summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorRobin Appelman <robin@icewind.nl>2017-09-06 15:55:05 +0200
committerRobin Appelman <robin@icewind.nl>2017-09-06 15:55:05 +0200
commit2c0efae30fee57a3acb3b585a3d75a4b65ddc26d (patch)
tree8bbc1232a3ef566df0c291a47a2ceb02fb1a729c /lib
parent4fd3240b5f0d2f8a42675fa499c06a7f35b726fe (diff)
downloadnextcloud-server-2c0efae30fee57a3acb3b585a3d75a4b65ddc26d.tar.gz
nextcloud-server-2c0efae30fee57a3acb3b585a3d75a4b65ddc26d.zip
cleanup oci setup code
Signed-off-by: Robin Appelman <robin@icewind.nl>
Diffstat (limited to 'lib')
-rw-r--r--lib/private/Setup/OCI.php195
1 files changed, 22 insertions, 173 deletions
diff --git a/lib/private/Setup/OCI.php b/lib/private/Setup/OCI.php
index 3051987917c..9fd85b7247d 100644
--- a/lib/private/Setup/OCI.php
+++ b/lib/private/Setup/OCI.php
@@ -28,6 +28,7 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
+
namespace OC\Setup;
class OCI extends AbstractDatabase {
@@ -46,201 +47,49 @@ class OCI extends AbstractDatabase {
$this->dbHost = $config['dbhost'];
$this->config->setValues([
- 'dbhost' => $this->dbHost,
- 'dbtablespace' => $this->dbtablespace,
+ 'dbhost' => $this->dbHost,
+ 'dbtablespace' => $this->dbtablespace,
]);
}
public function validate($config) {
$errors = array();
- if(empty($config['dbuser']) && empty($config['dbname'])) {
+ if (empty($config['dbuser']) && empty($config['dbname'])) {
$errors[] = $this->trans->t("%s enter the database username and name.", array($this->dbprettyname));
- } else if(empty($config['dbuser'])) {
+ } else if (empty($config['dbuser'])) {
$errors[] = $this->trans->t("%s enter the database username.", array($this->dbprettyname));
- } else if(empty($config['dbname'])) {
+ } else if (empty($config['dbname'])) {
$errors[] = $this->trans->t("%s enter the database name.", array($this->dbprettyname));
}
return $errors;
}
public function setupDatabase($username) {
- $e_host = addslashes($this->dbHost);
- // casting to int to avoid malicious input
- $e_port = (int)$this->dbPort;
- $e_dbname = addslashes($this->dbName);
- //check if the database user has admin right
- if ($e_host == '') {
- $easy_connect_string = $e_dbname; // use dbname as easy connect name
- } else {
- $easy_connect_string = '//'.$e_host.(!empty($e_port) ? ":{$e_port}" : "").'/'.$e_dbname;
- }
- $this->logger->debug('connect string: ' . $easy_connect_string, ['app' => 'setup.oci']);
- $connection = @oci_connect($this->dbUser, $this->dbPassword, $easy_connect_string);
- if(!$connection) {
+ try {
+ $this->connect();
+ } catch (\Exception $e) {
$errorMessage = $this->getLastError();
if ($errorMessage) {
throw new \OC\DatabaseSetupException($this->trans->t('Oracle connection could not be established'),
- $errorMessage.' Check environment: ORACLE_HOME='.getenv('ORACLE_HOME')
- .' ORACLE_SID='.getenv('ORACLE_SID')
- .' LD_LIBRARY_PATH='.getenv('LD_LIBRARY_PATH')
- .' NLS_LANG='.getenv('NLS_LANG')
- .' tnsnames.ora is '.(is_readable(getenv('ORACLE_HOME').'/network/admin/tnsnames.ora')?'':'not ').'readable');
+ $errorMessage . ' Check environment: ORACLE_HOME=' . getenv('ORACLE_HOME')
+ . ' ORACLE_SID=' . getenv('ORACLE_SID')
+ . ' LD_LIBRARY_PATH=' . getenv('LD_LIBRARY_PATH')
+ . ' NLS_LANG=' . getenv('NLS_LANG')
+ . ' tnsnames.ora is ' . (is_readable(getenv('ORACLE_HOME') . '/network/admin/tnsnames.ora') ? '' : 'not ') . 'readable');
}
throw new \OC\DatabaseSetupException($this->trans->t('Oracle username and/or password not valid'),
- 'Check environment: ORACLE_HOME='.getenv('ORACLE_HOME')
- .' ORACLE_SID='.getenv('ORACLE_SID')
- .' LD_LIBRARY_PATH='.getenv('LD_LIBRARY_PATH')
- .' NLS_LANG='.getenv('NLS_LANG')
- .' tnsnames.ora is '.(is_readable(getenv('ORACLE_HOME').'/network/admin/tnsnames.ora')?'':'not ').'readable');
- }
- //check for roles creation rights in oracle
-
- $query='SELECT count(*) FROM user_role_privs, role_sys_privs'
- ." WHERE user_role_privs.granted_role = role_sys_privs.role AND privilege = 'CREATE ROLE'";
- $stmt = oci_parse($connection, $query);
- if (!$stmt) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
- }
- $result = oci_execute($stmt);
- if($result) {
- $row = oci_fetch_row($stmt);
-
- if ($row[0] > 0) {
- //use the admin login data for the new database user
-
- //add prefix to the oracle user name to prevent collisions
- $this->dbUser='oc_'.$username;
- //create a new password so we don't need to store the admin config in the config file
- $this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
-
- //oracle passwords are treated as identifiers:
- // must start with alphanumeric char
- // needs to be shortened to 30 bytes, as the two " needed to escape the identifier count towards the identifier length.
- $this->dbPassword=substr($this->dbPassword, 0, 30);
-
- $this->createDBUser($connection);
- }
+ 'Check environment: ORACLE_HOME=' . getenv('ORACLE_HOME')
+ . ' ORACLE_SID=' . getenv('ORACLE_SID')
+ . ' LD_LIBRARY_PATH=' . getenv('LD_LIBRARY_PATH')
+ . ' NLS_LANG=' . getenv('NLS_LANG')
+ . ' tnsnames.ora is ' . (is_readable(getenv('ORACLE_HOME') . '/network/admin/tnsnames.ora') ? '' : 'not ') . 'readable');
}
$this->config->setValues([
- 'dbuser' => $this->dbUser,
- 'dbname' => $this->dbName,
- 'dbpassword' => $this->dbPassword,
+ 'dbuser' => $this->dbUser,
+ 'dbname' => $this->dbName,
+ 'dbpassword' => $this->dbPassword,
]);
-
- //create the database not necessary, oracle implies user = schema
- //$this->createDatabase($this->dbname, $this->dbuser, $connection);
-
- //FIXME check tablespace exists: select * from user_tablespaces
-
- // the connection to dbname=oracle is not needed anymore
- oci_close($connection);
-
- // connect to the oracle database (schema=$this->dbuser) an check if the schema needs to be filled
- $this->dbUser = $this->config->getValue('dbuser');
- //$this->dbname = \OC_Config::getValue('dbname');
- $this->dbPassword = $this->config->getValue('dbpassword');
-
- $e_host = addslashes($this->dbHost);
- $e_dbname = addslashes($this->dbName);
-
- if ($e_host == '') {
- $easy_connect_string = $e_dbname; // use dbname as easy connect name
- } else {
- $easy_connect_string = '//' . $e_host . (!empty($e_port) ? ":{$e_port}" : "") . '/' . $e_dbname;
- }
- $connection = @oci_connect($this->dbUser, $this->dbPassword, $easy_connect_string);
- if(!$connection) {
- throw new \OC\DatabaseSetupException($this->trans->t('Oracle username and/or password not valid'),
- $this->trans->t('You need to enter details of an existing account.'));
- }
- $query = "SELECT count(*) FROM user_tables WHERE table_name = :un";
- $stmt = oci_parse($connection, $query);
- $un = $this->tablePrefix.'users';
- oci_bind_by_name($stmt, ':un', $un);
- if (!$stmt) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning( $entry, ['app' => 'setup.oci']);
- }
- oci_execute($stmt);
- }
-
- /**
- * @param resource $connection
- */
- private function createDBUser($connection) {
- $name = $this->dbUser;
- $password = $this->dbPassword;
- $query = "SELECT * FROM all_users WHERE USERNAME = :un";
- $stmt = oci_parse($connection, $query);
- if (!$stmt) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
- }
- oci_bind_by_name($stmt, ':un', $name);
- $result = oci_execute($stmt);
- if(!$result) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
- }
-
- if(! oci_fetch_row($stmt)) {
- //user does not exists let's create it :)
- //password must start with alphabetic character in oracle
- $query = 'CREATE USER '.$name.' IDENTIFIED BY "'.$password.'" DEFAULT TABLESPACE '.$this->dbtablespace;
- $stmt = oci_parse($connection, $query);
- if (!$stmt) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
-
- }
- //oci_bind_by_name($stmt, ':un', $name);
- $result = oci_execute($stmt);
- if(!$result) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s", name: %s, password: %s',
- array($query, $name, $password)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
-
- }
- } else { // change password of the existing role
- $query = "ALTER USER :un IDENTIFIED BY :pw";
- $stmt = oci_parse($connection, $query);
- if (!$stmt) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
- }
- oci_bind_by_name($stmt, ':un', $name);
- oci_bind_by_name($stmt, ':pw', $password);
- $result = oci_execute($stmt);
- if(!$result) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
- }
- }
- // grant necessary roles
- $query = 'GRANT CREATE SESSION, CREATE TABLE, CREATE SEQUENCE, CREATE TRIGGER, UNLIMITED TABLESPACE TO '.$name;
- $stmt = oci_parse($connection, $query);
- if (!$stmt) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s"', array($query)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
- }
- $result = oci_execute($stmt);
- if(!$result) {
- $entry = $this->trans->t('DB Error: "%s"', array($this->getLastError($connection))) . '<br />';
- $entry .= $this->trans->t('Offending command was: "%s", name: %s, password: %s',
- array($query, $name, $password)) . '<br />';
- $this->logger->warning($entry, ['app' => 'setup.oci']);
- }
}
/**