Merge pull request #6954 from nupplaphil/task/upgrade_hardening

ConfigFile upgrade hardening
This commit is contained in:
Hypolite Petovan 2019-03-30 18:30:08 -04:00 committed by GitHub
commit f196368146
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 153 additions and 54 deletions

View file

@ -33,7 +33,7 @@ require dirname(__DIR__) . '/vendor/autoload.php';
$a = Factory\DependencyFactory::setUp('worker', dirname(__DIR__));
// Check the database structure and possibly fixes it
Update::check($a->getBasePath(), true);
Update::check($a->getBasePath(), true, $a->getMode());
// Quit when in maintenance
if (!$a->getMode()->has(App\Mode::MAINTENANCEDISABLED)) {

View file

@ -1187,7 +1187,7 @@ class App
$this->module = 'maintenance';
} else {
$this->checkURL();
Core\Update::check($this->getBasePath(), false);
Core\Update::check($this->getBasePath(), false, $this->getMode());
Core\Addon::loadAddons();
Core\Hook::loadHooks();
}

View file

@ -188,4 +188,32 @@ class ConfigCache implements IConfigCache, IPConfigCache
{
return $this->config;
}
/**
* Returns an array with missing categories/Keys
*
* @param array $config The array to check
*
* @return array
*/
public function keyDiff(array $config)
{
$return = [];
$categories = array_keys($config);
foreach ($categories as $category) {
if (is_array($config[$category])) {
$keys = array_keys($config[$category]);
foreach ($keys as $key) {
if (!isset($this->config[$category][$key])) {
$return[$category][$key] = $config[$category][$key];
}
}
}
}
return $return;
}
}

View file

@ -19,16 +19,21 @@ class Update
/**
* @brief Function to check if the Database structure needs an update.
*
* @param string $basePath The base path of this application
* @param boolean $via_worker boolean Is the check run via the worker?
* @param string $basePath The base path of this application
* @param boolean $via_worker Is the check run via the worker?
* @param App\Mode $mode The current app mode
*
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
public static function check($basePath, $via_worker)
public static function check($basePath, $via_worker, App\Mode $mode)
{
if (!DBA::connected()) {
return;
}
// Check if the config files are set correctly
self::checkConfigFile($basePath, $mode);
// Don't check the status if the last update was failed
if (Config::get('system', 'update', Update::SUCCESS, true) == Update::FAILED) {
return;
@ -227,40 +232,77 @@ class Update
/**
* Checks the config settings and saves given config values into the config file
*
* @param string $basePath The basepath of Friendica
* @param App\Mode $mode The Application mode
* @param string $basePath The basepath of Friendica
* @param App\Mode $mode The current App mode
*
* @return bool True, if something has been saved
*/
public static function saveConfigToFile($basePath, App\Mode $mode)
public static function checkConfigFile($basePath, App\Mode $mode)
{
if (empty($basePath)) {
$basePath = BasePath::create(dirname(__DIR__, 2));
}
$config = [
'config' => [
'hostname' => [
'allowEmpty' => false,
'default' => '',
],
],
'system' => [
'basepath' => [
'allowEmpty' => false,
'default' => $basePath,
],
]
];
$configFileLoader = new ConfigFileLoader($basePath, $mode);
$configCache = new Config\Cache\ConfigCache();
$configFileLoader->setupCache($configCache, true);
$configFileSaver = new ConfigFileSaver($basePath);
$updated = false;
if (self::updateConfigEntry($configCache, $configFileSaver,'config', 'hostname')) {
$updated = true;
};
if (self::updateConfigEntry($configCache, $configFileSaver,'system', 'basepath', BasePath::create(dirname(__DIR__) . '/../'))) {
$updated = true;
}
// In case there is nothing to do, skip the update
if (!$updated) {
// checks if something is to update, otherwise skip this function at all
$missingConfig = $configCache->keyDiff($config);
if (empty($missingConfig)) {
return true;
}
if (!$configFileSaver->saveToConfigFile()) {
Logger::alert('Config entry update failed - maybe wrong permission?');
return false;
}
// We just want one update process
if (Lock::acquire('config_update')) {
$configFileSaver = new ConfigFileSaver($basePath);
DBA::delete('config', ['cat' => 'config', 'k' => 'hostname']);
DBA::delete('config', ['cat' => 'system', 'k' => 'basepath']);
$updated = false;
$toDelete = [];
foreach ($missingConfig as $category => $keys) {
foreach ($keys as $key => $value) {
if (self::updateConfigEntry($configCache, $configFileSaver, $category, $key, $value['allowEmpty'], $value['default'])) {
$toDelete[] = ['cat' => $category, 'key' => $key];
$updated = true;
};
}
}
// In case there is nothing to do, skip the update
if (!$updated) {
Lock::release('config_update');
return true;
}
if (!$configFileSaver->saveToConfigFile()) {
Logger::alert('Config entry update failed - maybe wrong permission?');
Lock::release('config_update');
return false;
}
// After the successful save, remove the db values
foreach ($toDelete as $delete) {
DBA::delete('config', ['cat' => $delete['cat'], 'k' => $delete['key']]);
}
Lock::release('config_update');
}
return true;
}
@ -272,33 +314,47 @@ class Update
* @param ConfigFileSaver $configFileSaver The config file saver
* @param string $cat The config category
* @param string $key The config key
* @param bool $allowEmpty If true, empty values are valid (Default there has to be a variable)
* @param string $default A default value, if none of the settings are valid
*
* @return boolean True, if a value was updated
*
* @throws \Exception if DBA or Logger doesn't work
*/
private static function updateConfigEntry(IConfigCache $configCache, ConfigFileSaver $configFileSaver, $cat, $key, $default = '')
private static function updateConfigEntry(
IConfigCache $configCache,
ConfigFileSaver $configFileSaver,
$cat,
$key,
$allowEmpty = false,
$default = '')
{
// check if the config file differs from the whole configuration (= The db contains other values)
$fileConfig = $configCache->get($cat, $key);
$fileValue = $configCache->get($cat, $key);
$dbConfig = DBA::selectFirst('config', ['v'], ['cat' => $cat, 'k' => $key]);
$savedConfig = DBA::selectFirst('config', ['v'], ['cat' => $cat, 'k' => $key]);
if (DBA::isResult($savedConfig)) {
$savedValue = $savedConfig['v'];
if (DBA::isResult($dbConfig)) {
$dbValue = $dbConfig['v'];
} else {
$savedValue = null;
$dbValue = null;
}
// If the db contains a config value, check it
if (isset($savedValue) && $fileConfig !== $savedValue) {
Logger::info('Difference in config found', ['cat' => $cat, 'key' => $key, 'file' => $fileConfig, 'saved' => $savedValue]);
$configFileSaver->addConfigValue($cat, $key, $savedValue);
if ((
($allowEmpty && isset($dbValue)) ||
(!$allowEmpty && !empty($dbValue))
) &&
$fileValue !== $dbValue) {
Logger::info('Difference in config found', ['cat' => $cat, 'key' => $key, 'file' => $fileValue, 'db' => $dbValue]);
$configFileSaver->addConfigValue($cat, $key, $dbValue);
return true;
// If both config values are not set, use the default value
} elseif (!isset($fileConfig) && !isset($savedValue)) {
} elseif (
($allowEmpty && !isset($fileValue) && !isset($dbValue)) ||
(!$allowEmpty && empty($fileValue) && empty($dbValue) && !empty($default))) {
Logger::info('Using default for config', ['cat' => $cat, 'key' => $key, 'value' => $default]);
$configFileSaver->addConfigValue($cat, $key, $default);
return true;
@ -306,7 +362,7 @@ class Update
// If either the file config value isn't empty or the db value is the same as the
// file config value, skip it
} else {
Logger::info('No Difference in config found', ['cat' => $cat, 'key' => $key, 'value' => $fileConfig, 'saved' => $savedValue]);
Logger::debug('No Difference in config found', ['cat' => $cat, 'key' => $key, 'value' => $fileValue, 'db' => $dbValue]);
return false;
}
}

View file

@ -245,4 +245,34 @@ class ConfigCacheTest extends MockedTest
$this->assertEmpty($configCache->getAll());
}
/**
* Test the keyDiff() method with result
* @dataProvider dataTests
*/
public function testKeyDiffWithResult($data)
{
$configCache = new ConfigCache($data);
$diffConfig = [
'fakeCat' => [
'fakeKey' => 'value',
]
];
$this->assertEquals($diffConfig, $configCache->keyDiff($diffConfig));
}
/**
* Test the keyDiff() method without result
* @dataProvider dataTests
*/
public function testKeyDiffWithoutResult($data)
{
$configCache = new ConfigCache($data);
$diffConfig = $configCache->getAll();
$this->assertEmpty($configCache->keyDiff($diffConfig));
}
}

View file

@ -1,6 +1,5 @@
<?php
use Friendica\BaseObject;
use Friendica\Core\Addon;
use Friendica\Core\Config;
use Friendica\Core\L10n;
@ -347,17 +346,3 @@ function update_1298()
}
return Update::SUCCESS;
}
/**
* @see https://github.com/friendica/friendica/pull/6920
* @return int Success
*/
function update_1307()
{
$app = BaseObject::getApp();
if (Update::saveConfigToFile($app->getBasePath(), $app->getMode())) {
return Update::SUCCESS;
} else {
return Update::FAILED;
}
}