mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-22 07:30:25 +00:00
534 lines
23 KiB
Go
534 lines
23 KiB
Go
//go:build !nopgsql
|
|
// +build !nopgsql
|
|
|
|
package dataprovider
|
|
|
|
import (
|
|
"context"
|
|
"crypto/x509"
|
|
"database/sql"
|
|
"errors"
|
|
"fmt"
|
|
"strings"
|
|
"time"
|
|
|
|
// we import lib/pq here to be able to disable PostgreSQL support using a build tag
|
|
_ "github.com/lib/pq"
|
|
|
|
"github.com/drakkan/sftpgo/v2/logger"
|
|
"github.com/drakkan/sftpgo/v2/version"
|
|
"github.com/drakkan/sftpgo/v2/vfs"
|
|
)
|
|
|
|
const (
|
|
pgsqlResetSQL = `DROP TABLE IF EXISTS "{{api_keys}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{folders_mapping}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{admins}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{folders}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{shares}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{users}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{defender_events}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{defender_hosts}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{active_transfers}}" CASCADE;
|
|
DROP TABLE IF EXISTS "{{schema_version}}" CASCADE;
|
|
`
|
|
pgsqlInitial = `CREATE TABLE "{{schema_version}}" ("id" serial NOT NULL PRIMARY KEY, "version" integer NOT NULL);
|
|
CREATE TABLE "{{admins}}" ("id" serial NOT NULL PRIMARY KEY, "username" varchar(255) NOT NULL UNIQUE,
|
|
"description" varchar(512) NULL, "password" varchar(255) NOT NULL, "email" varchar(255) NULL, "status" integer NOT NULL,
|
|
"permissions" text NOT NULL, "filters" text NULL, "additional_info" text NULL, "last_login" bigint NOT NULL,
|
|
"created_at" bigint NOT NULL, "updated_at" bigint NOT NULL);
|
|
CREATE TABLE "{{defender_hosts}}" ("id" bigserial NOT NULL PRIMARY KEY, "ip" varchar(50) NOT NULL UNIQUE,
|
|
"ban_time" bigint NOT NULL, "updated_at" bigint NOT NULL);
|
|
CREATE TABLE "{{defender_events}}" ("id" bigserial NOT NULL PRIMARY KEY, "date_time" bigint NOT NULL, "score" integer NOT NULL,
|
|
"host_id" bigint NOT NULL);
|
|
ALTER TABLE "{{defender_events}}" ADD CONSTRAINT "{{prefix}}defender_events_host_id_fk_defender_hosts_id" FOREIGN KEY
|
|
("host_id") REFERENCES "{{defender_hosts}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE;
|
|
CREATE TABLE "{{folders}}" ("id" serial NOT NULL PRIMARY KEY, "name" varchar(255) NOT NULL UNIQUE, "description" varchar(512) NULL,
|
|
"path" text NULL, "used_quota_size" bigint NOT NULL, "used_quota_files" integer NOT NULL, "last_quota_update" bigint NOT NULL,
|
|
"filesystem" text NULL);
|
|
CREATE TABLE "{{users}}" ("id" serial NOT NULL PRIMARY KEY, "username" varchar(255) NOT NULL UNIQUE, "status" integer NOT NULL,
|
|
"expiration_date" bigint NOT NULL, "description" varchar(512) NULL, "password" text NULL, "public_keys" text NULL,
|
|
"home_dir" text NOT NULL, "uid" bigint NOT NULL, "gid" bigint NOT NULL, "max_sessions" integer NOT NULL,
|
|
"quota_size" bigint NOT NULL, "quota_files" integer NOT NULL, "permissions" text NOT NULL, "used_quota_size" bigint NOT NULL,
|
|
"used_quota_files" integer NOT NULL, "last_quota_update" bigint NOT NULL, "upload_bandwidth" integer NOT NULL,
|
|
"download_bandwidth" integer NOT NULL, "last_login" bigint NOT NULL, "filters" text NULL, "filesystem" text NULL,
|
|
"additional_info" text NULL, "created_at" bigint NOT NULL, "updated_at" bigint NOT NULL, "email" varchar(255) NULL);
|
|
CREATE TABLE "{{folders_mapping}}" ("id" serial NOT NULL PRIMARY KEY, "virtual_path" text NOT NULL,
|
|
"quota_size" bigint NOT NULL, "quota_files" integer NOT NULL, "folder_id" integer NOT NULL, "user_id" integer NOT NULL);
|
|
ALTER TABLE "{{folders_mapping}}" ADD CONSTRAINT "{{prefix}}unique_mapping" UNIQUE ("user_id", "folder_id");
|
|
ALTER TABLE "{{folders_mapping}}" ADD CONSTRAINT "{{prefix}}folders_mapping_folder_id_fk_folders_id"
|
|
FOREIGN KEY ("folder_id") REFERENCES "{{folders}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE;
|
|
ALTER TABLE "{{folders_mapping}}" ADD CONSTRAINT "{{prefix}}folders_mapping_user_id_fk_users_id"
|
|
FOREIGN KEY ("user_id") REFERENCES "{{users}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE;
|
|
CREATE TABLE "{{shares}}" ("id" serial NOT NULL PRIMARY KEY,
|
|
"share_id" varchar(60) NOT NULL UNIQUE, "name" varchar(255) NOT NULL, "description" varchar(512) NULL,
|
|
"scope" integer NOT NULL, "paths" text NOT NULL, "created_at" bigint NOT NULL, "updated_at" bigint NOT NULL,
|
|
"last_use_at" bigint NOT NULL, "expires_at" bigint NOT NULL, "password" text NULL,
|
|
"max_tokens" integer NOT NULL, "used_tokens" integer NOT NULL, "allow_from" text NULL,
|
|
"user_id" integer NOT NULL);
|
|
ALTER TABLE "{{shares}}" ADD CONSTRAINT "{{prefix}}shares_user_id_fk_users_id" FOREIGN KEY ("user_id")
|
|
REFERENCES "{{users}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE;
|
|
CREATE TABLE "{{api_keys}}" ("id" serial NOT NULL PRIMARY KEY, "name" varchar(255) NOT NULL,
|
|
"key_id" varchar(50) NOT NULL UNIQUE, "api_key" varchar(255) NOT NULL UNIQUE, "scope" integer NOT NULL,
|
|
"created_at" bigint NOT NULL, "updated_at" bigint NOT NULL, "last_use_at" bigint NOT NULL,"expires_at" bigint NOT NULL,
|
|
"description" text NULL, "admin_id" integer NULL, "user_id" integer NULL);
|
|
ALTER TABLE "{{api_keys}}" ADD CONSTRAINT "{{prefix}}api_keys_admin_id_fk_admins_id" FOREIGN KEY ("admin_id")
|
|
REFERENCES "{{admins}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE;
|
|
ALTER TABLE "{{api_keys}}" ADD CONSTRAINT "{{prefix}}api_keys_user_id_fk_users_id" FOREIGN KEY ("user_id")
|
|
REFERENCES "{{users}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE;
|
|
CREATE INDEX "{{prefix}}folders_mapping_folder_id_idx" ON "{{folders_mapping}}" ("folder_id");
|
|
CREATE INDEX "{{prefix}}folders_mapping_user_id_idx" ON "{{folders_mapping}}" ("user_id");
|
|
CREATE INDEX "{{prefix}}api_keys_admin_id_idx" ON "{{api_keys}}" ("admin_id");
|
|
CREATE INDEX "{{prefix}}api_keys_user_id_idx" ON "{{api_keys}}" ("user_id");
|
|
CREATE INDEX "{{prefix}}users_updated_at_idx" ON "{{users}}" ("updated_at");
|
|
CREATE INDEX "{{prefix}}shares_user_id_idx" ON "{{shares}}" ("user_id");
|
|
CREATE INDEX "{{prefix}}defender_hosts_updated_at_idx" ON "{{defender_hosts}}" ("updated_at");
|
|
CREATE INDEX "{{prefix}}defender_hosts_ban_time_idx" ON "{{defender_hosts}}" ("ban_time");
|
|
CREATE INDEX "{{prefix}}defender_events_date_time_idx" ON "{{defender_events}}" ("date_time");
|
|
CREATE INDEX "{{prefix}}defender_events_host_id_idx" ON "{{defender_events}}" ("host_id");
|
|
INSERT INTO {{schema_version}} (version) VALUES (15);
|
|
`
|
|
pgsqlV16SQL = `ALTER TABLE "{{users}}" ADD COLUMN "download_data_transfer" integer DEFAULT 0 NOT NULL;
|
|
ALTER TABLE "{{users}}" ALTER COLUMN "download_data_transfer" DROP DEFAULT;
|
|
ALTER TABLE "{{users}}" ADD COLUMN "total_data_transfer" integer DEFAULT 0 NOT NULL;
|
|
ALTER TABLE "{{users}}" ALTER COLUMN "total_data_transfer" DROP DEFAULT;
|
|
ALTER TABLE "{{users}}" ADD COLUMN "upload_data_transfer" integer DEFAULT 0 NOT NULL;
|
|
ALTER TABLE "{{users}}" ALTER COLUMN "upload_data_transfer" DROP DEFAULT;
|
|
ALTER TABLE "{{users}}" ADD COLUMN "used_download_data_transfer" integer DEFAULT 0 NOT NULL;
|
|
ALTER TABLE "{{users}}" ALTER COLUMN "used_download_data_transfer" DROP DEFAULT;
|
|
ALTER TABLE "{{users}}" ADD COLUMN "used_upload_data_transfer" integer DEFAULT 0 NOT NULL;
|
|
ALTER TABLE "{{users}}" ALTER COLUMN "used_upload_data_transfer" DROP DEFAULT;
|
|
CREATE TABLE "{{active_transfers}}" ("id" bigserial NOT NULL PRIMARY KEY, "connection_id" varchar(100) NOT NULL,
|
|
"transfer_id" bigint NOT NULL, "transfer_type" integer NOT NULL, "username" varchar(255) NOT NULL,
|
|
"folder_name" varchar(255) NULL, "ip" varchar(50) NOT NULL, "truncated_size" bigint NOT NULL,
|
|
"current_ul_size" bigint NOT NULL, "current_dl_size" bigint NOT NULL, "created_at" bigint NOT NULL,
|
|
"updated_at" bigint NOT NULL);
|
|
CREATE INDEX "{{prefix}}active_transfers_connection_id_idx" ON "{{active_transfers}}" ("connection_id");
|
|
CREATE INDEX "{{prefix}}active_transfers_transfer_id_idx" ON "{{active_transfers}}" ("transfer_id");
|
|
CREATE INDEX "{{prefix}}active_transfers_updated_at_idx" ON "{{active_transfers}}" ("updated_at");
|
|
`
|
|
pgsqlV16DownSQL = `ALTER TABLE "{{users}}" DROP COLUMN "used_upload_data_transfer" CASCADE;
|
|
ALTER TABLE "{{users}}" DROP COLUMN "used_download_data_transfer" CASCADE;
|
|
ALTER TABLE "{{users}}" DROP COLUMN "upload_data_transfer" CASCADE;
|
|
ALTER TABLE "{{users}}" DROP COLUMN "total_data_transfer" CASCADE;
|
|
ALTER TABLE "{{users}}" DROP COLUMN "download_data_transfer" CASCADE;
|
|
DROP TABLE "{{active_transfers}}" CASCADE;
|
|
`
|
|
)
|
|
|
|
// PGSQLProvider defines the auth provider for PostgreSQL database
|
|
type PGSQLProvider struct {
|
|
dbHandle *sql.DB
|
|
}
|
|
|
|
func init() {
|
|
version.AddFeature("+pgsql")
|
|
}
|
|
|
|
func initializePGSQLProvider() error {
|
|
var err error
|
|
dbHandle, err := sql.Open("postgres", getPGSQLConnectionString(false))
|
|
if err == nil {
|
|
providerLog(logger.LevelDebug, "postgres database handle created, connection string: %#v, pool size: %v",
|
|
getPGSQLConnectionString(true), config.PoolSize)
|
|
dbHandle.SetMaxOpenConns(config.PoolSize)
|
|
if config.PoolSize > 0 {
|
|
dbHandle.SetMaxIdleConns(config.PoolSize)
|
|
} else {
|
|
dbHandle.SetMaxIdleConns(2)
|
|
}
|
|
dbHandle.SetConnMaxLifetime(240 * time.Second)
|
|
provider = &PGSQLProvider{dbHandle: dbHandle}
|
|
} else {
|
|
providerLog(logger.LevelError, "error creating postgres database handler, connection string: %#v, error: %v",
|
|
getPGSQLConnectionString(true), err)
|
|
}
|
|
return err
|
|
}
|
|
|
|
func getPGSQLConnectionString(redactedPwd bool) string {
|
|
var connectionString string
|
|
if config.ConnectionString == "" {
|
|
password := config.Password
|
|
if redactedPwd {
|
|
password = "[redacted]"
|
|
}
|
|
connectionString = fmt.Sprintf("host='%v' port=%v dbname='%v' user='%v' password='%v' sslmode=%v connect_timeout=10",
|
|
config.Host, config.Port, config.Name, config.Username, password, getSSLMode())
|
|
if config.RootCert != "" {
|
|
connectionString += fmt.Sprintf(" sslrootcert='%v'", config.RootCert)
|
|
}
|
|
if config.ClientCert != "" && config.ClientKey != "" {
|
|
connectionString += fmt.Sprintf(" sslcert='%v' sslkey='%v'", config.ClientCert, config.ClientKey)
|
|
}
|
|
} else {
|
|
connectionString = config.ConnectionString
|
|
}
|
|
return connectionString
|
|
}
|
|
|
|
func (p *PGSQLProvider) checkAvailability() error {
|
|
return sqlCommonCheckAvailability(p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) validateUserAndPass(username, password, ip, protocol string) (User, error) {
|
|
return sqlCommonValidateUserAndPass(username, password, ip, protocol, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) validateUserAndTLSCert(username, protocol string, tlsCert *x509.Certificate) (User, error) {
|
|
return sqlCommonValidateUserAndTLSCertificate(username, protocol, tlsCert, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) validateUserAndPubKey(username string, publicKey []byte) (User, string, error) {
|
|
return sqlCommonValidateUserAndPubKey(username, publicKey, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateTransferQuota(username string, uploadSize, downloadSize int64, reset bool) error {
|
|
return sqlCommonUpdateTransferQuota(username, uploadSize, downloadSize, reset, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateQuota(username string, filesAdd int, sizeAdd int64, reset bool) error {
|
|
return sqlCommonUpdateQuota(username, filesAdd, sizeAdd, reset, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getUsedQuota(username string) (int, int64, int64, int64, error) {
|
|
return sqlCommonGetUsedQuota(username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) setUpdatedAt(username string) {
|
|
sqlCommonSetUpdatedAt(username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateLastLogin(username string) error {
|
|
return sqlCommonUpdateLastLogin(username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateAdminLastLogin(username string) error {
|
|
return sqlCommonUpdateAdminLastLogin(username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) userExists(username string) (User, error) {
|
|
return sqlCommonGetUserByUsername(username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) addUser(user *User) error {
|
|
return sqlCommonAddUser(user, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateUser(user *User) error {
|
|
return sqlCommonUpdateUser(user, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) deleteUser(user *User) error {
|
|
return sqlCommonDeleteUser(user, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) dumpUsers() ([]User, error) {
|
|
return sqlCommonDumpUsers(p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getRecentlyUpdatedUsers(after int64) ([]User, error) {
|
|
return sqlCommonGetRecentlyUpdatedUsers(after, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getUsers(limit int, offset int, order string) ([]User, error) {
|
|
return sqlCommonGetUsers(limit, offset, order, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getUsersForQuotaCheck(toFetch map[string]bool) ([]User, error) {
|
|
return sqlCommonGetUsersForQuotaCheck(toFetch, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) dumpFolders() ([]vfs.BaseVirtualFolder, error) {
|
|
return sqlCommonDumpFolders(p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getFolders(limit, offset int, order string) ([]vfs.BaseVirtualFolder, error) {
|
|
return sqlCommonGetFolders(limit, offset, order, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getFolderByName(name string) (vfs.BaseVirtualFolder, error) {
|
|
ctx, cancel := context.WithTimeout(context.Background(), defaultSQLQueryTimeout)
|
|
defer cancel()
|
|
return sqlCommonGetFolderByName(ctx, name, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) addFolder(folder *vfs.BaseVirtualFolder) error {
|
|
return sqlCommonAddFolder(folder, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateFolder(folder *vfs.BaseVirtualFolder) error {
|
|
return sqlCommonUpdateFolder(folder, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) deleteFolder(folder *vfs.BaseVirtualFolder) error {
|
|
return sqlCommonDeleteFolder(folder, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateFolderQuota(name string, filesAdd int, sizeAdd int64, reset bool) error {
|
|
return sqlCommonUpdateFolderQuota(name, filesAdd, sizeAdd, reset, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getUsedFolderQuota(name string) (int, int64, error) {
|
|
return sqlCommonGetFolderUsedQuota(name, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) adminExists(username string) (Admin, error) {
|
|
return sqlCommonGetAdminByUsername(username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) addAdmin(admin *Admin) error {
|
|
return sqlCommonAddAdmin(admin, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateAdmin(admin *Admin) error {
|
|
return sqlCommonUpdateAdmin(admin, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) deleteAdmin(admin *Admin) error {
|
|
return sqlCommonDeleteAdmin(admin, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getAdmins(limit int, offset int, order string) ([]Admin, error) {
|
|
return sqlCommonGetAdmins(limit, offset, order, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) dumpAdmins() ([]Admin, error) {
|
|
return sqlCommonDumpAdmins(p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) validateAdminAndPass(username, password, ip string) (Admin, error) {
|
|
return sqlCommonValidateAdminAndPass(username, password, ip, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) apiKeyExists(keyID string) (APIKey, error) {
|
|
return sqlCommonGetAPIKeyByID(keyID, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) addAPIKey(apiKey *APIKey) error {
|
|
return sqlCommonAddAPIKey(apiKey, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateAPIKey(apiKey *APIKey) error {
|
|
return sqlCommonUpdateAPIKey(apiKey, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) deleteAPIKey(apiKey *APIKey) error {
|
|
return sqlCommonDeleteAPIKey(apiKey, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getAPIKeys(limit int, offset int, order string) ([]APIKey, error) {
|
|
return sqlCommonGetAPIKeys(limit, offset, order, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) dumpAPIKeys() ([]APIKey, error) {
|
|
return sqlCommonDumpAPIKeys(p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateAPIKeyLastUse(keyID string) error {
|
|
return sqlCommonUpdateAPIKeyLastUse(keyID, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) shareExists(shareID, username string) (Share, error) {
|
|
return sqlCommonGetShareByID(shareID, username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) addShare(share *Share) error {
|
|
return sqlCommonAddShare(share, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateShare(share *Share) error {
|
|
return sqlCommonUpdateShare(share, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) deleteShare(share *Share) error {
|
|
return sqlCommonDeleteShare(share, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getShares(limit int, offset int, order, username string) ([]Share, error) {
|
|
return sqlCommonGetShares(limit, offset, order, username, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) dumpShares() ([]Share, error) {
|
|
return sqlCommonDumpShares(p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateShareLastUse(shareID string, numTokens int) error {
|
|
return sqlCommonUpdateShareLastUse(shareID, numTokens, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getDefenderHosts(from int64, limit int) ([]DefenderEntry, error) {
|
|
return sqlCommonGetDefenderHosts(from, limit, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getDefenderHostByIP(ip string, from int64) (DefenderEntry, error) {
|
|
return sqlCommonGetDefenderHostByIP(ip, from, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) isDefenderHostBanned(ip string) (DefenderEntry, error) {
|
|
return sqlCommonIsDefenderHostBanned(ip, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateDefenderBanTime(ip string, minutes int) error {
|
|
return sqlCommonDefenderIncrementBanTime(ip, minutes, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) deleteDefenderHost(ip string) error {
|
|
return sqlCommonDeleteDefenderHost(ip, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) addDefenderEvent(ip string, score int) error {
|
|
return sqlCommonAddDefenderHostAndEvent(ip, score, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) setDefenderBanTime(ip string, banTime int64) error {
|
|
return sqlCommonSetDefenderBanTime(ip, banTime, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) cleanupDefender(from int64) error {
|
|
return sqlCommonDefenderCleanup(from, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) addActiveTransfer(transfer ActiveTransfer) error {
|
|
return sqlCommonAddActiveTransfer(transfer, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) updateActiveTransferSizes(ulSize, dlSize, transferID int64, connectionID string) error {
|
|
return sqlCommonUpdateActiveTransferSizes(ulSize, dlSize, transferID, connectionID, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) removeActiveTransfer(transferID int64, connectionID string) error {
|
|
return sqlCommonRemoveActiveTransfer(transferID, connectionID, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) cleanupActiveTransfers(before time.Time) error {
|
|
return sqlCommonCleanupActiveTransfers(before, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) getActiveTransfers(from time.Time) ([]ActiveTransfer, error) {
|
|
return sqlCommonGetActiveTransfers(from, p.dbHandle)
|
|
}
|
|
|
|
func (p *PGSQLProvider) close() error {
|
|
return p.dbHandle.Close()
|
|
}
|
|
|
|
func (p *PGSQLProvider) reloadConfig() error {
|
|
return nil
|
|
}
|
|
|
|
// initializeDatabase creates the initial database structure
|
|
func (p *PGSQLProvider) initializeDatabase() error {
|
|
dbVersion, err := sqlCommonGetDatabaseVersion(p.dbHandle, false)
|
|
if err == nil && dbVersion.Version > 0 {
|
|
return ErrNoInitRequired
|
|
}
|
|
if errors.Is(err, sql.ErrNoRows) {
|
|
return errSchemaVersionEmpty
|
|
}
|
|
logger.InfoToConsole("creating initial database schema, version 15")
|
|
providerLog(logger.LevelInfo, "creating initial database schema, version 15")
|
|
initialSQL := strings.ReplaceAll(pgsqlInitial, "{{schema_version}}", sqlTableSchemaVersion)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{admins}}", sqlTableAdmins)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{folders}}", sqlTableFolders)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{users}}", sqlTableUsers)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{folders_mapping}}", sqlTableFoldersMapping)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{api_keys}}", sqlTableAPIKeys)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{shares}}", sqlTableShares)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{defender_events}}", sqlTableDefenderEvents)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{defender_hosts}}", sqlTableDefenderHosts)
|
|
initialSQL = strings.ReplaceAll(initialSQL, "{{prefix}}", config.SQLTablesPrefix)
|
|
if config.Driver == CockroachDataProviderName {
|
|
// Cockroach does not support deferrable constraint validation, we don't need them,
|
|
// we keep these definitions for the PostgreSQL driver to avoid changes for users
|
|
// upgrading from old SFTPGo versions
|
|
initialSQL = strings.ReplaceAll(initialSQL, "DEFERRABLE INITIALLY DEFERRED", "")
|
|
}
|
|
|
|
return sqlCommonExecSQLAndUpdateDBVersion(p.dbHandle, []string{initialSQL}, 15)
|
|
}
|
|
|
|
func (p *PGSQLProvider) migrateDatabase() error {
|
|
dbVersion, err := sqlCommonGetDatabaseVersion(p.dbHandle, true)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
switch version := dbVersion.Version; {
|
|
case version == sqlDatabaseVersion:
|
|
providerLog(logger.LevelDebug, "sql database is up to date, current version: %v", version)
|
|
return ErrNoInitRequired
|
|
case version < 15:
|
|
err = fmt.Errorf("database version %v is too old, please see the upgrading docs", version)
|
|
providerLog(logger.LevelError, "%v", err)
|
|
logger.ErrorToConsole("%v", err)
|
|
return err
|
|
case version == 15:
|
|
return updatePGSQLDatabaseFromV15(p.dbHandle)
|
|
default:
|
|
if version > sqlDatabaseVersion {
|
|
providerLog(logger.LevelError, "database version %v is newer than the supported one: %v", version,
|
|
sqlDatabaseVersion)
|
|
logger.WarnToConsole("database version %v is newer than the supported one: %v", version,
|
|
sqlDatabaseVersion)
|
|
return nil
|
|
}
|
|
return fmt.Errorf("database version not handled: %v", version)
|
|
}
|
|
}
|
|
|
|
func (p *PGSQLProvider) revertDatabase(targetVersion int) error {
|
|
dbVersion, err := sqlCommonGetDatabaseVersion(p.dbHandle, true)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if dbVersion.Version == targetVersion {
|
|
return errors.New("current version match target version, nothing to do")
|
|
}
|
|
|
|
switch dbVersion.Version {
|
|
case 16:
|
|
return downgradePGSQLDatabaseFromV16(p.dbHandle)
|
|
default:
|
|
return fmt.Errorf("database version not handled: %v", dbVersion.Version)
|
|
}
|
|
}
|
|
|
|
func (p *PGSQLProvider) resetDatabase() error {
|
|
sql := strings.ReplaceAll(pgsqlResetSQL, "{{schema_version}}", sqlTableSchemaVersion)
|
|
sql = strings.ReplaceAll(sql, "{{admins}}", sqlTableAdmins)
|
|
sql = strings.ReplaceAll(sql, "{{folders}}", sqlTableFolders)
|
|
sql = strings.ReplaceAll(sql, "{{users}}", sqlTableUsers)
|
|
sql = strings.ReplaceAll(sql, "{{folders_mapping}}", sqlTableFoldersMapping)
|
|
sql = strings.ReplaceAll(sql, "{{api_keys}}", sqlTableAPIKeys)
|
|
sql = strings.ReplaceAll(sql, "{{shares}}", sqlTableShares)
|
|
sql = strings.ReplaceAll(sql, "{{defender_events}}", sqlTableDefenderEvents)
|
|
sql = strings.ReplaceAll(sql, "{{defender_hosts}}", sqlTableDefenderHosts)
|
|
sql = strings.ReplaceAll(sql, "{{active_transfers}}", sqlTableActiveTransfers)
|
|
return sqlCommonExecSQLAndUpdateDBVersion(p.dbHandle, []string{sql}, 0)
|
|
}
|
|
|
|
func updatePGSQLDatabaseFromV15(dbHandle *sql.DB) error {
|
|
return updatePGSQLDatabaseFrom15To16(dbHandle)
|
|
}
|
|
|
|
func downgradePGSQLDatabaseFromV16(dbHandle *sql.DB) error {
|
|
return downgradePGSQLDatabaseFrom16To15(dbHandle)
|
|
}
|
|
|
|
func updatePGSQLDatabaseFrom15To16(dbHandle *sql.DB) error {
|
|
logger.InfoToConsole("updating database version: 15 -> 16")
|
|
providerLog(logger.LevelInfo, "updating database version: 15 -> 16")
|
|
sql := strings.ReplaceAll(pgsqlV16SQL, "{{users}}", sqlTableUsers)
|
|
sql = strings.ReplaceAll(sql, "{{active_transfers}}", sqlTableActiveTransfers)
|
|
sql = strings.ReplaceAll(sql, "{{prefix}}", config.SQLTablesPrefix)
|
|
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 16)
|
|
}
|
|
|
|
func downgradePGSQLDatabaseFrom16To15(dbHandle *sql.DB) error {
|
|
logger.InfoToConsole("downgrading database version: 16 -> 15")
|
|
providerLog(logger.LevelInfo, "downgrading database version: 16 -> 15")
|
|
sql := strings.ReplaceAll(pgsqlV16DownSQL, "{{users}}", sqlTableUsers)
|
|
sql = strings.ReplaceAll(sql, "{{active_transfers}}", sqlTableActiveTransfers)
|
|
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 15)
|
|
}
|