get installed in a separate database in order to stay secure + // Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS + $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO "' . addslashes($this->dbUser) . '"'); + $connectionMainDatabase->close(); + } } } catch (\Exception $e) { $this->logger->warning('Error trying to connect as "postgres", assuming database is setup and tables need to be created', [ |