Sākums Izpētīt Palīdzība
Pierakstīties
RISCI_ATOM
/
nextcloud-server
spogulis no https://github.com/nextcloud/server.git
1
0
Atdalīts 0
Faili Problēmas 23 Vikivietne
Koks: 8e34153145
Atzari Tagi
nextcloud-serve...
/
lib
/
private
/
Repair
/
Owncloud
/
MigrateOauthTables.php

MigrateOauthTables.php 6.1 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * @copyright 2021 Louis Chemineau <louis@chmn.me>
    4. 

  4.  *
    5. 

  5.  * @license GNU AGPL version 3 or any later version
    6. 

  6.  *
    7. 

  7.  * This program is free software: you can redistribute it and/or modify
    8. 

  8.  * it under the terms of the GNU Affero General Public License as
    9. 

  9.  * published by the Free Software Foundation, either version 3 of the
    10. 

  10.  * License, or (at your option) any later version.
    11. 

  11.  *
    12. 

  12.  * This program is distributed in the hope that it will be useful,
    13. 

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    15. 

  15.  * GNU Affero General Public License for more details.
    16. 

  16.  *
    17. 

  17.  * You should have received a copy of the GNU Affero General Public License
    18. 

  18.  * along with this program. If not, see <http://www.gnu.org/licenses/>.
    19. 

  19.  *
    20. 

  20.  */
    21. 

  21. namespace OC\Repair\Owncloud;
    22. 

  22. 

  23. use OCP\Migration\IOutput;
    24. 

  24. use OCP\Migration\IRepairStep;
    25. 

  25. use OC\DB\Connection;
    26. 

  26. use OC\DB\SchemaWrapper;
    27. 

  27. use OCP\DB\QueryBuilder\IQueryBuilder;
    28. 

  28. 

  29. class MigrateOauthTables implements IRepairStep {
    30. 

  30. 	/** @var Connection */
    31. 

  31. 	protected $db;
    32. 

  32. 

  33. 	/**
    34. 

  34. 	 * @param Connection $db
    35. 

  35. 	 */
    36. 

  36. 	public function __construct(Connection $db) {
    37. 

  37. 		$this->db = $db;
    38. 

  38. 	}
    39. 

  39. 

  40. 	/**
    41. 

  41. 	 * @return string
    42. 

  42. 	 */
    43. 

  43. 	public function getName() {
    44. 

  44. 		return 'Migrate oauth2_clients table to nextcloud schema';
    45. 

  45. 	}
    46. 

  46. 

  47. 	public function run(IOutput $output) {
    48. 

  48. 		$schema = new SchemaWrapper($this->db);
    49. 

  49. 		if (!$schema->hasTable('oauth2_clients')) {
    50. 

  50. 			$output->info("oauth2_clients table does not exist.");
    51. 

  51. 			return;
    52. 

  52. 		}
    53. 

  53. 

  54. 		$output->info("Update the oauth2_access_tokens table schema.");
    55. 

  55. 		$schema = new SchemaWrapper($this->db);
    56. 

  56. 		$table = $schema->getTable('oauth2_access_tokens');
    57. 

  57. 		if (!$table->hasColumn('hashed_code')) {
    58. 

  58. 			$table->addColumn('hashed_code', 'string', [
    59. 

  59. 				'notnull' => true,
    60. 

  60. 				'length' => 128,
    61. 

  61. 			]);
    62. 

  62. 		}
    63. 

  63. 		if (!$table->hasColumn('encrypted_token')) {
    64. 

  64. 			$table->addColumn('encrypted_token', 'string', [
    65. 

  65. 				'notnull' => true,
    66. 

  66. 				'length' => 786,
    67. 

  67. 			]);
    68. 

  68. 		}
    69. 

  69. 		if (!$table->hasIndex('oauth2_access_hash_idx')) {
    70. 

  70. 			$table->addUniqueIndex(['hashed_code'], 'oauth2_access_hash_idx');
    71. 

  71. 		}
    72. 

  72. 		if (!$table->hasIndex('oauth2_access_client_id_idx')) {
    73. 

  73. 			$table->addIndex(['client_id'], 'oauth2_access_client_id_idx');
    74. 

  74. 		}
    75. 

  75. 

  76. 		$output->info("Update the oauth2_clients table schema.");
    77. 

  77. 		$schema = new SchemaWrapper($this->db);
    78. 

  78. 		$table = $schema->getTable('oauth2_clients');
    79. 

  79. 		if ($table->getColumn('name')->getLength() !== 64) {
    80. 

  80. 			// shorten existing values before resizing the column
    81. 

  81. 			$qb = $this->db->getQueryBuilder();
    82. 

  82. 			$qb->update('oauth2_clients')
    83. 

  83. 				->set('name', $qb->createParameter('shortenedName'))
    84. 

  84. 				->where($qb->expr()->eq('id', $qb->createParameter('theId')));
    85. 

  85. 

  86. 			$qbSelect = $this->db->getQueryBuilder();
    87. 

  87. 			$qbSelect->select('id', 'name')
    88. 

  88. 				->from('oauth2_clients');
    89. 

  89. 

  90. 			$result = $qbSelect->executeQuery();
    91. 

  91. 			while ($row = $result->fetch()) {
    92. 

  92. 				$id = $row['id'];
    93. 

  93. 				$shortenedName = mb_substr($row['name'], 0, 64);
    94. 

  94. 				$qb->setParameter('theId', $id, IQueryBuilder::PARAM_INT);
    95. 

  95. 				$qb->setParameter('shortenedName', $shortenedName, IQueryBuilder::PARAM_STR);
    96. 

  96. 				$qb->executeStatement();
    97. 

  97. 			}
    98. 

  98. 			$result->closeCursor();
    99. 

  99. 

  100. 			// safely set the new column length
    101. 

  101. 			$table->getColumn('name')->setLength(64);
    102. 

  102. 		}
    103. 

  103. 		if ($table->hasColumn('allow_subdomains')) {
    104. 

  104. 			$table->dropColumn('allow_subdomains');
    105. 

  105. 		}
    106. 

  106. 		if ($table->hasColumn('trusted')) {
    107. 

  107. 			$table->dropColumn('trusted');
    108. 

  108. 		}
    109. 

  109. 

  110. 		if (!$schema->getTable('oauth2_clients')->hasColumn('client_identifier')) {
    111. 

  111. 			$table->addColumn('client_identifier', 'string', [
    112. 

  112. 				'notnull' => true,
    113. 

  113. 				'length' => 64,
    114. 

  114. 				'default' => ''
    115. 

  115. 			]);
    116. 

  116. 			$table->addIndex(['client_identifier'], 'oauth2_client_id_idx');
    117. 

  117. 		}
    118. 

  118. 

  119. 		$this->db->migrateToSchema($schema->getWrappedSchema());
    120. 

  120. 

  121. 

  122. 		if ($schema->getTable('oauth2_clients')->hasColumn('identifier')) {
    123. 

  123. 			$output->info("Move identifier column's data to the new client_identifier column.");
    124. 

  124. 			// 1. Fetch all [id, identifier] couple.
    125. 

  125. 			$selectQuery = $this->db->getQueryBuilder();
    126. 

  126. 			$selectQuery->select('id', 'identifier')->from('oauth2_clients');
    127. 

  127. 			$result = $selectQuery->executeQuery();
    128. 

  128. 			$identifiers = $result->fetchAll();
    129. 

  129. 			$result->closeCursor();
    130. 

  130. 

  131. 			// 2. Insert them into the client_identifier column.
    132. 

  132. 			foreach ($identifiers as ["id" => $id, "identifier" => $clientIdentifier]) {
    133. 

  133. 				$insertQuery = $this->db->getQueryBuilder();
    134. 

  134. 				$insertQuery->update('oauth2_clients')
    135. 

  135. 					->set('client_identifier', $insertQuery->createNamedParameter($clientIdentifier, IQueryBuilder::PARAM_STR))
    136. 

  136. 					->where($insertQuery->expr()->eq('id', $insertQuery->createNamedParameter($id, IQueryBuilder::PARAM_INT)))
    137. 

  137. 					->executeStatement();
    138. 

  138. 			}
    139. 

  139. 

  140. 			$output->info("Drop the identifier column.");
    141. 

  141. 			$schema = new SchemaWrapper($this->db);
    142. 

  142. 			$table = $schema->getTable('oauth2_clients');
    143. 

  143. 			$table->dropColumn('identifier');
    144. 

  144. 			$this->db->migrateToSchema($schema->getWrappedSchema());
    145. 

  145. 		}
    146. 

  146. 

  147. 		$output->info('Delete clients (and their related access tokens) with the redirect_uri starting with oc:// or ending with *');
    148. 

  148. 		// delete the access tokens
    149. 

  149. 		$qbDeleteAccessTokens = $this->db->getQueryBuilder();
    150. 

  150. 

  151. 		$qbSelectClientId = $this->db->getQueryBuilder();
    152. 

  152. 		$qbSelectClientId->select('id')
    153. 

  153. 			->from('oauth2_clients')
    154. 

  154. 			->where(
    155. 

  155. 				$qbSelectClientId->expr()->iLike('redirect_uri', $qbDeleteAccessTokens->createNamedParameter('oc://%', IQueryBuilder::PARAM_STR))
    156. 

  156. 			)
    157. 

  157. 			->orWhere(
    158. 

  158. 				$qbSelectClientId->expr()->iLike('redirect_uri', $qbDeleteAccessTokens->createNamedParameter('%*', IQueryBuilder::PARAM_STR))
    159. 

  159. 			);
    160. 

  160. 

  161. 		$qbDeleteAccessTokens->delete('oauth2_access_tokens')
    162. 

  162. 			->where(
    163. 

  163. 				$qbSelectClientId->expr()->in('client_id', $qbDeleteAccessTokens->createFunction($qbSelectClientId->getSQL()), IQueryBuilder::PARAM_STR_ARRAY)
    164. 

  164. 			);
    165. 

  165. 		$qbDeleteAccessTokens->executeStatement();
    166. 

  166. 

  167. 		// delete the clients
    168. 

  168. 		$qbDeleteClients = $this->db->getQueryBuilder();
    169. 

  169. 		$qbDeleteClients->delete('oauth2_clients')
    170. 

  170. 			->where(
    171. 

  171. 				$qbDeleteClients->expr()->iLike('redirect_uri', $qbDeleteClients->createNamedParameter('oc://%', IQueryBuilder::PARAM_STR))
    172. 

  172. 			)
    173. 

  173. 			->orWhere(
    174. 

  174. 				$qbDeleteClients->expr()->iLike('redirect_uri', $qbDeleteClients->createNamedParameter('%*', IQueryBuilder::PARAM_STR))
    175. 

  175. 			);
    176. 

  176. 		$qbDeleteClients->executeStatement();
    177. 

  177. 	}
    178. 

  178. }
    179.