/**
* Outputs DDL for differences in functions
*
* @param $ofs1 stage1 output pointer
* @param $ofs3 stage3 output pointer
* @param $old_schema original schema
* @param $new_schema new schema
*/
public static function diff_functions($ofs1, $ofs3, $old_schema, $new_schema)
{
// drop functions that no longer exist in stage 3
if ($old_schema != null) {
foreach (dbx::get_functions($old_schema) as $old_function) {
if (!pgsql8_schema::contains_function($new_schema, pgsql8_function::get_declaration($new_schema, $old_function, FALSE))) {
$ofs3->write(pgsql8_function::get_drop_sql($old_schema, $old_function) . "\n");
}
}
}
// Add new functions and replace modified functions
foreach (dbx::get_functions($new_schema) as $new_function) {
$old_function = null;
if ($old_schema != null) {
$old_function = dbx::get_function($old_schema, $new_function['name'], pgsql8_function::get_declaration($new_schema, $new_function));
}
if ($old_function == null || !pgsql8_function::equals($new_schema, $new_function, $old_function, pgsql8_diff::$ignore_function_whitespace)) {
$ofs1->write(pgsql8_function::get_creation_sql($new_schema, $new_function) . "\n");
} else {
if (isset($new_function['forceRedefine']) && strcasecmp($new_function['forceRedefine'], 'true') == 0) {
$ofs1->write("-- DBSteward insists on function recreation: " . $new_schema['name'] . "." . $new_function['name'] . " has forceRedefine set to true\n");
$ofs1->write(pgsql8_function::get_creation_sql($new_schema, $new_function) . "\n");
} else {
if (pgsql8_schema::contains_type($new_schema, $new_function['returns']) && pgsql8_schema::contains_type($old_schema, $new_function['returns']) && !pgsql8_type::equals(dbx::get_type($old_schema, $new_function['returns']), dbx::get_type($new_schema, $new_function['returns']))) {
$ofs1->write("-- Force function re-creation " . $new_function['name'] . " for type: " . $new_function['returns'] . "\n");
$ofs1->write(pgsql8_function::get_creation_sql($new_schema, $new_function) . "\n");
}
}
}
}
}
protected static function update_permissions($ofs1, $ofs3)
{
foreach (dbx::get_schemas(dbsteward::$new_database) as $new_schema) {
pgsql8::set_context_replica_set_id($new_schema);
$old_schema = dbx::get_schema(dbsteward::$old_database, $new_schema['name']);
foreach (dbx::get_permissions($new_schema) as $new_permission) {
if ($old_schema == null || !pgsql8_permission::has_permission($old_schema, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_schema, $new_permission) . "\n");
}
}
foreach (dbx::get_tables($new_schema) as $new_table) {
pgsql8::set_context_replica_set_id($new_table);
$old_table = null;
if ($old_schema != null) {
$old_table = dbx::get_table($old_schema, $new_table['name']);
}
if (!dbsteward::$ignore_oldnames && pgsql8_diff_tables::is_renamed_table($new_schema, $new_table)) {
// oldTableName renamed table ? skip permission diffing on it, it is the same
continue;
}
foreach (dbx::get_permissions($new_table) as $new_permission) {
if ($old_table == null || !pgsql8_permission::has_permission($old_table, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_table, $new_permission) . "\n");
}
}
}
foreach (dbx::get_sequences($new_schema) as $new_sequence) {
$old_sequence = null;
if ($old_schema != null) {
$old_sequence = dbx::get_sequence($old_schema, $new_sequence['name']);
}
foreach (dbx::get_permissions($new_sequence) as $new_permission) {
if ($old_sequence == null || !pgsql8_permission::has_permission($old_sequence, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_sequence, $new_permission) . "\n");
}
}
}
foreach (dbx::get_functions($new_schema) as $new_function) {
$old_function = null;
if ($old_schema != null) {
$old_function = dbx::get_function($old_schema, $new_function['name'], pgsql8_function::get_declaration($new_schema, $new_function));
}
foreach (dbx::get_permissions($new_function) as $new_permission) {
if ($old_function == null || !pgsql8_permission::has_permission($old_function, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_function, $new_permission) . "\n");
}
}
}
foreach (dbx::get_views($new_schema) as $new_view) {
$old_view = NULL;
if ($old_schema != NULL) {
$old_view = dbx::get_view($old_schema, $new_view['name']);
}
foreach (dbx::get_permissions($new_view) as $new_permission) {
// if always_recreate_views flag is on, always grant all view permissions, as the view was recreated
if (dbsteward::$always_recreate_views || $old_view == NULL || !pgsql8_permission::has_permission($old_view, $new_permission) || pgsql8_diff_views::is_view_modified($old_view, $new_view)) {
// view permissions are in schema stage 3 file because views are (re)created in that stage for SELECT * expansion
$ofs3->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_view, $new_permission) . "\n");
}
}
}
}
}
public static function equals($node_schema_a, $node_function_a, $node_function_b, $ignore_function_whitespace)
{
if (strcasecmp($node_function_a['name'], $node_function_b['name']) != 0) {
return false;
}
$a_definition = pgsql8_function::get_definition($node_function_a);
$b_definition = pgsql8_function::get_definition($node_function_b);
if ($ignore_function_whitespace) {
$a_definition = preg_replace("/\\s+/", " ", $a_definition);
$b_definition = preg_replace("/\\s+/", " ", $b_definition);
}
$db_doc = $node_schema_a->xpath('..');
$a_owner = xml_parser::role_enum($db_doc[0], $node_function_a['owner']);
$b_owner = xml_parser::role_enum($db_doc[0], $node_function_b['owner']);
$equals = strcasecmp(pgsql8_function::get_declaration($node_schema_a, $node_function_a), pgsql8_function::get_declaration($node_schema_a, $node_function_b)) == 0 && strcasecmp($a_definition, $b_definition) == 0 && strcasecmp($a_owner, $b_owner) == 0 && strcasecmp($node_function_a['type'], $node_function_b['type']) == 0;
return $equals;
}
public static function &get_function(&$node_schema, $name, $declaration = NULL, $create_if_not_exist = FALSE)
{
$node_function = NULL;
$nodes = $node_schema->xpath("function[@name='" . $name . "']");
// filter out versions of functon in languages that are not relevant to the current format being processed
$filtered_nodes = array();
foreach ($nodes as $node) {
if (format_function::has_definition($node)) {
$filtered_nodes[] = $node;
}
}
$nodes = $filtered_nodes;
// TODO: this logic is buggy and needs fixed
if (count($nodes) == 0) {
if ($create_if_not_exist) {
// function not found, caller wants the function created in the db
$node_function = $node_schema->addChild('function');
$node_function->addAttribute('name', $name);
}
} else {
if (count($nodes) > 1) {
if (strlen($declaration) == 0) {
throw new exception("more than one match for function " . $name . " and declaration is blank");
}
foreach ($nodes as $node) {
if (strcasecmp(pgsql8_function::get_declaration($node_schema, $node), $declaration) == 0) {
if ($node_function == NULL) {
$node_function = $node;
} else {
throw new exception("more than one function match " . $name . " matches passed declaration: " . $declaration);
}
}
}
if ($node_function == NULL) {
//@DEBUG: use this to make sure function declaration comparisons are working properly
dbsteward::warning("NOTICE: no functions named " . $name . " match passed declaration: " . $declaration);
}
} else {
$node_function = $nodes[0];
}
}
return $node_function;
}
public function testFunctionNameQuoting()
{
$xml = <<<XML
<dbsteward>
<schema name="test">
<table name="test1">
<column name="col1" type="int" />
</table>
<function name="testfunc" returns="int" owner="ROLE_OWNER" cachePolicy="VOLATILE" description="test function">
<functionParameter name="test_id" type="int" />
<functionDefinition language="plpgsql" sqlFormat="pgsql8">
BEGIN
RETURN test_id;
END;
</functionDefinition>
</function>
</schema>
</dbsteward>
XML;
$db_doc = simplexml_load_string($xml);
$fxn_sql = pgsql8_function::get_declaration($db_doc->schema, $db_doc->schema->function);
$expected = '"test"."testfunc"(test_id int)';
$this->assertEquals($expected, $fxn_sql);
}
public static function get_sql($db_doc, $node_schema, $node_object, $node_permission)
{
format::set_context_replica_set_id($node_object);
$perms = pgsql8_permission::get_permission_operations($node_permission);
$roles = preg_split(dbsteward::PATTERN_SPLIT_ROLE, $node_permission['role'], -1, PREG_SPLIT_NO_EMPTY);
$object_type = strtoupper($node_object->getName());
switch ($object_type) {
case 'SCHEMA':
$object_name = pgsql8::get_quoted_schema_name($node_schema['name']);
break;
case 'SEQUENCE':
case 'TABLE':
case 'VIEW':
$object_name = pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($node_object['name']);
break;
case 'FUNCTION':
$object_name = pgsql8_function::get_declaration($node_schema, $node_object);
break;
default:
throw new exception("unknown object type encountered: " . $object_type);
}
$sql = '';
for ($j = 0; $j < count($roles); $j++) {
$with = '';
if (isset($node_permission['with']) && strlen($node_permission['with']) > 0) {
$with = "WITH " . $node_permission['with'] . " OPTION";
}
if (strcasecmp($object_type, 'VIEW') == 0) {
// postgresql doesn't want you to name the view keyword when you grant rights to views
$pg_object_type = '';
} else {
$pg_object_type = $object_type;
}
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement(strtoupper($node_permission->getName()), implode(', ', $perms), $pg_object_type, $object_name, xml_parser::role_enum($db_doc, $roles[$j]), $with);
// SCHEMA IMPLICIT GRANTS
if (strcasecmp($object_type, 'SCHEMA') == 0) {
// READYONLY USER PROVISION: grant usage on the schema for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'USAGE', 'SCHEMA', pgsql8::get_quoted_schema_name($node_schema['name']), $db_doc->database->role->readonly);
}
}
// SEQUENCE IMPLICIT GRANTS
if (strcasecmp($object_type, 'SEQUENCE') == 0) {
// READYONLY USER PROVISION: generate a SELECT on the sequence for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'SELECT', 'SEQUENCE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($node_object['name']), $db_doc->database->role->readonly);
}
}
// TABLE IMPLICIT GRANTS
if (strcasecmp($object_type, 'TABLE') == 0) {
// READYONLY USER PROVISION: grant select on the table for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'SELECT', 'TABLE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($node_object['name']), $db_doc->database->role->readonly);
}
// don't need to grant cascaded serial permissions to the table owner
if (strcasecmp('ROLE_OWNER', $roles[$j]) == 0) {
continue;
}
// set serial columns permissions based on table permissions
foreach ($node_object->column as $column) {
if (preg_match(pgsql8::PATTERN_TABLE_LINKED_TYPES, $column['type']) > 0) {
$col_sequence = pgsql8::identifier_name($node_schema['name'], $node_object['name'], $column['name'], '_seq');
$seq_priv = array();
// if you can SELECT, INSERT or UPDATE the table, you can SELECT on the sequence
if (in_array('SELECT', $perms) || in_array('INSERT', $perms) || in_array('UPDATE', $perms)) {
$seq_priv[] = 'SELECT';
}
// if you can INSERT or UPDATE the table, you can UPDATE the sequence
if (in_array('INSERT', $perms) || in_array('UPDATE', $perms)) {
$seq_priv[] = 'UPDATE';
}
// if you only have USAGE or SELECT
// then seq_priv is empty, and no grant should be issued
if (count($seq_priv) > 0) {
$with = '';
if (isset($node_permission['with']) && strlen($node_permission['with']) > 0) {
$with = "WITH " . $node_permission['with'] . " OPTION";
}
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', implode(',', $seq_priv), 'SEQUENCE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($col_sequence), xml_parser::role_enum($db_doc, $roles[$j]), $with);
}
// READYONLY USER PROVISION: grant implicit select on the sequence for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'SELECT', 'SEQUENCE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($col_sequence), $db_doc->database->role->readonly);
}
}
}
}
}
return $sql;
}
