commit | author | age
|
bd68aa
|
1 |
<?php |
MC |
2 |
|
|
3 |
/* |
|
4 |
Copyright (c) 2007, Till Brehm, projektfarm Gmbh |
|
5 |
All rights reserved. |
|
6 |
|
|
7 |
Redistribution and use in source and binary forms, with or without modification, |
|
8 |
are permitted provided that the following conditions are met: |
|
9 |
|
|
10 |
* Redistributions of source code must retain the above copyright notice, |
|
11 |
this list of conditions and the following disclaimer. |
|
12 |
* Redistributions in binary form must reproduce the above copyright notice, |
|
13 |
this list of conditions and the following disclaimer in the documentation |
|
14 |
and/or other materials provided with the distribution. |
|
15 |
* Neither the name of ISPConfig nor the names of its contributors |
|
16 |
may be used to endorse or promote products derived from this software without |
|
17 |
specific prior written permission. |
|
18 |
|
|
19 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND |
|
20 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
21 |
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
22 |
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
|
23 |
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
24 |
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
25 |
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
|
26 |
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
|
27 |
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
|
28 |
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
29 |
*/ |
|
30 |
|
|
31 |
/** |
|
32 |
* The MongoDB client plugin is used by ISPConfig to control the management of MongoDB. |
|
33 |
* If handles everything from creating DBs/Users, update them or delete them. |
|
34 |
*/ |
b1a6a5
|
35 |
|
MC |
36 |
|
bd68aa
|
37 |
class mongo_clientdb_plugin { |
MC |
38 |
|
|
39 |
/** |
|
40 |
* ISPConfig internal identifiers. |
|
41 |
*/ |
|
42 |
var $plugin_name = 'mongo_clientdb_plugin'; |
|
43 |
var $class_name = 'mongo_clientdb_plugin'; |
|
44 |
|
|
45 |
|
|
46 |
/** |
|
47 |
* This function is called during ISPConfig installation. |
|
48 |
* It determines if a symlink shall be created for this plugin. |
|
49 |
* |
|
50 |
* @return bool true if symlink should be created |
|
51 |
*/ |
|
52 |
function onInstall() { |
|
53 |
global $conf; |
fa9c29
|
54 |
|
TB |
55 |
if($conf['services']['db'] == true && class_exists('MongoClient')) { |
|
56 |
return true; |
|
57 |
} else { |
|
58 |
return false; |
|
59 |
} |
bd68aa
|
60 |
} |
MC |
61 |
|
b1a6a5
|
62 |
|
bd68aa
|
63 |
/** |
MC |
64 |
* This function is called when the plugin is loaded. |
|
65 |
* Each plugin/module needs to register itself to ISPConfig events from which |
|
66 |
* it want to receive changes/get notified. |
|
67 |
* |
|
68 |
* Since this is a MongoDB plugin we are interested in DB changes and everything related |
|
69 |
* to it, like users. |
|
70 |
*/ |
|
71 |
function onLoad() { |
|
72 |
global $app; |
|
73 |
|
|
74 |
//* Databases |
b1a6a5
|
75 |
$app->plugins->registerEvent('database_insert', $this->plugin_name, 'db_insert'); |
MC |
76 |
$app->plugins->registerEvent('database_update', $this->plugin_name, 'db_update'); |
|
77 |
$app->plugins->registerEvent('database_delete', $this->plugin_name, 'db_delete'); |
bd68aa
|
78 |
|
MC |
79 |
//* Database users |
b1a6a5
|
80 |
$app->plugins->registerEvent('database_user_insert', $this->plugin_name, 'db_user_insert'); |
MC |
81 |
$app->plugins->registerEvent('database_user_update', $this->plugin_name, 'db_user_update'); |
|
82 |
$app->plugins->registerEvent('database_user_delete', $this->plugin_name, 'db_user_delete'); |
bd68aa
|
83 |
} |
MC |
84 |
|
|
85 |
|
|
86 |
/** |
|
87 |
* MongoDB |
|
88 |
* ------------------------------------------------------------------------ |
|
89 |
* The following needs to be done before using this plugin: |
|
90 |
* - 1. install MongoDB server from 10gen sources (or another one with >= 2.4) |
|
91 |
* - 2. install php5-dev package (apt-get install php5-dev) |
|
92 |
* - 3. install mongo PECL extension (pecl install mongo) |
|
93 |
* - 4. enable mongo (echo "extension=mongo.so" > /etc/php5/mods-available/mongo.ini && php5enmod mongo) |
|
94 |
* - 5. create administrative user manager in Mongo (mongo -> use admin -> db.addUser({user: "root", pwd: "123456", roles: [ "userAdminAnyDatabase", "readWriteAnyDatabase", "dbAdminAnyDatabase", "clusterAdmin" ]})) |
|
95 |
* - 6. enable auth for Mongo (nano /etc/mongodb.conf -> auth = true) |
|
96 |
* - 7. restart MongoDB (service mongodb restart) |
|
97 |
* |
|
98 |
* Unlike MySQL, MongoDB manages users per database. |
|
99 |
* Therefor we cannot use one user for multiple databases. Instead, we have to add him each time via the admin user. |
|
100 |
*/ |
|
101 |
|
|
102 |
/** |
|
103 |
* Stores the MongoDB connection. |
|
104 |
* @var object |
|
105 |
*/ |
|
106 |
private $_connection = null; |
|
107 |
|
|
108 |
/** |
|
109 |
* Stores the MongoDB admin user. |
|
110 |
* @var string |
|
111 |
*/ |
|
112 |
const USER = "root"; |
|
113 |
|
|
114 |
/** |
|
115 |
* Stores the MongoDB admin password. |
|
116 |
* @var string |
|
117 |
*/ |
|
118 |
const PW = "123456"; |
|
119 |
|
|
120 |
/** |
|
121 |
* Stores the MongoDB host address. |
|
122 |
* @var string |
|
123 |
*/ |
|
124 |
const HOST = "127.0.0.1"; |
|
125 |
|
|
126 |
/** |
|
127 |
* Stores the MongoDB port. |
|
128 |
* @var int |
|
129 |
*/ |
|
130 |
const PORT = 27017; |
|
131 |
|
|
132 |
/** |
|
133 |
* Adds the user to given database. |
|
134 |
* If no connection exists, the user already exists or the database doesn't exist, |
|
135 |
* null is returned. |
|
136 |
* |
|
137 |
* @param string $db the database to use |
|
138 |
* @param array $user the user to add |
|
139 |
* @return bool true if user added |
|
140 |
*/ |
|
141 |
private function addUser($db, $user) { |
|
142 |
if ($this->isConnected() && !$this->userExists($db, $user)) { |
|
143 |
$roles = ""; |
|
144 |
|
|
145 |
foreach ($user['roles'] as $index => $role) { |
|
146 |
$roles .= "\"".$role."\""; |
|
147 |
|
|
148 |
if ($index !== count($user['roles']) - 1) { |
|
149 |
$roles .= ", "; |
|
150 |
} |
|
151 |
} |
|
152 |
|
|
153 |
return $this->exec($db, "db.system.users.insert({ user: \"".$user['username']."\", pwd: \"".$user['password']."\", roles: [ ".$roles." ] })"); |
|
154 |
//return $this->exec($db, "db.addUser({ user: \"".$user['username']."\", pwd: \"".$user['password']."\", roles: [ ".$roles." ] })"); |
|
155 |
} |
|
156 |
|
|
157 |
return null; |
|
158 |
} |
|
159 |
|
|
160 |
/** |
|
161 |
* Changes the users password in given DB. |
|
162 |
* If no connection exists, the user doesn't exist or the DB doesn't exist, |
|
163 |
* null is returned. |
|
164 |
* |
|
165 |
* @param string $db the database name |
|
166 |
* @param string $user the user to change |
|
167 |
* @param string $password the new password |
|
168 |
* @return bool true if password changes |
|
169 |
*/ |
|
170 |
private function changePassword($db, $user, $password) { |
|
171 |
if ($this->isConnected() && $this->dbExists($db) && $this->userExists($db, $user)) { |
|
172 |
$old_user = $this->getUser($db, $user); |
|
173 |
|
|
174 |
if ($this->dropUser($user, $db)) { |
|
175 |
return $this->addUser($db, array( |
b1a6a5
|
176 |
'username' => $user, |
MC |
177 |
'password' => $password, |
|
178 |
'roles' => $old_user['roles'] |
|
179 |
)); |
bd68aa
|
180 |
} |
MC |
181 |
|
|
182 |
return false; |
|
183 |
} |
|
184 |
|
|
185 |
return null; |
|
186 |
} |
|
187 |
|
|
188 |
/** |
|
189 |
* Connects to the server and authentificates. |
|
190 |
* If the authentificaten goes wrong or another error encounters, |
|
191 |
* false is returned. |
|
192 |
* If we already have an open connection we try to disconnect and connect again. |
|
193 |
* If this fails, false is returned. |
|
194 |
* |
|
195 |
* @return object $connection the MongoDB connection |
|
196 |
*/ |
|
197 |
private function connect() { |
|
198 |
try { |
|
199 |
if ($this->isConnected() && !$this->disconnect()) { |
|
200 |
return false; |
|
201 |
} |
|
202 |
|
|
203 |
$this->_connection = new MongoClient("mongodb://".self::USER.":".self::PW."@".self::HOST.":".self::PORT."/admin"); |
|
204 |
|
|
205 |
return $this->_connection; |
|
206 |
} catch (MongoConnnectionException $e) { |
|
207 |
$app->log('Unable to connect to MongoDB: '.$e, LOGLEVEL_ERROR); |
|
208 |
$this->_connection = null; |
|
209 |
|
|
210 |
return false; |
|
211 |
} |
|
212 |
} |
|
213 |
|
|
214 |
/** |
|
215 |
* Checks if the database exists. |
|
216 |
* If no connection exists, |
|
217 |
* null is returned. |
|
218 |
* |
|
219 |
* @param string $db the database name |
|
220 |
* @return bool true if exists |
|
221 |
*/ |
|
222 |
private function dbExists($db) { |
|
223 |
if ($this->isConnected()) { |
|
224 |
return in_array($db, $this->getDBs()); |
|
225 |
} |
|
226 |
|
|
227 |
return null; |
|
228 |
} |
|
229 |
|
|
230 |
/** |
|
231 |
* Closes the MongoDB connection. |
|
232 |
* If no connection exists and nothing is done, |
|
233 |
* null is returned. |
|
234 |
* |
|
235 |
* @return bool true if closed |
|
236 |
*/ |
|
237 |
private function disconnect() { |
|
238 |
if ($this->isConnected()) { |
|
239 |
$status = $this->_connection->close(); |
|
240 |
|
|
241 |
if ($status) { |
|
242 |
$this->_connection = null; |
|
243 |
} |
|
244 |
|
|
245 |
return $status; |
|
246 |
} |
|
247 |
|
|
248 |
return null; |
|
249 |
} |
|
250 |
|
|
251 |
/** |
|
252 |
* Drops the given database. |
|
253 |
* If no connection exists or the database doesn't exist, |
|
254 |
* null is returned. |
|
255 |
* |
|
256 |
* @param string $db the database's to drop name |
|
257 |
*/ |
|
258 |
private function dropDB($db) { |
|
259 |
if ($this->isConnected() && $this->dbExists($db)) { |
|
260 |
return (bool) $this->_connection->dropDB($db)['ok']; |
|
261 |
} |
|
262 |
|
|
263 |
return null; |
|
264 |
} |
|
265 |
|
|
266 |
/** |
|
267 |
* Drops the given user from database. |
|
268 |
* If no DB is defined, the user is dropped from all databases. |
|
269 |
* If there's an error when dropping the user from all DBs, an array containing the |
|
270 |
* names of the failed DBs is returned. |
|
271 |
* If no connection exists, the database doesn't exist or the user is not in DB, |
|
272 |
* null is returned. |
|
273 |
* |
|
274 |
* @param string $user the user to drop |
|
275 |
* @param string $db the database name |
|
276 |
* @return bool true if dropped |
|
277 |
*/ |
|
278 |
private function dropUser($user, $db = null) { |
|
279 |
if ($this->isConnected()) { |
|
280 |
if ($db !== null && $this->dbExists($db) && $this->userExists($db, $user)) { |
|
281 |
return $this->exec($db, "db.removeUser(\"".$user."\")"); |
|
282 |
} else { |
|
283 |
$dbs = $this->getDBs(); |
|
284 |
|
|
285 |
if ((bool) $dbs) { |
|
286 |
$failures = array(); |
|
287 |
|
|
288 |
foreach ($dbs as $db) { |
|
289 |
$exists = $this->userExists($db, $user); |
|
290 |
|
|
291 |
if ($exists) { |
|
292 |
if (!$this->dropUser($user, $db)) { |
|
293 |
$failures[] = $db; |
|
294 |
} |
|
295 |
} |
|
296 |
} |
|
297 |
} |
|
298 |
|
|
299 |
return (bool) $failures ? $failures : true; |
|
300 |
} |
|
301 |
} |
|
302 |
|
|
303 |
return null; |
|
304 |
} |
|
305 |
|
|
306 |
/** |
|
307 |
* Executed the command on the MongoDB server. |
|
308 |
* If no connection exists and thus nothing can be done, |
|
309 |
* null is returned. |
|
310 |
* |
|
311 |
* @param string $db the database to query |
|
312 |
* @param string $query the command to execute |
|
313 |
* @return array the result of the query |
|
314 |
*/ |
|
315 |
private function exec($db, $query) { |
|
316 |
if ($this->isConnected()) { |
|
317 |
$db = $this->selectDB($db); |
|
318 |
$result = $db->execute($query); |
|
319 |
|
|
320 |
if ((bool) $result['ok']) { |
|
321 |
return $result; |
|
322 |
} |
|
323 |
|
|
324 |
return false; |
|
325 |
} |
|
326 |
|
|
327 |
return null; |
|
328 |
} |
|
329 |
|
|
330 |
/** |
|
331 |
* Checks if the connection exists. |
|
332 |
* |
|
333 |
* @return true if connected |
|
334 |
*/ |
|
335 |
private function isConnected() { |
|
336 |
return $this->_connection !== null; |
|
337 |
} |
|
338 |
|
|
339 |
/** |
|
340 |
* Generates a MongoDB compatible password. |
|
341 |
* |
|
342 |
* @param string $user the username |
|
343 |
* @param string $password the user password |
|
344 |
* @return string the MD5 string |
|
345 |
*/ |
|
346 |
private function generatePassword($user, $password) { |
|
347 |
return md5($user.":mongo:".$password); |
|
348 |
} |
|
349 |
|
|
350 |
/** |
|
351 |
* Returns the databases found on connection. |
|
352 |
* If no connection exists and therefor no DBs can be found, |
|
353 |
* null is returned. |
|
354 |
* |
|
355 |
* @return array $names the databases's name |
|
356 |
*/ |
|
357 |
private function getDBs() { |
|
358 |
if ($this->isConnected()) { |
|
359 |
$dbs = $this->_connection->listDBs(); |
|
360 |
|
|
361 |
if ((bool) $dbs && isset($dbs['databases'])) { |
|
362 |
$names = array(); |
|
363 |
|
|
364 |
foreach ($dbs['databases'] as $db) { |
|
365 |
$names[] = $db['name']; |
|
366 |
} |
|
367 |
|
|
368 |
return $names; |
|
369 |
} |
|
370 |
} |
|
371 |
|
|
372 |
return null; |
|
373 |
} |
|
374 |
|
|
375 |
/** |
|
376 |
* Returns the user entry for given database. |
|
377 |
* If no connection exists, the database doesn't exist or the user doesn't exist |
|
378 |
* null is returned. |
|
379 |
* |
|
380 |
* @param string $db the database name |
|
381 |
* @param string $user the user to return |
|
382 |
* @return array $user the user in DB |
|
383 |
*/ |
|
384 |
private function getUser($db, $user) { |
|
385 |
if ($this->isConnected() && $this->dbExists($db) && $this->userExists($db, $user)) { |
|
386 |
$result = $this->selectDB($db)->selectCollection("system.users")->find(array( 'user' => $user )); |
|
387 |
|
|
388 |
// ugly fix to return user |
|
389 |
foreach ($result as $user) { |
|
390 |
return $user; |
|
391 |
} |
|
392 |
} |
|
393 |
|
|
394 |
return null; |
|
395 |
} |
|
396 |
|
|
397 |
/** |
|
398 |
* Returns the users for given database. |
|
399 |
* If no connection exists or the database doesn't exist, |
|
400 |
* null is returned. |
|
401 |
* |
|
402 |
* @param string $db the database name |
|
403 |
* @return array $users the users in DB |
|
404 |
*/ |
|
405 |
private function getUsers($db) { |
|
406 |
if ($this->isConnected() && $this->dbExists($db)) { |
|
407 |
$result = $this->selectDB($db)->selectCollection("system.users")->find(); |
|
408 |
|
|
409 |
$users = array(); |
|
410 |
|
|
411 |
foreach ($result as $record) { |
|
412 |
$users[] = $record['user']; |
|
413 |
} |
|
414 |
|
|
415 |
return $users; |
|
416 |
} |
|
417 |
|
|
418 |
return null; |
|
419 |
} |
|
420 |
|
|
421 |
/** |
|
422 |
* Checks if the given user exists in given database. |
|
423 |
* If no connection exists or the given database doesn't exist |
|
424 |
* null is returned. |
|
425 |
* |
|
426 |
* @param string $db the database name |
|
427 |
* @param string $user the user to check |
|
428 |
* @return bool true if user exists |
|
429 |
*/ |
|
430 |
private function userExists($db, $user) { |
|
431 |
if ($this->isConnected() && $this->dbExists($db)) { |
|
432 |
$users = $this->getUsers($db); |
|
433 |
|
|
434 |
return in_array($user, $users); |
|
435 |
} |
|
436 |
|
|
437 |
return null; |
|
438 |
} |
|
439 |
|
|
440 |
/** |
|
441 |
* Renames the MongoDB database to provided name. |
|
442 |
* If no connection exists, the source DB doesn't exist or the target DB already exists, |
|
443 |
* null is returned. |
|
444 |
* |
|
445 |
* @param string $old_name the old database name |
|
446 |
* @param string $new_name the new database name |
|
447 |
* @return bool true if renamed |
|
448 |
*/ |
|
449 |
private function renameDB($old_name, $new_name) { |
|
450 |
if ($this->isConnected() && $this->dbExists($old_name) && !$this->dbExists($new_name)) { |
|
451 |
if ($this->exec($old_name, "db.copyDatabase(\"".$old_name."\", \"".$new_name."\", \"".self::HOST."\", \"".self::USER."\", \"".self::PW."\")")) { |
|
452 |
$this->dropDB($old_name); |
|
453 |
|
|
454 |
return true; |
|
455 |
} |
|
456 |
|
|
457 |
return false; |
|
458 |
} |
|
459 |
|
|
460 |
return null; |
|
461 |
} |
|
462 |
|
|
463 |
/** |
|
464 |
* Switched the selected database. |
|
465 |
* MongoDB acts on a per-DB level (user management) and we always need to |
|
466 |
* ensure we have the right DB selected. |
|
467 |
* If no connection exists and thus nothing is done, |
|
468 |
* null is returned. |
|
469 |
* |
|
470 |
* @param string $db the database to use |
|
471 |
* @return object the MongoDB database object |
|
472 |
*/ |
|
473 |
private function selectDB($db) { |
|
474 |
if ($this->isConnected()) { |
|
475 |
return $this->_connection->selectDB($db); |
|
476 |
} |
|
477 |
|
|
478 |
return null; |
|
479 |
} |
|
480 |
|
|
481 |
|
|
482 |
/** |
|
483 |
* This function is called when a DB is created from within the ISPConfig3 interface. |
|
484 |
* We need to create the DB and allow all users to connect to it that are choosen. |
|
485 |
* Since MongoDB doesn't create a DB before any data is stored in it, it's important |
|
486 |
* to store the users so it contains data -> is created. |
|
487 |
* |
|
488 |
* @param string $event_name the name of the event (insert, update, delete) |
|
489 |
* @param array $data the event data (old and new) |
|
490 |
* @return only if something is wrong |
|
491 |
*/ |
|
492 |
function db_insert($event_name, $data) { |
|
493 |
global $app, $conf; |
|
494 |
|
|
495 |
// beside checking for MongoDB we also check if the DB is active because only then we add users |
|
496 |
// -> MongoDB needs users to create the DB |
|
497 |
if ($data['new']['type'] == 'mongo' && $data['new']['active'] == 'y') { |
|
498 |
if ($this->connect() === false) { |
|
499 |
$app->log("Unable to connect to MongoDB: Connecting using connect() failed.", LOGLEVEL_ERROR); |
|
500 |
return; |
|
501 |
} |
|
502 |
|
2af58c
|
503 |
$db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password_mongo` FROM `web_database_user` WHERE `database_user_id` = ?", $data['new']['database_user_id']); |
MC |
504 |
$db_ro_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password_mongo` FROM `web_database_user` WHERE `database_user_id` = ?", $data['new']['database_ro_user_id']); |
bd68aa
|
505 |
|
MC |
506 |
$user = $db_user['database_user']; |
|
507 |
$password = $db_user['database_password_mongo']; |
|
508 |
|
|
509 |
$ro_user = $db_ro_user['database_user']; |
|
510 |
$ro_password = $db_ro_user['database_password_mongo']; |
|
511 |
|
|
512 |
$db = $data['new']['database_name']; |
|
513 |
|
|
514 |
if ((bool) $db_user) { |
b1a6a5
|
515 |
if ($user == 'root') { |
MC |
516 |
$app->log("User root not allowed for client databases", LOGLEVEL_WARNING); |
|
517 |
} else { |
|
518 |
if (!$this->addUser($db, array( |
|
519 |
'username' => $user, |
|
520 |
'password' => $password, |
|
521 |
'roles' => array( |
|
522 |
"readWrite", |
|
523 |
"dbAdmin" |
|
524 |
) |
|
525 |
))) { |
|
526 |
$app->log("Error while adding user: ".$user." to DB: ".$db, LOGLEVEL_WARNING); |
|
527 |
} |
bd68aa
|
528 |
} |
MC |
529 |
} |
|
530 |
|
|
531 |
if ($db_ro_user && $data['new']['database_user_id'] != $data['new']['database_ro_user_id']) { |
b1a6a5
|
532 |
if ($user == 'root') { |
MC |
533 |
$app->log("User root not allowed for client databases", LOGLEVEL_WARNING); |
|
534 |
} else { |
|
535 |
if (!$this->addUser($db, array( |
|
536 |
'username' => $ro_user, |
|
537 |
'password' => $ro_password, |
|
538 |
'roles' => array( |
|
539 |
"read" |
|
540 |
) |
|
541 |
))) { |
|
542 |
$app->log("Error while adding read-only user: ".$user." to DB: ".$db, LOGLEVEL_WARNING); |
|
543 |
} |
bd68aa
|
544 |
} |
MC |
545 |
} |
|
546 |
|
|
547 |
$this->disconnect(); |
|
548 |
} |
|
549 |
} |
b1a6a5
|
550 |
|
bd68aa
|
551 |
|
MC |
552 |
/** |
|
553 |
* This function is called when a DB is updated from within the ISPConfig interface. |
|
554 |
* Updating the DB needs a lot of changes. First, we need to recheck all users that |
|
555 |
* have permissions to access the DB. Maybe we also need to rename the DB and change |
|
556 |
* it's type (MySQL, MongoDB etc.)...hard work here :) |
|
557 |
* |
|
558 |
* @param string $event_name the name of the event (insert, update, delete) |
|
559 |
* @param array $data the event data (old and new) |
|
560 |
* @return only if something is wrong |
|
561 |
*/ |
b1a6a5
|
562 |
function db_update($event_name, $data) { |
bd68aa
|
563 |
global $app, $conf; |
MC |
564 |
|
|
565 |
if ($data['old']['active'] == 'n' && $data['new']['active'] == 'n') { |
|
566 |
return; |
|
567 |
} |
|
568 |
|
|
569 |
// currently switching from MongoDB <-> MySQL isn't supported |
|
570 |
if ($data['old']['type'] == 'mongo' && $data['new']['type'] == 'mongo') { |
|
571 |
if ($this->connect() === false) { |
|
572 |
$app->log("Unable to connect to MongoDB: Connecting using connect() failed.", LOGLEVEL_ERROR); |
|
573 |
return; |
|
574 |
} |
|
575 |
|
2af58c
|
576 |
$db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password_mongo` FROM `web_database_user` WHERE `database_user_id` = ?", $data['new']['database_user_id']); |
MC |
577 |
$db_ro_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password_mongo` FROM `web_database_user` WHERE `database_user_id` = ?", $data['new']['database_ro_user_id']); |
bd68aa
|
578 |
|
MC |
579 |
$user = $db_user['database_user']; |
|
580 |
$password = $db_user['database_password_mongo']; |
|
581 |
|
|
582 |
$ro_user = $db_ro_user['database_user']; |
|
583 |
$ro_password = $db_ro_user['database_password_mongo']; |
|
584 |
|
|
585 |
$db = $data['new']['database_name']; |
|
586 |
|
|
587 |
// create the database user if database was disabled before |
|
588 |
if ($data['new']['active'] == 'y' && $data['old']['active'] == 'n') { |
|
589 |
// since MongoDB creates DBs on-the-fly we can use the db_insert method which takes care of adding |
|
590 |
// users to a given DB |
|
591 |
$this->db_insert($event_name, $data); |
|
592 |
} else if ($data['new']['active'] == 'n' && $data['old']['active'] == 'y') { |
b1a6a5
|
593 |
$users = $this->getUsers($db); |
bd68aa
|
594 |
|
b1a6a5
|
595 |
if ((bool) $users) { |
MC |
596 |
foreach ($users as $user) { |
|
597 |
$this->dropUser($user, $db); |
|
598 |
} |
bd68aa
|
599 |
} |
b1a6a5
|
600 |
} else { |
bd68aa
|
601 |
// selected user has changed -> drop old one |
MC |
602 |
if ($data['new']['database_user_id'] != $data['old']['database_user_id']) { |
2af58c
|
603 |
$old_db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password_mongo` FROM `web_database_user` WHERE `database_user_id` = ?", $data['old']['database_user_id']); |
bd68aa
|
604 |
|
MC |
605 |
if ((bool) $old_db_user) { |
|
606 |
if ($old_db_user['database_user'] == 'root') { |
|
607 |
$app->log("User root not allowed for client databases", LOGLEVEL_WARNING); |
|
608 |
} else { |
|
609 |
$this->dropUser($old_db_user['database_user'], $db); |
|
610 |
} |
|
611 |
} |
|
612 |
} |
|
613 |
|
|
614 |
// selected read-only user has changed -> drop old one |
|
615 |
if ($data['new']['database_ro_user_id'] != $data['old']['database_ro_user_id']) { |
2af58c
|
616 |
$old_db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password_mongo` FROM `web_database_user` WHERE `database_user_id` = ?", $data['old']['database_ro_user_id']); |
bd68aa
|
617 |
|
MC |
618 |
if ((bool) $old_db_user) { |
|
619 |
if ($old_db_user['database_user'] == 'root') { |
b1a6a5
|
620 |
$app->log("User root not allowed for client databases", LOGLEVEL_WARNING); |
bd68aa
|
621 |
} else { |
MC |
622 |
$this->dropUser($old_db_user['database_user'], $db); |
|
623 |
} |
|
624 |
} |
|
625 |
} |
|
626 |
|
|
627 |
// selected user has changed -> add new one |
|
628 |
if ($data['new']['database_user_id'] != $data['old']['database_user_id']) { |
|
629 |
if ((bool) $db_user) { |
|
630 |
if ($user == 'root') { |
|
631 |
$app->log("User root not allowed for client databases", LOGLEVEL_WARNING); |
|
632 |
} else { |
|
633 |
$this->addUser($db, array( |
b1a6a5
|
634 |
'username' => $user, |
MC |
635 |
'password' => $password, |
|
636 |
'roles' => array( |
|
637 |
"readWrite", |
|
638 |
"dbAdmin" |
|
639 |
) |
|
640 |
)); |
bd68aa
|
641 |
} |
MC |
642 |
} |
|
643 |
} |
|
644 |
|
|
645 |
// selected read-only user has changed -> add new one |
|
646 |
if ($data['new']['database_ro_user_id'] != $data['old']['database_ro_user_iduser_id']) { |
|
647 |
if ((bool) $db_ro_user && $data['new']['database_user_id'] != $data['new']['database_ro_user_id']) { |
|
648 |
if ($ro_user == 'root') { |
|
649 |
$app->log("User root not allowed for client databases", LOGLEVEL_WARNING); |
|
650 |
} else { |
|
651 |
$this->addUser($db, array( |
b1a6a5
|
652 |
'username' => $ro_user, |
MC |
653 |
'password' => $ro_password, |
|
654 |
'roles' => array( |
|
655 |
"read" |
|
656 |
) |
|
657 |
)); |
bd68aa
|
658 |
} |
MC |
659 |
} |
|
660 |
} |
|
661 |
|
|
662 |
// renamed? |
|
663 |
/* |
|
664 |
if ($data['old']['database_name'] != $data['new']['database_name']) { |
|
665 |
$old_name = $data['old']['database_name']; |
|
666 |
$new_name = $data['new']['database_name']; |
|
667 |
|
|
668 |
if ($this->renameDB($oldName, $newName)) { |
|
669 |
$app->log("Renamed MongoDB database: ".$old_name." -> ".$new_name, LOGLEVEL_DEBUG); |
|
670 |
} else { |
|
671 |
$app->log("Renaming MongoDB database failed: ".$old_name." -> ".$new_name, LOGLEVEL_WARNING); |
|
672 |
} |
|
673 |
} |
|
674 |
*/ |
|
675 |
} |
|
676 |
|
|
677 |
// switching from MySQL <-> Mongo isn't supported |
|
678 |
// no idea what we should do here...would be best to permit in interface? |
|
679 |
|
|
680 |
// remote access isn't supported by MongoDB (limiting to IP), |
|
681 |
// we therefor don't listen for it's changes |
|
682 |
} |
|
683 |
|
|
684 |
$this->disconnect(); |
|
685 |
} |
|
686 |
|
b1a6a5
|
687 |
|
bd68aa
|
688 |
/** |
MC |
689 |
* This function is called when a DB is deleted from within the ISPConfig interface. |
|
690 |
* All we need to do is to delete the database. |
|
691 |
* |
|
692 |
* @param string $event_name the name of the event (insert, update, delete) |
|
693 |
* @param array $data the event data (old and new) |
|
694 |
* @return only if something is wrong |
|
695 |
*/ |
b1a6a5
|
696 |
function db_delete($event_name, $data) { |
bd68aa
|
697 |
global $app, $conf; |
MC |
698 |
|
|
699 |
if ($data['old']['type'] == 'mongo') { |
|
700 |
if ($this->connect() === false) { |
|
701 |
$app->log("Unable to connect to MongoDB: Connecting using connect() failed.", LOGLEVEL_ERROR); |
|
702 |
return; |
|
703 |
} |
|
704 |
|
|
705 |
$db_to_drop = $data['old']['database_name']; |
|
706 |
|
|
707 |
if ($this->dropDB($db_to_drop)) { |
|
708 |
$app->log("Dropping MongoDB database: ".$db_to_drop, LOGLEVEL_DEBUG); |
|
709 |
} else { |
|
710 |
$app->log("Error while dropping MongoDB database: ".$db_to_drop, LOGLEVEL_WARNING); |
|
711 |
} |
|
712 |
|
|
713 |
$this->disconnect(); |
|
714 |
} |
|
715 |
} |
|
716 |
|
|
717 |
|
|
718 |
/** |
|
719 |
* This function is called when a user is inserted from within the ISPConfig interface. |
|
720 |
* Since users are separated from databases we don't do anything here. |
|
721 |
* As soon as an user is associated to a DB, we add him there. |
|
722 |
* |
|
723 |
* @param string $event_name the name of the event (insert, update, delete) |
|
724 |
* @param array $data the event data (old and new) |
|
725 |
*/ |
b1a6a5
|
726 |
function db_user_insert($event_name, $data) {} |
MC |
727 |
|
bd68aa
|
728 |
|
MC |
729 |
/** |
|
730 |
* This function is called when a user is updated from within the ISPConfig interface. |
|
731 |
* The only thing we need to listen for here are password changes. |
|
732 |
* We than need to change those in all databases the user uses. |
|
733 |
* |
|
734 |
* @param string $event_name the name of the event (insert, update, delete) |
|
735 |
* @param array $data the event data (old and new) |
|
736 |
* @return only if something is wrong |
|
737 |
*/ |
b1a6a5
|
738 |
function db_user_update($event_name, $data) { |
bd68aa
|
739 |
global $app, $conf; |
MC |
740 |
|
|
741 |
if ($data['old']['database_user'] == $data['new']['database_user'] |
b1a6a5
|
742 |
&& ($data['old']['database_password'] == $data['new']['database_password'] |
MC |
743 |
|| $data['new']['database_password'] == '')) { |
|
744 |
return; |
bd68aa
|
745 |
} |
MC |
746 |
|
|
747 |
if ($this->connect() === false) { |
|
748 |
$app->log("Unable to connect to MongoDB: Connecting using connect() failed.", LOGLEVEL_ERROR); |
|
749 |
return; |
|
750 |
} |
|
751 |
|
|
752 |
if ($data['old']['database_user'] != $data['new']['database_user']) { |
|
753 |
// username has changed |
|
754 |
$dbs = $this->getDBs(); |
|
755 |
|
|
756 |
if ((bool) $dbs) { |
|
757 |
foreach ($dbs as $db) { |
|
758 |
if ($this->userExists($db, $data['old']['database_user'])) { |
|
759 |
if (!$this->userExists($db, $data['new']['database_user'])) { |
|
760 |
$user = $this->getUser($db, $data['old']['database_user']); |
|
761 |
|
|
762 |
if ($this->dropUser($data['old']['database_user'], $db)) { |
|
763 |
if ($this->addUser($db, array( |
b1a6a5
|
764 |
'username' => $data['new']['database_user'], |
MC |
765 |
'password' => md5($data['new']['database_password_mongo']), |
|
766 |
'roles' => $user['roles'] |
|
767 |
))) { |
bd68aa
|
768 |
$app->log("Created user: ".$data['new']['database_user']." in DB: ".$db, LOGLEVEL_DEBUG); |
MC |
769 |
} else { |
|
770 |
$app->log("Couldn't create user: ".$data['new']['database_user']." in DB: ".$db, LOGLEVEL_WARNING); |
|
771 |
} |
|
772 |
} else { |
|
773 |
$app->log("Couldn't drop user: ".$data['old']['database_user']." in DB: ".$db, LOGLEVEL_WARNING); |
|
774 |
} |
|
775 |
} else { |
|
776 |
$app->log("User: ".$data['new']['database_user']." already exists in DB: ".$db, LOGLEVEL_WARNING); |
|
777 |
} |
|
778 |
} |
|
779 |
} |
|
780 |
} |
|
781 |
} |
|
782 |
|
|
783 |
if ($data['old']['database_password'] != $data['new']['database_password'] |
|
784 |
|| $data['old']['database_user'] != $data['new']['database_user']) { |
|
785 |
// password only has changed |
|
786 |
$dbs = $this->getDBs(); |
|
787 |
|
|
788 |
if ((bool) $dbs) { |
|
789 |
foreach ($dbs as $db) { |
|
790 |
if ($this->userExists($db, $data['new']['database_user'])) { |
|
791 |
if ($this->changePassword($db, $data['new']['database_user'], md5($data['new']['database_password_mongo']))) { |
|
792 |
$app->log("Changed user's: ".$data['new']['database_user']." password in DB: ".$db, LOGLEVEL_DEBUG); |
|
793 |
} else { |
|
794 |
$app->log("Couldn't change user's: ".$data['new']['database_user']." password in DB: ".$db, LOGLEVEL_WARNING); |
|
795 |
} |
|
796 |
} |
|
797 |
} |
|
798 |
} |
|
799 |
} |
|
800 |
|
|
801 |
$this->disconnect(); |
|
802 |
} |
|
803 |
|
b1a6a5
|
804 |
|
bd68aa
|
805 |
/** |
MC |
806 |
* This function is called when a user is deleted from within the ISPConfig interface. |
|
807 |
* Since MongoDB uses per-DB user management, we have to find every database where the user is |
|
808 |
* activated and delete him there. |
|
809 |
* |
|
810 |
* @param string $event_name the name of the event (insert, update, delete) |
|
811 |
* @param array $data the event data (old and new) |
|
812 |
* @return only if something is wrong |
|
813 |
*/ |
|
814 |
function db_user_delete($event_name, $data) { |
|
815 |
global $app, $conf; |
|
816 |
|
|
817 |
if ($this->connect() === false) { |
|
818 |
$app->log("Unable to connect to MongoDB: Connecting using connect() failed.", LOGLEVEL_ERROR); |
|
819 |
return; |
|
820 |
} |
|
821 |
|
|
822 |
if ($this->dropUser($data['old']['database_user']) === true) { |
|
823 |
$app->log("Dropped MongoDB user: ".$data['old']['database_user'], LOGLEVEL_DEBUG); |
|
824 |
} else { |
|
825 |
$app->log("Error while dropping MongoDB user: ".$data['old']['database_user'], LOGLEVEL_WARNING); |
|
826 |
} |
|
827 |
|
|
828 |
$this->disconnect(); |
|
829 |
} |
|
830 |
|
|
831 |
} |