nextcloud_server/lib/private/Setup/PostgreSQL.php

<?php

/**
 * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
 * SPDX-License-Identifier: AGPL-3.0-only
 */
namespace OC\Setup;

use OC\DatabaseException;
use OC\DB\Connection;
use OC\DB\QueryBuilder\Literal;
use OCP\Security\ISecureRandom;

class PostgreSQL extends AbstractDatabase {
	public $dbprettyname = 'PostgreSQL';

	/**
	 * @param string $username
	 * @throws \OC\DatabaseSetupException
	 */
	public function setupDatabase($username) {
		try {
			$connection = $this->connect([
				'dbname' => 'postgres'
			]);
			if ($this->tryCreateDbUser) {
				//check for roles creation rights in postgresql
				$builder = $connection->getQueryBuilder();
				$builder->automaticTablePrefix(false);
				$query = $builder
					->select('rolname')
					->from('pg_roles')
					->where($builder->expr()->eq('rolcreaterole', new Literal('TRUE')))
					->andWhere($builder->expr()->eq('rolname', $builder->createNamedParameter($this->dbUser)));

				try {
					$result = $query->execute();
					$canCreateRoles = $result->rowCount() > 0;
				} catch (DatabaseException $e) {
					$canCreateRoles = false;
				}

				if ($canCreateRoles) {
					$connectionMainDatabase = $this->connect();
					//use the admin login data for the new database user

					//add prefix to the postgresql user name to prevent collisions
					$this->dbUser = 'oc_' . strtolower($username);
					//create a new password so we don't need to store the admin config in the config file
					$this->dbPassword = \OC::$server->get(ISecureRandom::class)->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);

					$this->createDBUser($connection);
				}
			}

			$this->config->setValues([
				'dbuser' => $this->dbUser,
				'dbpassword' => $this->dbPassword,
			]);

			//create the database
			$this->createDatabase($connection);
			// the connection to dbname=postgres is not needed anymore
			$connection->close();

			if ($this->tryCreateDbUser) {
				if ($canCreateRoles) {
					// Go to the main database and grant create on the public schema
					// The code below is implemented to make installing possible with PostgreSQL version 15:
					// https://www.postgresql.org/docs/release/15.0/
					// From the release notes: For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases
					// Therefore we assume that the database is only used by one user/service which is Nextcloud
					// Additional services should get installed in a separate database in order to stay secure
					// Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS
					$connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO "' . addslashes($this->dbUser) . '"');
					$connectionMainDatabase->close();
				}
			}
		} catch (\Exception $e) {
			$this->logger->warning('Error trying to connect as "postgres", assuming database is setup and tables need to be created', [
				'exception' => $e,
			]);
			$this->config->setValues([
				'dbuser' => $this->dbUser,
				'dbpassword' => $this->dbPassword,
			]);
		}

		// connect to the database (dbname=$this->dbname) and check if it needs to be filled
		$this->dbUser = $this->config->getValue('dbuser');
		$this->dbPassword = $this->config->getValue('dbpassword');
		$connection = $this->connect();
		try {
			$connection->connect();
		} catch (\Exception $e) {
			$this->logger->error($e->getMessage(), [
				'exception' => $e,
			]);
			throw new \OC\DatabaseSetupException($this->trans->t('PostgreSQL Login and/or password not valid'),
				$this->trans->t('You need to enter details of an existing account.'), 0, $e);
		}
	}

	private function createDatabase(Connection $connection) {
		if (!$this->databaseExists($connection)) {
			//The database does not exists... let's create it
			$query = $connection->prepare('CREATE DATABASE ' . addslashes($this->dbName) . ' OWNER "' . addslashes($this->dbUser) . '"');
			try {
				$query->execute();
			} catch (DatabaseException $e) {
				$this->logger->error('Error while trying to create database', [
					'exception' => $e,
				]);
			}
		} else {
			$query = $connection->prepare('REVOKE ALL PRIVILEGES ON DATABASE ' . addslashes($this->dbName) . ' FROM PUBLIC');
			try {
				$query->execute();
			} catch (DatabaseException $e) {
				$this->logger->error('Error while trying to restrict database permissions', [
					'exception' => $e,
				]);
			}
		}
	}

	private function userExists(Connection $connection) {
		$builder = $connection->getQueryBuilder();
		$builder->automaticTablePrefix(false);
		$query = $builder->select('*')
			->from('pg_roles')
			->where($builder->expr()->eq('rolname', $builder->createNamedParameter($this->dbUser)));
		$result = $query->executeQuery();
		return $result->rowCount() > 0;
	}

	private function databaseExists(Connection $connection) {
		$builder = $connection->getQueryBuilder();
		$builder->automaticTablePrefix(false);
		$query = $builder->select('datname')
			->from('pg_database')
			->where($builder->expr()->eq('datname', $builder->createNamedParameter($this->dbName)));
		$result = $query->executeQuery();
		return $result->rowCount() > 0;
	}

	private function createDBUser(Connection $connection) {
		$dbUser = $this->dbUser;
		try {
			$i = 1;
			while ($this->userExists($connection)) {
				$i++;
				$this->dbUser = $dbUser . $i;
			}

			// create the user
			$query = $connection->prepare('CREATE USER "' . addslashes($this->dbUser) . "\" CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");
			$query->execute();
			if ($this->databaseExists($connection)) {
				$query = $connection->prepare('GRANT CONNECT ON DATABASE ' . addslashes($this->dbName) . ' TO "' . addslashes($this->dbUser) . '"');
				$query->execute();
			}
		} catch (DatabaseException $e) {
			$this->logger->error('Error while trying to create database user', [
				'exception' => $e,
			]);
		}
	}
}
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00			`<?php`
chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de> 2024-05-23 09:26:56 +02:00
Update license headers 2015-03-26 11:44:34 +01:00			`/**`
chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de> 2024-05-23 09:26:56 +02:00			`* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors`
			`* SPDX-FileCopyrightText: 2016 ownCloud, Inc.`
			`* SPDX-License-Identifier: AGPL-3.0-only`
Update license headers 2015-03-26 11:44:34 +01:00			`*/`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00			`namespace OC\Setup;`

use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`use OC\DatabaseException;`
Bump doctrine/dbal from 2.12.0 to 3.0.0 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2021-01-03 15:28:31 +01:00			`use OC\DB\Connection;`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`use OC\DB\QueryBuilder\Literal;`
Introduce ISecureRandom::CHAR_ALPHANUMERIC Signed-off-by: J0WI <J0WI@users.noreply.github.com> 2021-07-07 17:52:46 +02:00			`use OCP\Security\ISecureRandom;`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00
Convert database setup code to objects 2013-04-02 22:01:23 +02:00			`class PostgreSQL extends AbstractDatabase {`
Use db setup class for option validation 2013-04-03 17:52:18 +02:00			`public $dbprettyname = 'PostgreSQL';`

Add Phan plugin to check for SQL injections This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues. As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections. The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases. Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2017-07-20 22:48:13 +02:00			`/**`
			`* @param string $username`
			`* @throws \OC\DatabaseSetupException`
			`*/`
Convert database setup code to objects 2013-04-02 22:01:23 +02:00			`public function setupDatabase($username) {`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`try {`
handle postgres setup when we cant connect as admin 2016-07-21 12:44:02 +02:00			`$connection = $this->connect([`
			`'dbname' => 'postgres'`
			`]);`
add option to disable db user creation trough environment variable Signed-off-by: Robin Appelman <robin@icewind.nl> 2023-01-29 15:54:39 +01:00			`if ($this->tryCreateDbUser) {`
			`//check for roles creation rights in postgresql`
			`$builder = $connection->getQueryBuilder();`
			`$builder->automaticTablePrefix(false);`
			`$query = $builder`
			`->select('rolname')`
			`->from('pg_roles')`
			`->where($builder->expr()->eq('rolcreaterole', new Literal('TRUE')))`
			`->andWhere($builder->expr()->eq('rolname', $builder->createNamedParameter($this->dbUser)));`
Fix PostgreSQL port configuration on install 2014-01-04 19:23:25 -02:00
add option to disable db user creation trough environment variable Signed-off-by: Robin Appelman <robin@icewind.nl> 2023-01-29 15:54:39 +01:00			`try {`
			`$result = $query->execute();`
			`$canCreateRoles = $result->rowCount() > 0;`
			`} catch (DatabaseException $e) {`
			`$canCreateRoles = false;`
			`}`
fix: use `$this->tryCreateDbUser` condition 2023-06-13 00:29:52 +08:00
add option to disable db user creation trough environment variable Signed-off-by: Robin Appelman <robin@icewind.nl> 2023-01-29 15:54:39 +01:00			`if ($canCreateRoles) {`
			`$connectionMainDatabase = $this->connect();`
			`//use the admin login data for the new database user`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00
add option to disable db user creation trough environment variable Signed-off-by: Robin Appelman <robin@icewind.nl> 2023-01-29 15:54:39 +01:00			`//add prefix to the postgresql user name to prevent collisions`
			`$this->dbUser = 'oc_' . strtolower($username);`
			`//create a new password so we don't need to store the admin config in the config file`
Refactor `OC\Server::getSecureRandom` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com> 2023-08-29 16:29:33 -05:00			`$this->dbPassword = \OC::$server->get(ISecureRandom::class)->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00
add option to disable db user creation trough environment variable Signed-off-by: Robin Appelman <robin@icewind.nl> 2023-01-29 15:54:39 +01:00			`$this->createDBUser($connection);`
			`}`
handle postgres setup when we cant connect as admin 2016-07-21 12:44:02 +02:00			`}`
Use setConfigs() instead of calling setConfig() multiple times 2015-01-23 11:13:47 +01:00
Use SystemConfig instead of AllConfig for DB stuff * preparation for followup PRs to clean up the DB bootstrapping Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2017-03-17 16:37:48 -06:00			`$this->config->setValues([`
handle postgres setup when we cant connect as admin 2016-07-21 12:44:02 +02:00			`'dbuser' => $this->dbUser,`
			`'dbpassword' => $this->dbPassword,`
			`]);`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00
handle postgres setup when we cant connect as admin 2016-07-21 12:44:02 +02:00			`//create the database`
			`$this->createDatabase($connection);`
			`// the connection to dbname=postgres is not needed anymore`
			`$connection->close();`
fix: postgresql GRANT user's permission after createDatabase, ensure database exist when GRANT 2023-06-12 18:13:34 +08:00
fix: use `$this->tryCreateDbUser` condition 2023-06-13 00:29:52 +08:00			`if ($this->tryCreateDbUser) {`
			`if ($canCreateRoles) {`
			`// Go to the main database and grant create on the public schema`
			`// The code below is implemented to make installing possible with PostgreSQL version 15:`
			`// https://www.postgresql.org/docs/release/15.0/`
			`// From the release notes: For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases`
			`// Therefore we assume that the database is only used by one user/service which is Nextcloud`
			`// Additional services should get installed in a separate database in order to stay secure`
			`// Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS`
			`$connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO "' . addslashes($this->dbUser) . '"');`
			`$connectionMainDatabase->close();`
			`}`
fix: postgresql GRANT user's permission after createDatabase, ensure database exist when GRANT 2023-06-12 18:13:34 +08:00			`}`
handle postgres setup when we cant connect as admin 2016-07-21 12:44:02 +02:00			`} catch (\Exception $e) {`
Fix psalm errors Signed-off-by: Joas Schilling <coding@schilljs.com> 2021-04-22 15:22:50 +02:00			`$this->logger->warning('Error trying to connect as "postgres", assuming database is setup and tables need to be created', [`
			`'exception' => $e,`
			`]);`
Use SystemConfig instead of AllConfig for DB stuff * preparation for followup PRs to clean up the DB bootstrapping Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2017-03-17 16:37:48 -06:00			`$this->config->setValues([`
handle postgres setup when we cant connect as admin 2016-07-21 12:44:02 +02:00			`'dbuser' => $this->dbUser,`
			`'dbpassword' => $this->dbPassword,`
			`]);`
			`}`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00
Cleanup some PHPDoc leftovers and unused variables Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2019-03-06 14:51:17 +01:00			`// connect to the database (dbname=$this->dbname) and check if it needs to be filled`
Use SystemConfig instead of AllConfig for DB stuff * preparation for followup PRs to clean up the DB bootstrapping Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2017-03-17 16:37:48 -06:00			`$this->dbUser = $this->config->getValue('dbuser');`
			`$this->dbPassword = $this->config->getValue('dbpassword');`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`$connection = $this->connect();`
			`try {`
			`$connection->connect();`
			`} catch (\Exception $e) {`
Fix psalm errors Signed-off-by: Joas Schilling <coding@schilljs.com> 2021-04-22 15:22:50 +02:00			`$this->logger->error($e->getMessage(), [`
			`'exception' => $e,`
			`]);`
fix: replace `Account name` by `Login` Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com> 2024-02-13 14:37:09 +01:00			`throw new \OC\DatabaseSetupException($this->trans->t('PostgreSQL Login and/or password not valid'),`
Add more previous exceptions to database setup code Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2021-01-07 21:04:11 +01:00			`$this->trans->t('You need to enter details of an existing account.'), 0, $e);`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00			`}`
			`}`

Bump doctrine/dbal from 2.12.0 to 3.0.0 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2021-01-03 15:28:31 +01:00			`private function createDatabase(Connection $connection) {`
handle postgres setup when we cant connect as admin 2016-07-21 12:44:02 +02:00			`if (!$this->databaseExists($connection)) {`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00			`//The database does not exists... let's create it`
postgresql - add quotes around user names fix https://github.com/nextcloud/server/issues/37114 Signed-off-by: Simon L <szaimen@e.mail.de> 2023-03-08 00:37:19 +01:00			`$query = $connection->prepare('CREATE DATABASE ' . addslashes($this->dbName) . ' OWNER "' . addslashes($this->dbUser) . '"');`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`try {`
			`$query->execute();`
			`} catch (DatabaseException $e) {`
Fix psalm errors Signed-off-by: Joas Schilling <coding@schilljs.com> 2021-04-22 15:22:50 +02:00			`$this->logger->error('Error while trying to create database', [`
			`'exception' => $e,`
			`]);`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00			`}`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`} else {`
Revert "Quote database and role in queries" This reverts commit 9ebd5d5bb20af9178e071c3c6f3b41d9a9bc8be0. 2016-12-09 15:36:14 +01:00			`$query = $connection->prepare('REVOKE ALL PRIVILEGES ON DATABASE ' . addslashes($this->dbName) . ' FROM PUBLIC');`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`try {`
			`$query->execute();`
			`} catch (DatabaseException $e) {`
Fix psalm errors Signed-off-by: Joas Schilling <coding@schilljs.com> 2021-04-22 15:22:50 +02:00			`$this->logger->error('Error while trying to restrict database permissions', [`
			`'exception' => $e,`
			`]);`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00			`}`
			`}`
			`}`

Bump doctrine/dbal from 2.12.0 to 3.0.0 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2021-01-03 15:28:31 +01:00			`private function userExists(Connection $connection) {`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`$builder = $connection->getQueryBuilder();`
			`$builder->automaticTablePrefix(false);`
			`$query = $builder->select('*')`
			`->from('pg_roles')`
			`->where($builder->expr()->eq('rolname', $builder->createNamedParameter($this->dbUser)));`
chore(db): Apply query prepared statements Fix: psalm fix: bad file fix: bug chore: add batch chore: add batch chore: add batch fix: psalm 2024-10-17 15:42:21 +02:00			`$result = $query->executeQuery();`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`return $result->rowCount() > 0;`
			`}`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00
Bump doctrine/dbal from 2.12.0 to 3.0.0 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2021-01-03 15:28:31 +01:00			`private function databaseExists(Connection $connection) {`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`$builder = $connection->getQueryBuilder();`
			`$builder->automaticTablePrefix(false);`
			`$query = $builder->select('datname')`
			`->from('pg_database')`
			`->where($builder->expr()->eq('datname', $builder->createNamedParameter($this->dbName)));`
chore(db): Apply query prepared statements Fix: psalm fix: bad file fix: bug chore: add batch chore: add batch chore: add batch fix: psalm 2024-10-17 15:42:21 +02:00			`$result = $query->executeQuery();`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`return $result->rowCount() > 0;`
			`}`

Bump doctrine/dbal from 2.12.0 to 3.0.0 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2021-01-03 15:28:31 +01:00			`private function createDBUser(Connection $connection) {`
Allow to reuse the same name when installing a new instance Signed-off-by: Joas Schilling <coding@schilljs.com> 2016-12-06 19:04:57 +01:00			`$dbUser = $this->dbUser;`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`try {`
Allow to reuse the same name when installing a new instance Signed-off-by: Joas Schilling <coding@schilljs.com> 2016-12-06 19:04:57 +01:00			`$i = 1;`
			`while ($this->userExists($connection)) {`
			`$i++;`
			`$this->dbUser = $dbUser . $i;`
Remove unneeded semicolon and parentheses Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2018-01-26 23:46:40 +01:00			`}`
Allow to reuse the same name when installing a new instance Signed-off-by: Joas Schilling <coding@schilljs.com> 2016-12-06 19:04:57 +01:00
			`// create the user`
postgresql - add quotes around user names fix https://github.com/nextcloud/server/issues/37114 Signed-off-by: Simon L <szaimen@e.mail.de> 2023-03-08 00:37:19 +01:00			`$query = $connection->prepare('CREATE USER "' . addslashes($this->dbUser) . "\" CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`$query->execute();`
Check if database exists and grand permission Signed-off-by: Vitor Mattos <vitor@php.rio> 2019-04-21 16:54:40 -03:00			`if ($this->databaseExists($connection)) {`
postgresql - add quotes around user names fix https://github.com/nextcloud/server/issues/37114 Signed-off-by: Simon L <szaimen@e.mail.de> 2023-03-08 00:37:19 +01:00			`$query = $connection->prepare('GRANT CONNECT ON DATABASE ' . addslashes($this->dbName) . ' TO "' . addslashes($this->dbUser) . '"');`
Check if database exists and grand permission Signed-off-by: Vitor Mattos <vitor@php.rio> 2019-04-21 16:54:40 -03:00			`$query->execute();`
			`}`
use pdo for postgres setup 2016-07-12 13:50:54 +02:00			`} catch (DatabaseException $e) {`
Fix psalm errors Signed-off-by: Joas Schilling <coding@schilljs.com> 2021-04-22 15:22:50 +02:00			`$this->logger->error('Error while trying to create database user', [`
			`'exception' => $e,`
			`]);`
Split database specific install/setup code to their own class 2013-03-29 16:28:48 +01:00			`}`
			`}`
			`}`
No results found.