3 * PostgreSQL-specific installer.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
24 use Wikimedia\Rdbms\Database
;
27 * Class for setting up the MediaWiki database using Postgres.
32 class PostgresInstaller
extends DatabaseInstaller
{
34 protected $globalNames = [
43 protected $internalDefaults = [
44 '_InstallUser' => 'postgres',
47 public $minimumVersion = '8.3';
48 public $maxRoleSearchDepth = 5;
50 protected $pgConns = [];
56 public function isCompiled() {
57 return self
::checkExtension( 'pgsql' );
60 function getConnectForm() {
61 return $this->getTextBox(
65 $this->parent
->getHelpBox( 'config-db-host-help' )
67 $this->getTextBox( 'wgDBport', 'config-db-port' ) .
68 Html
::openElement( 'fieldset' ) .
69 Html
::element( 'legend', [], wfMessage( 'config-db-wiki-settings' )->text() ) .
74 $this->parent
->getHelpBox( 'config-db-name-help' )
80 $this->parent
->getHelpBox( 'config-db-schema-help' )
82 Html
::closeElement( 'fieldset' ) .
83 $this->getInstallUserBox();
86 function submitConnectForm() {
87 // Get variables from the request
88 $newValues = $this->setVarsFromRequest( [
96 $status = Status
::newGood();
97 if ( !strlen( $newValues['wgDBname'] ) ) {
98 $status->fatal( 'config-missing-db-name' );
99 } elseif ( !preg_match( '/^[a-zA-Z0-9_]+$/', $newValues['wgDBname'] ) ) {
100 $status->fatal( 'config-invalid-db-name', $newValues['wgDBname'] );
102 if ( !preg_match( '/^[a-zA-Z0-9_]*$/', $newValues['wgDBmwschema'] ) ) {
103 $status->fatal( 'config-invalid-schema', $newValues['wgDBmwschema'] );
107 if ( $status->isOK() ) {
108 $status->merge( $this->submitInstallUserBox() );
110 if ( !$status->isOK() ) {
114 $status = $this->getPgConnection( 'create-db' );
115 if ( !$status->isOK() ) {
119 * @var $conn Database
121 $conn = $status->value
;
124 $version = $conn->getServerVersion();
125 if ( version_compare( $version, $this->minimumVersion
) < 0 ) {
126 return Status
::newFatal( 'config-postgres-old', $this->minimumVersion
, $version );
129 $this->setVar( 'wgDBuser', $this->getVar( '_InstallUser' ) );
130 $this->setVar( 'wgDBpassword', $this->getVar( '_InstallPassword' ) );
132 return Status
::newGood();
135 public function getConnection() {
136 $status = $this->getPgConnection( 'create-tables' );
137 if ( $status->isOK() ) {
138 $this->db
= $status->value
;
144 public function openConnection() {
145 return $this->openPgConnection( 'create-tables' );
149 * Open a PG connection with given parameters
150 * @param string $user User name
151 * @param string $password Password
152 * @param string $dbName Database name
153 * @param string $schema Database schema
156 protected function openConnectionWithParams( $user, $password, $dbName, $schema ) {
157 $status = Status
::newGood();
159 $db = Database
::factory( 'postgres', [
160 'host' => $this->getVar( 'wgDBserver' ),
161 'port' => $this->getVar( 'wgDBport' ),
163 'password' => $password,
166 'keywordTableMap' => [ 'user' => 'mwuser', 'text' => 'pagecontent' ],
168 $status->value
= $db;
169 } catch ( DBConnectionError
$e ) {
170 $status->fatal( 'config-connection-error', $e->getMessage() );
177 * Get a special type of connection
178 * @param string $type See openPgConnection() for details.
181 protected function getPgConnection( $type ) {
182 if ( isset( $this->pgConns
[$type] ) ) {
183 return Status
::newGood( $this->pgConns
[$type] );
185 $status = $this->openPgConnection( $type );
187 if ( $status->isOK() ) {
189 * @var $conn Database
191 $conn = $status->value
;
192 $conn->clearFlag( DBO_TRX
);
193 $conn->commit( __METHOD__
);
194 $this->pgConns
[$type] = $conn;
201 * Get a connection of a specific PostgreSQL-specific type. Connections
202 * of a given type are cached.
204 * PostgreSQL lacks cross-database operations, so after the new database is
205 * created, you need to make a separate connection to connect to that
206 * database and add tables to it.
208 * New tables are owned by the user that creates them, and MediaWiki's
209 * PostgreSQL support has always assumed that the table owner will be
210 * $wgDBuser. So before we create new tables, we either need to either
211 * connect as the other user or to execute a SET ROLE command. Using a
212 * separate connection for this allows us to avoid accidental cross-module
215 * @param string $type The type of connection to get:
216 * - create-db: A connection for creating DBs, suitable for pre-
218 * - create-schema: A connection to the new DB, for creating schemas and
219 * other similar objects in the new DB.
220 * - create-tables: A connection with a role suitable for creating tables.
222 * @throws MWException
223 * @return Status On success, a connection object will be in the value member.
225 protected function openPgConnection( $type ) {
228 return $this->openConnectionToAnyDB(
229 $this->getVar( '_InstallUser' ),
230 $this->getVar( '_InstallPassword' ) );
231 case 'create-schema':
232 return $this->openConnectionWithParams(
233 $this->getVar( '_InstallUser' ),
234 $this->getVar( '_InstallPassword' ),
235 $this->getVar( 'wgDBname' ),
236 $this->getVar( 'wgDBmwschema' ) );
237 case 'create-tables':
238 $status = $this->openPgConnection( 'create-schema' );
239 if ( $status->isOK() ) {
241 * @var $conn Database
243 $conn = $status->value
;
244 $safeRole = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
245 $conn->query( "SET ROLE $safeRole" );
250 throw new MWException( "Invalid special connection type: \"$type\"" );
254 public function openConnectionToAnyDB( $user, $password ) {
259 if ( !in_array( $this->getVar( 'wgDBname' ), $dbs ) ) {
260 array_unshift( $dbs, $this->getVar( 'wgDBname' ) );
263 $status = Status
::newGood();
264 foreach ( $dbs as $db ) {
267 'host' => $this->getVar( 'wgDBserver' ),
269 'password' => $password,
272 $conn = Database
::factory( 'postgres', $p );
273 } catch ( DBConnectionError
$error ) {
275 $status->fatal( 'config-pg-test-error', $db,
276 $error->getMessage() );
278 if ( $conn !== false ) {
282 if ( $conn !== false ) {
283 return Status
::newGood( $conn );
289 protected function getInstallUserPermissions() {
290 $status = $this->getPgConnection( 'create-db' );
291 if ( !$status->isOK() ) {
295 * @var $conn Database
297 $conn = $status->value
;
298 $superuser = $this->getVar( '_InstallUser' );
300 $row = $conn->selectRow( '"pg_catalog"."pg_roles"', '*',
301 [ 'rolname' => $superuser ], __METHOD__
);
306 protected function canCreateAccounts() {
307 $perms = $this->getInstallUserPermissions();
312 return $perms->rolsuper
=== 't' ||
$perms->rolcreaterole
=== 't';
315 protected function isSuperUser() {
316 $perms = $this->getInstallUserPermissions();
321 return $perms->rolsuper
=== 't';
324 public function getSettingsForm() {
325 if ( $this->canCreateAccounts() ) {
326 $noCreateMsg = false;
328 $noCreateMsg = 'config-db-web-no-create-privs';
330 $s = $this->getWebUserBox( $noCreateMsg );
335 public function submitSettingsForm() {
336 $status = $this->submitWebUserBox();
337 if ( !$status->isOK() ) {
341 $same = $this->getVar( 'wgDBuser' ) === $this->getVar( '_InstallUser' );
346 // Check if the web user exists
347 // Connect to the database with the install user
348 $status = $this->getPgConnection( 'create-db' );
349 if ( !$status->isOK() ) {
352 $exists = $status->value
->roleExists( $this->getVar( 'wgDBuser' ) );
355 // Validate the create checkbox
356 if ( $this->canCreateAccounts() && !$same && !$exists ) {
357 $create = $this->getVar( '_CreateDBAccount' );
359 $this->setVar( '_CreateDBAccount', false );
363 if ( !$create && !$exists ) {
364 if ( $this->canCreateAccounts() ) {
365 $msg = 'config-install-user-missing-create';
367 $msg = 'config-install-user-missing';
370 return Status
::newFatal( $msg, $this->getVar( 'wgDBuser' ) );
374 // No more checks to do
375 return Status
::newGood();
378 // Existing web account. Test the connection.
379 $status = $this->openConnectionToAnyDB(
380 $this->getVar( 'wgDBuser' ),
381 $this->getVar( 'wgDBpassword' ) );
382 if ( !$status->isOK() ) {
386 // The web user is conventionally the table owner in PostgreSQL
387 // installations. Make sure the install user is able to create
388 // objects on behalf of the web user.
389 if ( $same ||
$this->canCreateObjectsForWebUser() ) {
390 return Status
::newGood();
392 return Status
::newFatal( 'config-pg-not-in-role' );
397 * Returns true if the install user is able to create objects owned
398 * by the web user, false otherwise.
401 protected function canCreateObjectsForWebUser() {
402 if ( $this->isSuperUser() ) {
406 $status = $this->getPgConnection( 'create-db' );
407 if ( !$status->isOK() ) {
410 $conn = $status->value
;
411 $installerId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
412 [ 'rolname' => $this->getVar( '_InstallUser' ) ], __METHOD__
);
413 $webId = $conn->selectField( '"pg_catalog"."pg_roles"', 'oid',
414 [ 'rolname' => $this->getVar( 'wgDBuser' ) ], __METHOD__
);
416 return $this->isRoleMember( $conn, $installerId, $webId, $this->maxRoleSearchDepth
);
420 * Recursive helper for canCreateObjectsForWebUser().
421 * @param Database $conn
422 * @param int $targetMember Role ID of the member to look for
423 * @param int $group Role ID of the group to look for
424 * @param int $maxDepth Maximum recursive search depth
427 protected function isRoleMember( $conn, $targetMember, $group, $maxDepth ) {
428 if ( $targetMember === $group ) {
429 // A role is always a member of itself
432 // Get all members of the given group
433 $res = $conn->select( '"pg_catalog"."pg_auth_members"', [ 'member' ],
434 [ 'roleid' => $group ], __METHOD__
);
435 foreach ( $res as $row ) {
436 if ( $row->member
== $targetMember ) {
437 // Found target member
440 // Recursively search each member of the group to see if the target
441 // is a member of it, up to the given maximum depth.
442 if ( $maxDepth > 0 ) {
443 if ( $this->isRoleMember( $conn, $targetMember, $row->member
, $maxDepth - 1 ) ) {
444 // Found member of member
453 public function preInstall() {
456 'callback' => [ $this, 'setupUser' ],
459 'name' => 'pg-commit',
460 'callback' => [ $this, 'commitChanges' ],
463 'name' => 'pg-plpgsql',
464 'callback' => [ $this, 'setupPLpgSQL' ],
468 'callback' => [ $this, 'setupSchema' ]
471 if ( $this->getVar( '_CreateDBAccount' ) ) {
472 $this->parent
->addInstallStep( $createDbAccount, 'database' );
474 $this->parent
->addInstallStep( $commitCB, 'interwiki' );
475 $this->parent
->addInstallStep( $plpgCB, 'database' );
476 $this->parent
->addInstallStep( $schemaCB, 'database' );
479 function setupDatabase() {
480 $status = $this->getPgConnection( 'create-db' );
481 if ( !$status->isOK() ) {
484 $conn = $status->value
;
486 $dbName = $this->getVar( 'wgDBname' );
488 $exists = $conn->selectField( '"pg_catalog"."pg_database"', '1',
489 [ 'datname' => $dbName ], __METHOD__
);
491 $safedb = $conn->addIdentifierQuotes( $dbName );
492 $conn->query( "CREATE DATABASE $safedb", __METHOD__
);
495 return Status
::newGood();
498 function setupSchema() {
499 // Get a connection to the target database
500 $status = $this->getPgConnection( 'create-schema' );
501 if ( !$status->isOK() ) {
504 $conn = $status->value
;
506 // Create the schema if necessary
507 $schema = $this->getVar( 'wgDBmwschema' );
508 $safeschema = $conn->addIdentifierQuotes( $schema );
509 $safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
510 if ( !$conn->schemaExists( $schema ) ) {
512 $conn->query( "CREATE SCHEMA $safeschema AUTHORIZATION $safeuser" );
513 } catch ( DBQueryError
$e ) {
514 return Status
::newFatal( 'config-install-pg-schema-failed',
515 $this->getVar( '_InstallUser' ), $schema );
519 // Select the new schema in the current connection
520 $conn->determineCoreSchema( $schema );
522 return Status
::newGood();
525 function commitChanges() {
526 $this->db
->commit( __METHOD__
);
528 return Status
::newGood();
531 function setupUser() {
532 if ( !$this->getVar( '_CreateDBAccount' ) ) {
533 return Status
::newGood();
536 $status = $this->getPgConnection( 'create-db' );
537 if ( !$status->isOK() ) {
540 $conn = $status->value
;
542 $safeuser = $conn->addIdentifierQuotes( $this->getVar( 'wgDBuser' ) );
543 $safepass = $conn->addQuotes( $this->getVar( 'wgDBpassword' ) );
545 // Check if the user already exists
546 $userExists = $conn->roleExists( $this->getVar( 'wgDBuser' ) );
547 if ( !$userExists ) {
550 $sql = "CREATE ROLE $safeuser NOCREATEDB LOGIN PASSWORD $safepass";
552 // If the install user is not a superuser, we need to make the install
553 // user a member of the new user's group, so that the install user will
554 // be able to create a schema and other objects on behalf of the new user.
555 if ( !$this->isSuperUser() ) {
556 $sql .= ' ROLE' . $conn->addIdentifierQuotes( $this->getVar( '_InstallUser' ) );
559 $conn->query( $sql, __METHOD__
);
560 } catch ( DBQueryError
$e ) {
561 return Status
::newFatal( 'config-install-user-create-failed',
562 $this->getVar( 'wgDBuser' ), $e->getMessage() );
566 return Status
::newGood();
569 function getLocalSettings() {
570 $port = $this->getVar( 'wgDBport' );
571 $schema = $this->getVar( 'wgDBmwschema' );
573 return "# Postgres specific settings
574 \$wgDBport = \"{$port}\";
575 \$wgDBmwschema = \"{$schema}\";";
578 public function preUpgrade() {
579 global $wgDBuser, $wgDBpassword;
581 # Normal user and password are selected after this step, so for now
582 # just copy these two
583 $wgDBuser = $this->getVar( '_InstallUser' );
584 $wgDBpassword = $this->getVar( '_InstallPassword' );
587 public function createTables() {
588 $schema = $this->getVar( 'wgDBmwschema' );
590 $status = $this->getConnection();
591 if ( !$status->isOK() ) {
595 /** @var $conn DatabasePostgres */
596 $conn = $status->value
;
598 if ( $conn->tableExists( 'archive' ) ) {
599 $status->warning( 'config-install-tables-exist' );
605 $conn->begin( __METHOD__
);
607 if ( !$conn->schemaExists( $schema ) ) {
608 $status->fatal( 'config-install-pg-schema-not-exist' );
612 $error = $conn->sourceFile( $this->getSchemaPath( $conn ) );
613 if ( $error !== true ) {
614 $conn->reportQueryError( $error, 0, '', __METHOD__
);
615 $conn->rollback( __METHOD__
);
616 $status->fatal( 'config-install-tables-failed', $error );
618 $conn->commit( __METHOD__
);
620 // Resume normal operations
621 if ( $status->isOK() ) {
628 public function getGlobalDefaults() {
629 // The default $wgDBmwschema is null, which breaks Postgres and other DBMSes that require
630 // the use of a schema, so we need to set it here
631 return array_merge( parent
::getGlobalDefaults(), [
632 'wgDBmwschema' => 'mediawiki',
636 public function setupPLpgSQL() {
637 // Connect as the install user, since it owns the database and so is
638 // the user that needs to run "CREATE LANGAUGE"
639 $status = $this->getPgConnection( 'create-schema' );
640 if ( !$status->isOK() ) {
644 * @var $conn Database
646 $conn = $status->value
;
648 $exists = $conn->selectField( '"pg_catalog"."pg_language"', 1,
649 [ 'lanname' => 'plpgsql' ], __METHOD__
);
651 // Already exists, nothing to do
652 return Status
::newGood();
655 // plpgsql is not installed, but if we have a pg_pltemplate table, we
656 // should be able to create it
657 $exists = $conn->selectField(
658 [ '"pg_catalog"."pg_class"', '"pg_catalog"."pg_namespace"' ],
661 'pg_namespace.oid=relnamespace',
662 'nspname' => 'pg_catalog',
663 'relname' => 'pg_pltemplate',
668 $conn->query( 'CREATE LANGUAGE plpgsql' );
669 } catch ( DBQueryError
$e ) {
670 return Status
::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
673 return Status
::newFatal( 'config-pg-no-plpgsql', $this->getVar( 'wgDBname' ) );
676 return Status
::newGood();