Browse Source
Add migration for password algorithm change (#12784)
* Add migration for password algorithm change #12688 changed the default for the user table leading to sync2 warnings Unfortunately changing defaults requires a complete table rewrite in general. However, just dropping columns could be bad - so this PR leverages the techniques used in recreate table to recreate from the inferred schema and recreates the user table. This is not necessarily the correct thing to do - but code sometimes speaks louder than words. Signed-off-by: Andrew Thornton <art27@cantab.net> * oops Signed-off-by: Andrew Thornton <art27@cantab.net> * ok lets use the shorter bits for other dbs Signed-off-by: Andrew Thornton <art27@cantab.net> * Update models/migrations/v150.go * Update models/migrations/v150.go * fix migration Signed-off-by: Andrew Thornton <art27@cantab.net> * mv v150 to v151.go Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <techknowlogick@gitea.io>for-closed-social
zeripath
4 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 197 additions and 1 deletions
Split View
Diff Options
-
+1 -1Makefile
-
+2 -0models/migrations/migrations.go
-
+194 -0models/migrations/v151.go
+ 1
- 1
Makefile
View File
+ 2
- 0
models/migrations/migrations.go
View File
+ 194
- 0
models/migrations/v151.go
View File
| @ -0,0 +1,194 @@ | |||
| // Copyright 2020 The Gitea Authors. All rights reserved. | |||
| // Use of this source code is governed by a MIT-style | |||
| // license that can be found in the LICENSE file. | |||
| package migrations | |||
| import ( | |||
| "fmt" | |||
| "strings" | |||
| "code.gitea.io/gitea/modules/log" | |||
| "code.gitea.io/gitea/modules/setting" | |||
| "xorm.io/xorm" | |||
| "xorm.io/xorm/schemas" | |||
| ) | |||
| func setDefaultPasswordToArgon2(x *xorm.Engine) error { | |||
| switch { | |||
| case setting.Database.UseMySQL: | |||
| _, err := x.Exec("ALTER TABLE `user` ALTER passwd_hash_algo SET DEFAULT 'argon2';") | |||
| return err | |||
| case setting.Database.UsePostgreSQL: | |||
| _, err := x.Exec("ALTER TABLE `user` ALTER COLUMN passwd_hash_algo SET DEFAULT 'argon2';") | |||
| return err | |||
| case setting.Database.UseMSSQL: | |||
| // need to find the constraint and drop it, then recreate it. | |||
| sess := x.NewSession() | |||
| defer sess.Close() | |||
| if err := sess.Begin(); err != nil { | |||
| return err | |||
| } | |||
| res, err := sess.QueryString("SELECT [name] FROM sys.default_constraints WHERE parent_object_id=OBJECT_ID(?) AND COL_NAME(parent_object_id, parent_column_id)=?;", "user", "passwd_hash_algo") | |||
| if err != nil { | |||
| return err | |||
| } | |||
| if len(res) > 0 { | |||
| constraintName := res[0]["name"] | |||
| log.Error("Results of select constraint: %s", constraintName) | |||
| _, err := sess.Exec("ALTER TABLE [user] DROP CONSTRAINT " + constraintName) | |||
| if err != nil { | |||
| return err | |||
| } | |||
| _, err = sess.Exec("ALTER TABLE [user] ADD CONSTRAINT " + constraintName + " DEFAULT 'argon2' FOR passwd_hash_algo") | |||
| if err != nil { | |||
| return err | |||
| } | |||
| } else { | |||
| _, err := sess.Exec("ALTER TABLE [user] ADD DEFAULT('argon2') FOR passwd_hash_algo") | |||
| if err != nil { | |||
| return err | |||
| } | |||
| } | |||
| return sess.Commit() | |||
| case setting.Database.UseSQLite3: | |||
| // drop through | |||
| default: | |||
| log.Fatal("Unrecognized DB") | |||
| } | |||
| tables, err := x.DBMetas() | |||
| if err != nil { | |||
| return err | |||
| } | |||
| // Now for SQLite we have to recreate the table | |||
| var table *schemas.Table | |||
| tableName := "user" | |||
| for _, table = range tables { | |||
| if table.Name == tableName { | |||
| break | |||
| } | |||
| } | |||
| if table == nil || table.Name != tableName { | |||
| type User struct { | |||
| PasswdHashAlgo string `xorm:"NOT NULL DEFAULT 'argon2'"` | |||
| } | |||
| return x.Sync2(new(User)) | |||
| } | |||
| column := table.GetColumn("passwd_hash_algo") | |||
| if column == nil { | |||
| type User struct { | |||
| PasswdHashAlgo string `xorm:"NOT NULL DEFAULT 'argon2'"` | |||
| } | |||
| return x.Sync2(new(User)) | |||
| } | |||
| sess := x.NewSession() | |||
| defer sess.Close() | |||
| if err := sess.Begin(); err != nil { | |||
| return err | |||
| } | |||
| tempTableName := "tmp_recreate__user" | |||
| column.Default = "'argon2'" | |||
| createTableSQL, _ := x.Dialect().CreateTableSQL(table, tempTableName) | |||
| for _, sql := range createTableSQL { | |||
| if _, err := sess.Exec(sql); err != nil { | |||
| log.Error("Unable to create table %s. Error: %v\n", tempTableName, err, createTableSQL) | |||
| return err | |||
| } | |||
| } | |||
| for _, index := range table.Indexes { | |||
| if _, err := sess.Exec(x.Dialect().CreateIndexSQL(tempTableName, index)); err != nil { | |||
| log.Error("Unable to create indexes on temporary table %s. Error: %v", tempTableName, err) | |||
| return err | |||
| } | |||
| } | |||
| newTableColumns := table.Columns() | |||
| if len(newTableColumns) == 0 { | |||
| return fmt.Errorf("no columns in new table") | |||
| } | |||
| hasID := false | |||
| for _, column := range newTableColumns { | |||
| hasID = hasID || (column.IsPrimaryKey && column.IsAutoIncrement) | |||
| } | |||
| sqlStringBuilder := &strings.Builder{} | |||
| _, _ = sqlStringBuilder.WriteString("INSERT INTO `") | |||
| _, _ = sqlStringBuilder.WriteString(tempTableName) | |||
| _, _ = sqlStringBuilder.WriteString("` (`") | |||
| _, _ = sqlStringBuilder.WriteString(newTableColumns[0].Name) | |||
| _, _ = sqlStringBuilder.WriteString("`") | |||
| for _, column := range newTableColumns[1:] { | |||
| _, _ = sqlStringBuilder.WriteString(", `") | |||
| _, _ = sqlStringBuilder.WriteString(column.Name) | |||
| _, _ = sqlStringBuilder.WriteString("`") | |||
| } | |||
| _, _ = sqlStringBuilder.WriteString(")") | |||
| _, _ = sqlStringBuilder.WriteString(" SELECT ") | |||
| if newTableColumns[0].Default != "" { | |||
| _, _ = sqlStringBuilder.WriteString("COALESCE(`") | |||
| _, _ = sqlStringBuilder.WriteString(newTableColumns[0].Name) | |||
| _, _ = sqlStringBuilder.WriteString("`, ") | |||
| _, _ = sqlStringBuilder.WriteString(newTableColumns[0].Default) | |||
| _, _ = sqlStringBuilder.WriteString(")") | |||
| } else { | |||
| _, _ = sqlStringBuilder.WriteString("`") | |||
| _, _ = sqlStringBuilder.WriteString(newTableColumns[0].Name) | |||
| _, _ = sqlStringBuilder.WriteString("`") | |||
| } | |||
| for _, column := range newTableColumns[1:] { | |||
| if column.Default != "" { | |||
| _, _ = sqlStringBuilder.WriteString(", COALESCE(`") | |||
| _, _ = sqlStringBuilder.WriteString(column.Name) | |||
| _, _ = sqlStringBuilder.WriteString("`, ") | |||
| _, _ = sqlStringBuilder.WriteString(column.Default) | |||
| _, _ = sqlStringBuilder.WriteString(")") | |||
| } else { | |||
| _, _ = sqlStringBuilder.WriteString(", `") | |||
| _, _ = sqlStringBuilder.WriteString(column.Name) | |||
| _, _ = sqlStringBuilder.WriteString("`") | |||
| } | |||
| } | |||
| _, _ = sqlStringBuilder.WriteString(" FROM `") | |||
| _, _ = sqlStringBuilder.WriteString(tableName) | |||
| _, _ = sqlStringBuilder.WriteString("`") | |||
| if _, err := sess.Exec(sqlStringBuilder.String()); err != nil { | |||
| log.Error("Unable to set copy data in to temp table %s. Error: %v", tempTableName, err) | |||
| return err | |||
| } | |||
| // SQLite will drop all the constraints on the old table | |||
| if _, err := sess.Exec(fmt.Sprintf("DROP TABLE `%s`", tableName)); err != nil { | |||
| log.Error("Unable to drop old table %s. Error: %v", tableName, err) | |||
| return err | |||
| } | |||
| for _, index := range table.Indexes { | |||
| if _, err := sess.Exec(x.Dialect().DropIndexSQL(tempTableName, index)); err != nil { | |||
| log.Error("Unable to drop indexes on temporary table %s. Error: %v", tempTableName, err) | |||
| return err | |||
| } | |||
| } | |||
| if _, err := sess.Exec(fmt.Sprintf("ALTER TABLE `%s` RENAME TO `%s`", tempTableName, tableName)); err != nil { | |||
| log.Error("Unable to rename %s to %s. Error: %v", tempTableName, tableName, err) | |||
| return err | |||
| } | |||
| for _, index := range table.Indexes { | |||
| if _, err := sess.Exec(x.Dialect().CreateIndexSQL(tableName, index)); err != nil { | |||
| log.Error("Unable to recreate indexes on table %s. Error: %v", tableName, err) | |||
| return err | |||
| } | |||
| } | |||
| return sess.Commit() | |||
| } | |||