3 * PostgreSQL-specific installer.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
24 use Wikimedia\Rdbms\Database
;
25 use Wikimedia\Rdbms\DBQueryError
;
26 use Wikimedia\Rdbms\DBConnectionError
;
29 * Class for setting up the MediaWiki database using Postgres.
34 class PostgresInstaller
extends DatabaseInstaller
{
36 protected $globalNames = [
45 protected $internalDefaults = [
46 '_InstallUser' => 'postgres',
49 public static $minimumVersion = '9.2';
50 protected static $notMiniumumVerisonMessage = 'config-postgres-old';
51 public $maxRoleSearchDepth = 5;
53 protected $pgConns = [];
59 public function isCompiled() {
60 return self
::checkExtension( 'pgsql' );
63 function getConnectForm() {
64 return $this->getTextBox(
68 $this->parent
->getHelpBox( 'config-db-host-help' )
70 $this->getTextBox( 'wgDBport', 'config-db-port' ) .
71 Html
::openElement( 'fieldset' ) .
72 Html
::element( 'legend', [], wfMessage( 'config-db-wiki-settings' )->text() ) .
77 $this->parent
->getHelpBox( 'config-db-name-help' )
83 $this->parent
->getHelpBox( 'config-db-schema-help' )
85 Html
::closeElement( 'fieldset' ) .
86 $this->getInstallUserBox();
89 function submitConnectForm() {
90 // Get variables from the request
91 $newValues = $this->setVarsFromRequest( [
99 $status = Status
::newGood();
100 if ( !strlen( $newValues['wgDBname'] ) ) {
101 $status->fatal( 'config-missing-db-name' );
102 } elseif ( !preg_match( '/^[a-zA-Z0-9_]+$/', $newValues['wgDBname'] ) ) {
103 $status->fatal( 'config-invalid-db-name', $newValues['wgDBname'] );
105 if ( !preg_match( '/^[a-zA-Z0-9_]*$/', $newValues['wgDBmwschema'] ) ) {
106 $status->fatal( 'config-invalid-schema', $newValues['wgDBmwschema'] );
110 if ( $status->isOK() ) {
111 $status->merge( $this->submitInstallUserBox() );
113 if ( !$status->isOK() ) {
117 $status = $this->getPgConnection( 'create-db' );
118 if ( !$status->isOK() ) {
122 * @var $conn Database
124 $conn = $status->value
;
127 $version = $conn->getServerVersion();
128 $status = static::meetsMinimumRequirement( $conn->getServerVersion() );
129 if ( !$status->isOK() ) {
133 $this->setVar( 'wgDBuser', $this->getVar( '_InstallUser' ) );
134 $this->setVar( 'wgDBpassword', $this->getVar( '_InstallPassword' ) );
136 return Status
::newGood();
139 public function getConnection() {
140 $status = $this->getPgConnection( 'create-tables' );
141 if ( $status->isOK() ) {
142 $this->db
= $status->value
;
148 public function openConnection() {
149 return $this->openPgConnection( 'create-tables' );
153 * Open a PG connection with given parameters
154 * @param string $user User name
155 * @param string $password
156 * @param string $dbName Database name
157 * @param string $schema Database schema
160 protected function openConnectionWithParams( $user, $password, $dbName, $schema ) {
161 $status = Status
::newGood();
163 $db = Database
::factory( 'postgres', [
164 'host' => $this->getVar( 'wgDBserver' ),
165 'port' => $this->getVar( 'wgDBport' ),
167 'password' => $password,
170 'keywordTableMap' => [ 'user' => 'mwuser', 'text' => 'pagecontent' ],
172 $status->value
= $db;
173 } catch ( DBConnectionError
$e ) {
174 $status->fatal( 'config-connection-error', $e->getMessage() );
181 * Get a special type of connection
182 * @param string $type See openPgConnection() for details.
185 protected function getPgConnection( $type ) {
186 if ( isset( $this->pgConns
[$type] ) ) {
187 return Status
::newGood( $this->pgConns
[$type] );
189 $status = $this->openPgConnection( $type );
191 if ( $status->isOK() ) {
193 * @var $conn Database
195 $conn = $status->value
;
196 $conn->clearFlag( DBO_TRX
);
197 $conn->commit( __METHOD__
);
198 $this->pgConns
[$type] = $conn;
205 * Get a connection of a specific PostgreSQL-specific type. Connections
206 * of a given type are cached.
208 * PostgreSQL lacks cross-database operations, so after the new database is
209 * created, you need to make a separate connection to connect to that
210 * database and add tables to it.
212 * New tables are owned by the user that creates them, and MediaWiki's
213 * PostgreSQL support has always assumed that the table owner will be
214 * $wgDBuser. So before we create new tables, we either need to either
215 * connect as the other user or to execute a SET ROLE command. Using a
216 * separate connection for this allows us to avoid accidental cross-module
219 * @param string $type The type of connection to get:
220 * - create-db: A connection for creating DBs, suitable for pre-
222 * - create-schema: A connection to the new DB, for creating schemas and
223 * other similar objects in the new DB.
224 * - create-tables: A connection with a role suitable for creating tables.
226 * @throws MWException
227 * @return Status On success, a connection object will be in the value member.
229 protected function openPgConnection( $type ) {
232 return $this->openConnectionToAnyDB(
233 $this->getVar( '_InstallUser' ),
234 $this->getVar( '_InstallPassword' ) );
235 case 'create-schema':
236 return $this->openConnectionWithParams(
237 $this->getVar( '_InstallUser' ),
238 $this->getVar( '_InstallPassword' ),
239 $this->getVar( 'wgDBname' ),
240 $this->getVar( 'wgDBmwschema' ) );
241 case 'create-tables':
242 $status = $this->openPgConnection( 'create-schema' );
243 if ( $status->isOK() ) {
245 * @var $conn Database
247 $conn = $status->value
;
248 $safeRole = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
249 $conn->query( "SET ROLE $safeRole" );
254 throw new MWException( "Invalid special connection type: \"$type\"" );
258 public function openConnectionToAnyDB( $user, $password ) {
263 if ( !in_array( $this->getVar( 'wgDBname' ), $dbs ) ) {
264 array_unshift( $dbs, $this->getVar( 'wgDBname' ) );
267 $status = Status
::newGood();
268 foreach ( $dbs as $db ) {
271 'host' => $this->getVar( 'wgDBserver' ),
273 'password' => $password,
276 $conn = Database
::factory( 'postgres', $p );
277 } catch ( DBConnectionError
$error ) {
279 $status->fatal( 'config-pg-test-error', $db,
280 $error->getMessage() );
282 if ( $conn !== false ) {
286 if ( $conn !== false ) {
287 return Status
::newGood( $conn );
293 protected function getInstallUserPermissions() {
294 $status = $this->getPgConnection( 'create-db' );
295 if ( !$status->isOK() ) {
299 * @var $conn Database
301 $conn = $status->value
;
302 $superuser = $this->getVar( '_InstallUser' );
304 $row = $conn->selectRow( '"pg_catalog"."pg_roles"', '*',
305 [ 'rolname' => $superuser ], __METHOD__
);
310 protected function canCreateAccounts() {
311 $perms = $this->getInstallUserPermissions();
316 return $perms->rolsuper
=== 't' ||
$perms->rolcreaterole
=== 't';
319 protected function isSuperUser() {
320 $perms = $this->getInstallUserPermissions();
325 return $perms->rolsuper
=== 't';
328 public function getSettingsForm() {
329 if ( $this->canCreateAccounts() ) {
330 $noCreateMsg = false;
332 $noCreateMsg = 'config-db-web-no-create-privs';
334 $s = $this->getWebUserBox( $noCreateMsg );
339 public function submitSettingsForm() {
340 $status = $this->submitWebUserBox();
341 if ( !$status->isOK() ) {
345 $same = $this->getVar( 'wgDBuser' ) === $this->getVar( '_InstallUser' );
350 // Check if the web user exists
351 // Connect to the database with the install user
352 $status = $this->getPgConnection( 'create-db' );
353 if ( !$status->isOK() ) {
356 $exists = $status->value
->roleExists( $this->getVar( 'wgDBuser' ) );
359 // Validate the create checkbox
360 if ( $this->canCreateAccounts() && !$same && !$exists ) {
361 $create = $this->getVar( '_CreateDBAccount' );
363 $this->setVar( '_CreateDBAccount', false );
367 if ( !$create && !$exists ) {
368 if ( $this->canCreateAccounts() ) {
369 $msg = 'config-install-user-missing-create';
371 $msg = 'config-install-user-missing';
374 return Status
::newFatal( $msg, $this->getVar( 'wgDBuser' ) );
378 // No more checks to do
379 return Status
::newGood();
382 // Existing web account. Test the connection.
383 $status = $this->openConnectionToAnyDB(
384 $this->getVar( 'wgDBuser' ),
385 $this->getVar( 'wgDBpassword' ) );
386 if ( !$status->isOK() ) {
390 // The web user is conventionally the table owner in PostgreSQL
391 // installations. Make sure the install user is able to create
392 // objects on behalf of the web user.
393 if ( $same ||
$this->canCreateObjectsForWebUser() ) {
394 return Status
::newGood();
396 return Status
::newFatal( 'config-pg-not-in-role' );
401 * Returns true if the install user is able to create objects owned
402 * by the web user, false otherwise.
405 protected function canCreateObjectsForWebUser() {
406 if ( $this->isSuperUser() ) {
410 $status = $this->getPgConnection( 'create-db' );
411 if ( !$status->isOK() ) {
414 $conn = $status->value
;
415 $installerId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
416 [ 'rolname' => $this->getVar( '_InstallUser' ) ], __METHOD__
);
417 $webId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
418 [ 'rolname' => $this->getVar( 'wgDBuser' ) ], __METHOD__
);
420 return $this->isRoleMember( $conn, $installerId, $webId, $this->maxRoleSearchDepth
);
424 * Recursive helper for canCreateObjectsForWebUser().
425 * @param Database $conn
426 * @param int $targetMember Role ID of the member to look for
427 * @param int $group Role ID of the group to look for
428 * @param int $maxDepth Maximum recursive search depth
431 protected function isRoleMember( $conn, $targetMember, $group, $maxDepth ) {
432 if ( $targetMember === $group ) {
433 // A role is always a member of itself
436 // Get all members of the given group
437 $res = $conn->select( '"pg_catalog"."pg_auth_members"', [ 'member' ],
438 [ 'roleid' => $group ], __METHOD__
);
439 foreach ( $res as $row ) {
440 if ( $row->member
== $targetMember ) {
441 // Found target member
444 // Recursively search each member of the group to see if the target
445 // is a member of it, up to the given maximum depth.
446 if ( $maxDepth > 0 ) {
447 if ( $this->isRoleMember( $conn, $targetMember, $row->member
, $maxDepth - 1 ) ) {
448 // Found member of member
457 public function preInstall() {
460 'callback' => [ $this, 'setupUser' ],
463 'name' => 'pg-commit',
464 'callback' => [ $this, 'commitChanges' ],
467 'name' => 'pg-plpgsql',
468 'callback' => [ $this, 'setupPLpgSQL' ],
472 'callback' => [ $this, 'setupSchema' ]
475 if ( $this->getVar( '_CreateDBAccount' ) ) {
476 $this->parent
->addInstallStep( $createDbAccount, 'database' );
478 $this->parent
->addInstallStep( $commitCB, 'interwiki' );
479 $this->parent
->addInstallStep( $plpgCB, 'database' );
480 $this->parent
->addInstallStep( $schemaCB, 'database' );
483 function setupDatabase() {
484 $status = $this->getPgConnection( 'create-db' );
485 if ( !$status->isOK() ) {
488 $conn = $status->value
;
490 $dbName = $this->getVar( 'wgDBname' );
492 $exists = $conn->selectField( '"pg_catalog"."pg_database"', '1',
493 [ 'datname' => $dbName ], __METHOD__
);
495 $safedb = $conn->addIdentifierQuotes( $dbName );
496 $conn->query( "CREATE DATABASE $safedb", __METHOD__
);
499 return Status
::newGood();
502 function setupSchema() {
503 // Get a connection to the target database
504 $status = $this->getPgConnection( 'create-schema' );
505 if ( !$status->isOK() ) {
508 $conn = $status->value
;
510 // Create the schema if necessary
511 $schema = $this->getVar( 'wgDBmwschema' );
512 $safeschema = $conn->addIdentifierQuotes( $schema );
513 $safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
514 if ( !$conn->schemaExists( $schema ) ) {
516 $conn->query( "CREATE SCHEMA $safeschema AUTHORIZATION $safeuser" );
517 } catch ( DBQueryError
$e ) {
518 return Status
::newFatal( 'config-install-pg-schema-failed',
519 $this->getVar( '_InstallUser' ), $schema );
523 // Select the new schema in the current connection
524 $conn->determineCoreSchema( $schema );
526 return Status
::newGood();
529 function commitChanges() {
530 $this->db
->commit( __METHOD__
);
532 return Status
::newGood();
535 function setupUser() {
536 if ( !$this->getVar( '_CreateDBAccount' ) ) {
537 return Status
::newGood();
540 $status = $this->getPgConnection( 'create-db' );
541 if ( !$status->isOK() ) {
544 $conn = $status->value
;
546 $safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
547 $safepass = $conn->addQuotes( $this->getVar( 'wgDBpassword' ) );
549 // Check if the user already exists
550 $userExists = $conn->roleExists( $this->getVar( 'wgDBuser' ) );
551 if ( !$userExists ) {
554 $sql = "CREATE ROLE $safeuser NOCREATEDB LOGIN PASSWORD $safepass";
556 // If the install user is not a superuser, we need to make the install
557 // user a member of the new user's group, so that the install user will
558 // be able to create a schema and other objects on behalf of the new user.
559 if ( !$this->isSuperUser() ) {
560 $sql .= ' ROLE' . $conn->addIdentifierQuotes( $this->getVar( '_InstallUser' ) );
563 $conn->query( $sql, __METHOD__
);
564 } catch ( DBQueryError
$e ) {
565 return Status
::newFatal( 'config-install-user-create-failed',
566 $this->getVar( 'wgDBuser' ), $e->getMessage() );
570 return Status
::newGood();
573 function getLocalSettings() {
574 $port = $this->getVar( 'wgDBport' );
575 $schema = $this->getVar( 'wgDBmwschema' );
577 return "# Postgres specific settings
578 \$wgDBport = \"{$port}\";
579 \$wgDBmwschema = \"{$schema}\";";
582 public function preUpgrade() {
583 global $wgDBuser, $wgDBpassword;
585 # Normal user and password are selected after this step, so for now
586 # just copy these two
587 $wgDBuser = $this->getVar( '_InstallUser' );
588 $wgDBpassword = $this->getVar( '_InstallPassword' );
591 public function createTables() {
592 $schema = $this->getVar( 'wgDBmwschema' );
594 $status = $this->getConnection();
595 if ( !$status->isOK() ) {
599 /** @var DatabasePostgres $conn */
600 $conn = $status->value
;
602 if ( $conn->tableExists( 'archive' ) ) {
603 $status->warning( 'config-install-tables-exist' );
609 $conn->begin( __METHOD__
);
611 if ( !$conn->schemaExists( $schema ) ) {
612 $status->fatal( 'config-install-pg-schema-not-exist' );
616 $error = $conn->sourceFile( $this->getSchemaPath( $conn ) );
617 if ( $error !== true ) {
618 $conn->reportQueryError( $error, 0, '', __METHOD__
);
619 $conn->rollback( __METHOD__
);
620 $status->fatal( 'config-install-tables-failed', $error );
622 $conn->commit( __METHOD__
);
624 // Resume normal operations
625 if ( $status->isOK() ) {
632 public function getGlobalDefaults() {
633 // The default $wgDBmwschema is null, which breaks Postgres and other DBMSes that require
634 // the use of a schema, so we need to set it here
635 return array_merge( parent
::getGlobalDefaults(), [
636 'wgDBmwschema' => 'mediawiki',
640 public function setupPLpgSQL() {
641 // Connect as the install user, since it owns the database and so is
642 // the user that needs to run "CREATE LANGUAGE"
643 $status = $this->getPgConnection( 'create-schema' );
644 if ( !$status->isOK() ) {
648 * @var $conn Database
650 $conn = $status->value
;
652 $exists = $conn->selectField( '"pg_catalog"."pg_language"', 1,
653 [ 'lanname' => 'plpgsql' ], __METHOD__
);
655 // Already exists, nothing to do
656 return Status
::newGood();
659 // plpgsql is not installed, but if we have a pg_pltemplate table, we
660 // should be able to create it
661 $exists = $conn->selectField(
662 [ '"pg_catalog"."pg_class"', '"pg_catalog"."pg_namespace"' ],
665 'pg_namespace.oid=relnamespace',
666 'nspname' => 'pg_catalog',
667 'relname' => 'pg_pltemplate',
672 $conn->query( 'CREATE LANGUAGE plpgsql' );
673 } catch ( DBQueryError
$e ) {
674 return Status
::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
677 return Status
::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
680 return Status
::newGood();