aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.drone.yml42
-rw-r--r--lib/private/Setup/PostgreSQL.php11
2 files changed, 50 insertions, 3 deletions
diff --git a/.drone.yml b/.drone.yml
index 79cd295210e..a782e84b169 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -455,7 +455,7 @@ services:
image: ghcr.io/nextcloud/continuous-integration-postgres-10:postgres-10
environment:
POSTGRES_USER: oc_autotest
- POSTGRES_DB: oc_autotest_dummy
+ POSTGRES_DB: oc_autotest
POSTGRES_PASSWORD: owncloud
tmpfs:
- /var/lib/postgresql/data
@@ -491,7 +491,7 @@ services:
image: ghcr.io/nextcloud/continuous-integration-postgres-11:postgres-11
environment:
POSTGRES_USER: oc_autotest
- POSTGRES_DB: oc_autotest_dummy
+ POSTGRES_DB: oc_autotest
POSTGRES_PASSWORD: owncloud
tmpfs:
- /var/lib/postgresql/data
@@ -527,7 +527,43 @@ services:
image: ghcr.io/nextcloud/continuous-integration-postgres-13:postgres-13
environment:
POSTGRES_USER: oc_autotest
- POSTGRES_DB: oc_autotest_dummy
+ POSTGRES_DB: oc_autotest
+ POSTGRES_PASSWORD: owncloud
+ tmpfs:
+ - /var/lib/postgresql/data
+
+trigger:
+ branch:
+ - master
+ - stable*
+ event:
+ - pull_request
+ - push
+
+---
+kind: pipeline
+name: postgres15-php8.0
+
+steps:
+- name: submodules
+ image: ghcr.io/nextcloud/continuous-integration-alpine-git:latest
+ commands:
+ - git submodule update --init
+- name: postgres-php8.0
+ image: ghcr.io/nextcloud/continuous-integration-php8.0:latest
+ commands:
+ - bash tests/drone-run-php-tests.sh || exit 0
+ - sleep 10 # gives the database enough time to initialize
+ - POSTGRES=15 NOCOVERAGE=true TEST_SELECTION=DB ./autotest.sh pgsql
+
+services:
+- name: cache
+ image: ghcr.io/nextcloud/continuous-integration-redis:latest
+- name: postgres-15
+ image: ghcr.io/nextcloud/continuous-integration-postgres-15:latest
+ environment:
+ POSTGRES_USER: oc_autotest
+ POSTGRES_DB: oc_autotest
POSTGRES_PASSWORD: owncloud
tmpfs:
- /var/lib/postgresql/data
diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php
index bc24909dc3d..af816c7ad04 100644
--- a/lib/private/Setup/PostgreSQL.php
+++ b/lib/private/Setup/PostgreSQL.php
@@ -62,6 +62,7 @@ class PostgreSQL extends AbstractDatabase {
}
if ($canCreateRoles) {
+ $connectionMainDatabase = $this->connect();
//use the admin login data for the new database user
//add prefix to the postgresql user name to prevent collisions
@@ -70,6 +71,16 @@ class PostgreSQL extends AbstractDatabase {
$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
$this->createDBUser($connection);
+
+ // Go to the main database and grant create on the public schema
+ // The code below is implemented to make installing possible with PostgreSQL version 15:
+ // https://www.postgresql.org/docs/release/15.0/
+ // From the release notes: For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases
+ // Therefore we assume that the database is only used by one user/service which is Nextcloud
+ // Additional services should get installed in a separate database in order to stay secure
+ // Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS
+ $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO ' . addslashes($this->dbUser));
+ $connectionMainDatabase->close();
}
$this->config->setValues([