MediaWiki  master
PostgresInstaller.php
Go to the documentation of this file.
1 <?php
28 
36 
37  protected $globalNames = [
38  'wgDBserver',
39  'wgDBport',
40  'wgDBname',
41  'wgDBuser',
42  'wgDBpassword',
43  'wgDBmwschema',
44  ];
45 
46  protected $internalDefaults = [
47  '_InstallUser' => 'postgres',
48  ];
49 
50  public static $minimumVersion = '9.2';
51  protected static $notMinimumVersionMessage = 'config-postgres-old';
52  public $maxRoleSearchDepth = 5;
53 
54  protected $pgConns = [];
55 
56  function getName() {
57  return 'postgres';
58  }
59 
60  public function isCompiled() {
61  return self::checkExtension( 'pgsql' );
62  }
63 
64  function getConnectForm() {
65  return $this->getTextBox(
66  'wgDBserver',
67  'config-db-host',
68  [],
69  $this->parent->getHelpBox( 'config-db-host-help' )
70  ) .
71  $this->getTextBox( 'wgDBport', 'config-db-port' ) .
72  Html::openElement( 'fieldset' ) .
73  Html::element( 'legend', [], wfMessage( 'config-db-wiki-settings' )->text() ) .
74  $this->getTextBox(
75  'wgDBname',
76  'config-db-name',
77  [],
78  $this->parent->getHelpBox( 'config-db-name-help' )
79  ) .
80  $this->getTextBox(
81  'wgDBmwschema',
82  'config-db-schema',
83  [],
84  $this->parent->getHelpBox( 'config-db-schema-help' )
85  ) .
86  Html::closeElement( 'fieldset' ) .
87  $this->getInstallUserBox();
88  }
89 
90  function submitConnectForm() {
91  // Get variables from the request
92  $newValues = $this->setVarsFromRequest( [
93  'wgDBserver',
94  'wgDBport',
95  'wgDBname',
96  'wgDBmwschema'
97  ] );
98 
99  // Validate them
100  $status = Status::newGood();
101  if ( !strlen( $newValues['wgDBname'] ) ) {
102  $status->fatal( 'config-missing-db-name' );
103  } elseif ( !preg_match( '/^[a-zA-Z0-9_]+$/', $newValues['wgDBname'] ) ) {
104  $status->fatal( 'config-invalid-db-name', $newValues['wgDBname'] );
105  }
106  if ( !preg_match( '/^[a-zA-Z0-9_]*$/', $newValues['wgDBmwschema'] ) ) {
107  $status->fatal( 'config-invalid-schema', $newValues['wgDBmwschema'] );
108  }
109 
110  // Submit user box
111  if ( $status->isOK() ) {
112  $status->merge( $this->submitInstallUserBox() );
113  }
114  if ( !$status->isOK() ) {
115  return $status;
116  }
117 
118  $status = $this->getPgConnection( 'create-db' );
119  if ( !$status->isOK() ) {
120  return $status;
121  }
125  $conn = $status->value;
126 
127  // Check version
128  $version = $conn->getServerVersion();
129  $status = static::meetsMinimumRequirement( $version );
130  if ( !$status->isOK() ) {
131  return $status;
132  }
133 
134  $this->setVar( 'wgDBuser', $this->getVar( '_InstallUser' ) );
135  $this->setVar( 'wgDBpassword', $this->getVar( '_InstallPassword' ) );
136 
137  return Status::newGood();
138  }
139 
140  public function getConnection() {
141  $status = $this->getPgConnection( 'create-tables' );
142  if ( $status->isOK() ) {
143  $this->db = $status->value;
144  }
145 
146  return $status;
147  }
148 
149  public function openConnection() {
150  return $this->openPgConnection( 'create-tables' );
151  }
152 
161  protected function openConnectionWithParams( $user, $password, $dbName, $schema ) {
162  $status = Status::newGood();
163  try {
164  $db = Database::factory( 'postgres', [
165  'host' => $this->getVar( 'wgDBserver' ),
166  'port' => $this->getVar( 'wgDBport' ),
167  'user' => $user,
168  'password' => $password,
169  'dbname' => $dbName,
170  'schema' => $schema,
171  'keywordTableMap' => [ 'user' => 'mwuser', 'text' => 'pagecontent' ],
172  ] );
173  $status->value = $db;
174  } catch ( DBConnectionError $e ) {
175  $status->fatal( 'config-connection-error', $e->getMessage() );
176  }
177 
178  return $status;
179  }
180 
186  protected function getPgConnection( $type ) {
187  if ( isset( $this->pgConns[$type] ) ) {
188  return Status::newGood( $this->pgConns[$type] );
189  }
190  $status = $this->openPgConnection( $type );
191 
192  if ( $status->isOK() ) {
196  $conn = $status->value;
197  $conn->clearFlag( DBO_TRX );
198  $conn->commit( __METHOD__ );
199  $this->pgConns[$type] = $conn;
200  }
201 
202  return $status;
203  }
204 
230  protected function openPgConnection( $type ) {
231  switch ( $type ) {
232  case 'create-db':
233  return $this->openConnectionToAnyDB(
234  $this->getVar( '_InstallUser' ),
235  $this->getVar( '_InstallPassword' ) );
236  case 'create-schema':
237  return $this->openConnectionWithParams(
238  $this->getVar( '_InstallUser' ),
239  $this->getVar( '_InstallPassword' ),
240  $this->getVar( 'wgDBname' ),
241  $this->getVar( 'wgDBmwschema' ) );
242  case 'create-tables':
243  $status = $this->openPgConnection( 'create-schema' );
244  if ( $status->isOK() ) {
248  $conn = $status->value;
249  $safeRole = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
250  $conn->query( "SET ROLE $safeRole" );
251  }
252 
253  return $status;
254  default:
255  throw new MWException( "Invalid special connection type: \"$type\"" );
256  }
257  }
258 
259  public function openConnectionToAnyDB( $user, $password ) {
260  $dbs = [
261  'template1',
262  'postgres',
263  ];
264  if ( !in_array( $this->getVar( 'wgDBname' ), $dbs ) ) {
265  array_unshift( $dbs, $this->getVar( 'wgDBname' ) );
266  }
267  $conn = false;
268  $status = Status::newGood();
269  foreach ( $dbs as $db ) {
270  try {
271  $p = [
272  'host' => $this->getVar( 'wgDBserver' ),
273  'user' => $user,
274  'password' => $password,
275  'dbname' => $db
276  ];
277  $conn = Database::factory( 'postgres', $p );
278  } catch ( DBConnectionError $error ) {
279  $conn = false;
280  $status->fatal( 'config-pg-test-error', $db,
281  $error->getMessage() );
282  }
283  if ( $conn !== false ) {
284  break;
285  }
286  }
287  if ( $conn !== false ) {
288  return Status::newGood( $conn );
289  } else {
290  return $status;
291  }
292  }
293 
294  protected function getInstallUserPermissions() {
295  $status = $this->getPgConnection( 'create-db' );
296  if ( !$status->isOK() ) {
297  return false;
298  }
302  $conn = $status->value;
303  $superuser = $this->getVar( '_InstallUser' );
304 
305  $row = $conn->selectRow( '"pg_catalog"."pg_roles"', '*',
306  [ 'rolname' => $superuser ], __METHOD__ );
307 
308  return $row;
309  }
310 
311  protected function canCreateAccounts() {
312  $perms = $this->getInstallUserPermissions();
313  if ( !$perms ) {
314  return false;
315  }
316 
317  return $perms->rolsuper === 't' || $perms->rolcreaterole === 't';
318  }
319 
320  protected function isSuperUser() {
321  $perms = $this->getInstallUserPermissions();
322  if ( !$perms ) {
323  return false;
324  }
325 
326  return $perms->rolsuper === 't';
327  }
328 
329  public function getSettingsForm() {
330  if ( $this->canCreateAccounts() ) {
331  $noCreateMsg = false;
332  } else {
333  $noCreateMsg = 'config-db-web-no-create-privs';
334  }
335  $s = $this->getWebUserBox( $noCreateMsg );
336 
337  return $s;
338  }
339 
340  public function submitSettingsForm() {
341  $status = $this->submitWebUserBox();
342  if ( !$status->isOK() ) {
343  return $status;
344  }
345 
346  $same = $this->getVar( 'wgDBuser' ) === $this->getVar( '_InstallUser' );
347 
348  if ( $same ) {
349  $exists = true;
350  } else {
351  // Check if the web user exists
352  // Connect to the database with the install user
353  $status = $this->getPgConnection( 'create-db' );
354  if ( !$status->isOK() ) {
355  return $status;
356  }
357  // @phan-suppress-next-line PhanUndeclaredMethod
358  $exists = $status->value->roleExists( $this->getVar( 'wgDBuser' ) );
359  }
360 
361  // Validate the create checkbox
362  if ( $this->canCreateAccounts() && !$same && !$exists ) {
363  $create = $this->getVar( '_CreateDBAccount' );
364  } else {
365  $this->setVar( '_CreateDBAccount', false );
366  $create = false;
367  }
368 
369  if ( !$create && !$exists ) {
370  if ( $this->canCreateAccounts() ) {
371  $msg = 'config-install-user-missing-create';
372  } else {
373  $msg = 'config-install-user-missing';
374  }
375 
376  return Status::newFatal( $msg, $this->getVar( 'wgDBuser' ) );
377  }
378 
379  if ( !$exists ) {
380  // No more checks to do
381  return Status::newGood();
382  }
383 
384  // Existing web account. Test the connection.
385  $status = $this->openConnectionToAnyDB(
386  $this->getVar( 'wgDBuser' ),
387  $this->getVar( 'wgDBpassword' ) );
388  if ( !$status->isOK() ) {
389  return $status;
390  }
391 
392  // The web user is conventionally the table owner in PostgreSQL
393  // installations. Make sure the install user is able to create
394  // objects on behalf of the web user.
395  if ( $same || $this->canCreateObjectsForWebUser() ) {
396  return Status::newGood();
397  } else {
398  return Status::newFatal( 'config-pg-not-in-role' );
399  }
400  }
401 
407  protected function canCreateObjectsForWebUser() {
408  if ( $this->isSuperUser() ) {
409  return true;
410  }
411 
412  $status = $this->getPgConnection( 'create-db' );
413  if ( !$status->isOK() ) {
414  return false;
415  }
416  $conn = $status->value;
417  $installerId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
418  [ 'rolname' => $this->getVar( '_InstallUser' ) ], __METHOD__ );
419  $webId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
420  [ 'rolname' => $this->getVar( 'wgDBuser' ) ], __METHOD__ );
421 
422  return $this->isRoleMember( $conn, $installerId, $webId, $this->maxRoleSearchDepth );
423  }
424 
433  protected function isRoleMember( $conn, $targetMember, $group, $maxDepth ) {
434  if ( $targetMember === $group ) {
435  // A role is always a member of itself
436  return true;
437  }
438  // Get all members of the given group
439  $res = $conn->select( '"pg_catalog"."pg_auth_members"', [ 'member' ],
440  [ 'roleid' => $group ], __METHOD__ );
441  foreach ( $res as $row ) {
442  if ( $row->member == $targetMember ) {
443  // Found target member
444  return true;
445  }
446  // Recursively search each member of the group to see if the target
447  // is a member of it, up to the given maximum depth.
448  if ( $maxDepth > 0 &&
449  $this->isRoleMember( $conn, $targetMember, $row->member, $maxDepth - 1 )
450  ) {
451  // Found member of member
452  return true;
453  }
454  }
455 
456  return false;
457  }
458 
459  public function preInstall() {
460  $createDbAccount = [
461  'name' => 'user',
462  'callback' => [ $this, 'setupUser' ],
463  ];
464  $commitCB = [
465  'name' => 'pg-commit',
466  'callback' => [ $this, 'commitChanges' ],
467  ];
468  $plpgCB = [
469  'name' => 'pg-plpgsql',
470  'callback' => [ $this, 'setupPLpgSQL' ],
471  ];
472  $schemaCB = [
473  'name' => 'schema',
474  'callback' => [ $this, 'setupSchema' ]
475  ];
476 
477  if ( $this->getVar( '_CreateDBAccount' ) ) {
478  $this->parent->addInstallStep( $createDbAccount, 'database' );
479  }
480  $this->parent->addInstallStep( $commitCB, 'interwiki' );
481  $this->parent->addInstallStep( $plpgCB, 'database' );
482  $this->parent->addInstallStep( $schemaCB, 'database' );
483  }
484 
485  function setupDatabase() {
486  $status = $this->getPgConnection( 'create-db' );
487  if ( !$status->isOK() ) {
488  return $status;
489  }
490  $conn = $status->value;
491 
492  $dbName = $this->getVar( 'wgDBname' );
493 
494  $exists = $conn->selectField( '"pg_catalog"."pg_database"', '1',
495  [ 'datname' => $dbName ], __METHOD__ );
496  if ( !$exists ) {
497  $safedb = $conn->addIdentifierQuotes( $dbName );
498  $conn->query( "CREATE DATABASE $safedb", __METHOD__ );
499  }
500 
501  return Status::newGood();
502  }
503 
504  function setupSchema() {
505  // Get a connection to the target database
506  $status = $this->getPgConnection( 'create-schema' );
507  if ( !$status->isOK() ) {
508  return $status;
509  }
511  $conn = $status->value;
512  '@phan-var DatabasePostgres $conn';
513 
514  // Create the schema if necessary
515  $schema = $this->getVar( 'wgDBmwschema' );
516  $safeschema = $conn->addIdentifierQuotes( $schema );
517  $safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
518  if ( !$conn->schemaExists( $schema ) ) {
519  try {
520  $conn->query( "CREATE SCHEMA $safeschema AUTHORIZATION $safeuser" );
521  } catch ( DBQueryError $e ) {
522  return Status::newFatal( 'config-install-pg-schema-failed',
523  $this->getVar( '_InstallUser' ), $schema );
524  }
525  }
526 
527  // Select the new schema in the current connection
528  $conn->determineCoreSchema( $schema );
529 
530  return Status::newGood();
531  }
532 
533  function commitChanges() {
534  $this->db->commit( __METHOD__ );
535 
536  return Status::newGood();
537  }
538 
539  function setupUser() {
540  if ( !$this->getVar( '_CreateDBAccount' ) ) {
541  return Status::newGood();
542  }
543 
544  $status = $this->getPgConnection( 'create-db' );
545  if ( !$status->isOK() ) {
546  return $status;
547  }
549  $conn = $status->value;
550  '@phan-var DatabasePostgres $conn';
551 
552  $safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
553  $safepass = $conn->addQuotes( $this->getVar( 'wgDBpassword' ) );
554 
555  // Check if the user already exists
556  $userExists = $conn->roleExists( $this->getVar( 'wgDBuser' ) );
557  if ( !$userExists ) {
558  // Create the user
559  try {
560  $sql = "CREATE ROLE $safeuser NOCREATEDB LOGIN PASSWORD $safepass";
561 
562  // If the install user is not a superuser, we need to make the install
563  // user a member of the new user's group, so that the install user will
564  // be able to create a schema and other objects on behalf of the new user.
565  if ( !$this->isSuperUser() ) {
566  $sql .= ' ROLE' . $conn->addIdentifierQuotes( $this->getVar( '_InstallUser' ) );
567  }
568 
569  $conn->query( $sql, __METHOD__ );
570  } catch ( DBQueryError $e ) {
571  return Status::newFatal( 'config-install-user-create-failed',
572  $this->getVar( 'wgDBuser' ), $e->getMessage() );
573  }
574  }
575 
576  return Status::newGood();
577  }
578 
579  function getLocalSettings() {
580  $port = $this->getVar( 'wgDBport' );
581  $schema = $this->getVar( 'wgDBmwschema' );
582 
583  return "# Postgres specific settings
584 \$wgDBport = \"{$port}\";
585 \$wgDBmwschema = \"{$schema}\";";
586  }
587 
588  public function preUpgrade() {
589  global $wgDBuser, $wgDBpassword;
590 
591  # Normal user and password are selected after this step, so for now
592  # just copy these two
593  $wgDBuser = $this->getVar( '_InstallUser' );
594  $wgDBpassword = $this->getVar( '_InstallPassword' );
595  }
596 
597  public function createTables() {
598  $schema = $this->getVar( 'wgDBmwschema' );
599 
600  $status = $this->getConnection();
601  if ( !$status->isOK() ) {
602  return $status;
603  }
604 
606  $conn = $status->value;
607  '@phan-var DatabasePostgres $conn';
608 
609  if ( $conn->tableExists( 'archive' ) ) {
610  $status->warning( 'config-install-tables-exist' );
611  $this->enableLB();
612 
613  return $status;
614  }
615 
616  $conn->begin( __METHOD__ );
617 
618  if ( !$conn->schemaExists( $schema ) ) {
619  $status->fatal( 'config-install-pg-schema-not-exist' );
620 
621  return $status;
622  }
623  $error = $conn->sourceFile( $this->getSchemaPath( $conn ) );
624  if ( $error !== true ) {
625  $conn->reportQueryError( $error, 0, '', __METHOD__ );
626  $conn->rollback( __METHOD__ );
627  $status->fatal( 'config-install-tables-failed', $error );
628  } else {
629  $conn->commit( __METHOD__ );
630  }
631  // Resume normal operations
632  if ( $status->isOK() ) {
633  $this->enableLB();
634  }
635 
636  return $status;
637  }
638 
639  public function getGlobalDefaults() {
640  // The default $wgDBmwschema is null, which breaks Postgres and other DBMSes that require
641  // the use of a schema, so we need to set it here
642  return array_merge( parent::getGlobalDefaults(), [
643  'wgDBmwschema' => 'mediawiki',
644  ] );
645  }
646 
647  public function setupPLpgSQL() {
648  // Connect as the install user, since it owns the database and so is
649  // the user that needs to run "CREATE LANGUAGE"
650  $status = $this->getPgConnection( 'create-schema' );
651  if ( !$status->isOK() ) {
652  return $status;
653  }
657  $conn = $status->value;
658 
659  $exists = $conn->selectField( '"pg_catalog"."pg_language"', 1,
660  [ 'lanname' => 'plpgsql' ], __METHOD__ );
661  if ( $exists ) {
662  // Already exists, nothing to do
663  return Status::newGood();
664  }
665 
666  // plpgsql is not installed, but if we have a pg_pltemplate table, we
667  // should be able to create it
668  $exists = $conn->selectField(
669  [ '"pg_catalog"."pg_class"', '"pg_catalog"."pg_namespace"' ],
670  1,
671  [
672  'pg_namespace.oid=relnamespace',
673  'nspname' => 'pg_catalog',
674  'relname' => 'pg_pltemplate',
675  ],
676  __METHOD__ );
677  if ( $exists ) {
678  try {
679  $conn->query( 'CREATE LANGUAGE plpgsql' );
680  } catch ( DBQueryError $e ) {
681  return Status::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
682  }
683  } else {
684  return Status::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
685  }
686 
687  return Status::newGood();
688  }
689 }
static newFatal( $message,... $parameters)
Factory function for fatal errors.
Definition: StatusValue.php:69
static element( $element, $attribs=[], $contents='')
Identical to rawElement(), but HTML-escapes $contents (like Xml::element()).
Definition: Html.php:231
$wgDBpassword
Database user&#39;s password.
static openElement( $element, $attribs=[])
Identical to rawElement(), but has no third parameter and omits the end tag (and the self-closing &#39;/&#39;...
Definition: Html.php:251
openConnectionWithParams( $user, $password, $dbName, $schema)
Open a PG connection with given parameters.
$wgDBuser
Database username.
getTextBox( $var, $label, $attribs=[], $helpData="")
Get a labelled text box to configure a local variable.
openConnectionToAnyDB( $user, $password)
submitWebUserBox()
Submit the form from getWebUserBox().
openPgConnection( $type)
Get a connection of a specific PostgreSQL-specific type.
isRoleMember( $conn, $targetMember, $group, $maxDepth)
Recursive helper for canCreateObjectsForWebUser().
getSchemaPath( $db)
Return a path to the DBMS-specific schema file, otherwise default to tables.sql.
static newGood( $value=null)
Factory function for good results.
Definition: StatusValue.php:81
static closeElement( $element)
Returns "</$element>".
Definition: Html.php:315
getWebUserBox( $noCreateMsg=false)
Get a standard web-user fieldset.
submitInstallUserBox()
Submit a standard install user fieldset.
const DBO_TRX
Definition: defines.php:12
getInstallUserBox()
Get a standard install-user fieldset.
getVar( $var, $default=null)
Get a variable, taking local defaults into account.
getPgConnection( $type)
Get a special type of connection.
Database $db
The database connection.
setVar( $name, $value)
Convenience alias for $this->parent->setVar()
Class for setting up the MediaWiki database using Postgres.
Base class for DBMS-specific installation helper classes.
canCreateObjectsForWebUser()
Returns true if the install user is able to create objects owned by the web user, false otherwise...
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
setVarsFromRequest( $varNames)
Convenience function to set variables based on form data.
enableLB()
Set up LBFactory so that wfGetDB() etc.