1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
<?php
declare(strict_types=1);
namespace OCA\User_LDAP\Migration;
use Closure;
use OCP\DB\Exception;
use OCP\DB\ISchemaWrapper;
use OCP\DB\QueryBuilder\IQueryBuilder;
use OCP\DB\Types;
use OCP\IDBConnection;
use OCP\Migration\IOutput;
use OCP\Migration\SimpleMigrationStep;
use Psr\Log\LoggerInterface;
class Version1130Date20211102154716 extends SimpleMigrationStep {
/** @var IDBConnection */
private $dbc;
/** @var LoggerInterface */
private $logger;
public function __construct(IDBConnection $dbc, LoggerInterface $logger) {
$this->dbc = $dbc;
$this->logger = $logger;
}
public function getName() {
return 'Adjust LDAP user and group ldap_dn column lengths and add ldap_dn_hash columns';
}
/**
* @param IOutput $output
* @param Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper`
* @param array $options
* @return null|ISchemaWrapper
*/
public function changeSchema(IOutput $output, Closure $schemaClosure, array $options): ?ISchemaWrapper {
/** @var ISchemaWrapper $schema */
$schema = $schemaClosure();
$changeSchema = false;
foreach (['ldap_user_mapping', 'ldap_group_mapping'] as $tableName) {
$table = $schema->getTable($tableName);
if (!$table->hasColumn('ldap_dn_hash')) {
$table->addColumn('ldap_dn_hash', Types::STRING, [
'notnull' => true,
'length' => 64,
'default' => '',
]);
$changeSchema = true;
}
$column = $table->getColumn('ldap_dn');
if ($column->getLength() < 4096) {
$column->setLength(4096);
$changeSchema = true;
}
if ($tableName === 'ldap_user_mapping') {
if ($table->hasIndex('ldap_dn_users')) {
$table->dropIndex('ldap_dn_users');
$changeSchema = true;
}
if (!$table->hasIndex('ldap_user_dn_hashes')) {
$table->addUniqueIndex(['ldap_dn_hash'], 'ldap_user_dn_hashes');
$changeSchema = true;
}
} else {
if ($table->hasIndex('owncloud_name_groups')) {
$table->dropIndex('owncloud_name_groups');
$changeSchema = true;
}
if (!$table->hasIndex('ldap_group_dn_hashes')) {
$table->addUniqueIndex(['ldap_dn_hash'], 'ldap_group_dn_hashes');
$changeSchema = true;
}
if ($table->getPrimaryKeyColumns() !== ['owncloud_name']) {
$table->dropPrimaryKey();
$table->setPrimaryKey(['owncloud_name']);
$changeSchema = true;
}
}
}
return $changeSchema ? $schema : null;
}
/**
* @param IOutput $output
* @param Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper`
* @param array $options
*/
public function postSchemaChange(IOutput $output, Closure $schemaClosure, array $options) {
$this->handleDNHashes('ldap_group_mapping');
$this->handleDNHashes('ldap_user_mapping');
}
protected function handleDNHashes(string $table): void {
$q = $this->getSelectQuery($table);
$u = $this->getUpdateQuery($table);
$r = $q->executeQuery();
while ($row = $r->fetch()) {
$dnHash = hash('sha256', $row['ldap_dn'], false);
$u->setParameter('name', $row['owncloud_name']);
$u->setParameter('dn_hash', $dnHash);
try {
$u->executeStatement();
} catch (Exception $e) {
$this->logger->error('Failed to add hash "{dnHash}" ("{name}" of {table})',
[
'app' => 'user_ldap',
'name' => $row['owncloud_name'],
'dnHash' => $dnHash,
'table' => $table,
'exception' => $e,
]
);
}
}
$r->closeCursor();
}
protected function getSelectQuery(string $table): IQueryBuilder {
$q = $this->dbc->getQueryBuilder();
$q->select('owncloud_name', 'ldap_dn', 'ldap_dn_hash')
->from($table)
->where($q->expr()->isNull('ldap_dn_hash'));
return $q;
}
protected function getUpdateQuery(string $table): IQueryBuilder {
$q = $this->dbc->getQueryBuilder();
$q->update($table)
->set('ldap_dn_hash', $q->createParameter('dn_hash'))
->where($q->expr()->eq('owncloud_name', $q->createParameter('name')));
return $q;
}
}
|