//SPDX-FileCopyrightText: 2023 Yury Gubich //SPDX-License-Identifier: GPL-3.0-or-later #include "mysql.h" #include #include #include "mysqld_error.h" #include "statement.h" #include "transaction.h" #include "database/exceptions.h" constexpr const char* versionQuery = "SELECT value FROM system WHERE `key` = 'version'"; constexpr const char* updateQuery = "UPDATE system SET `value` = ? WHERE `key` = 'version'"; constexpr const char* registerQuery = "INSERT INTO accounts (`login`, `type`, `password`) VALUES (?, 1, ?)"; constexpr const char* lastIdQuery = "SELECT LAST_INSERT_ID() AS id"; constexpr const char* assignRoleQuery = "INSERT INTO roleBindings (`account`, `role`) SELECT ?, roles.id FROM roles WHERE roles.name = ?"; constexpr const char* selectHash = "SELECT password FROM accounts where login = ?"; constexpr const char* createSessionQuery = "INSERT INTO sessions (`owner`, `access`, `renew`, `persist`, `device`)" " SELECT accounts.id, ?, ?, true, ? FROM accounts WHERE accounts.login = ?" " RETURNING id, owner"; constexpr const char* selectSession = "SELECT id, owner, renew FROM sessions where access = ?"; constexpr const char* selectAssets = "SELECT id, owner, currency, title, icon, archived FROM assets where owner = ?"; static const std::filesystem::path buildSQLPath = "database"; DB::MySQL::MySQL(): Interface(Type::mysql), connection(), login(), password(), database() { mysql_init(&connection); } DB::MySQL::~MySQL() { mysql_close(&connection); } void DB::MySQL::connect(const std::string& path) { if (state != State::disconnected) return; MYSQL* con = &connection; MYSQL* res = mysql_real_connect( con, NULL, login.c_str(), password.c_str(), database.empty() ? NULL : database.c_str(), 0, path.c_str(), 0 ); if (res != con) throw std::runtime_error(std::string("Error changing connecting: ") + mysql_error(con)); state = State::connected; } void DB::MySQL::setCredentials(const std::string& login, const std::string& password) { if (MySQL::login == login && MySQL::password == password) return; MySQL::login = login; MySQL::password = password; if (state == State::disconnected) return; MYSQL* con = &connection; int result = mysql_change_user( con, login.c_str(), password.c_str(), database.empty() ? NULL : database.c_str() ); if (result != 0) throw std::runtime_error(std::string("Error changing credetials: ") + mysql_error(con)); } void DB::MySQL::setDatabase(const std::string& database) { if (MySQL::database == database) return; MySQL::database = database; if (state == State::disconnected) return; MYSQL* con = &connection; int result = mysql_select_db(con, database.c_str()); if (result != 0) throw std::runtime_error(std::string("Error changing db: ") + mysql_error(con)); } void DB::MySQL::disconnect() { if (state == State::disconnected) return; MYSQL* con = &connection; mysql_close(con); mysql_init(con); //this is ridiculous! } void DB::MySQL::executeFile(const std::filesystem::path& relativePath) { MYSQL* con = &connection; std::filesystem::path path = sharedPath() / relativePath; if (!std::filesystem::exists(path)) throw std::runtime_error("Error executing file " + std::filesystem::absolute(path).string() + ": file doesn't exist"); std::cout << "Executing file " << path << std::endl; std::ifstream inputFile(path); std::string query; while (std::getline(inputFile, query, ';')) { std::optional comment = getComment(query); while (comment) { std::cout << '\t' << comment.value() << std::endl; comment = getComment(query); } if (query.empty()) continue; int result = mysql_query(con, query.c_str()); if (result != 0) { int errcode = mysql_errno(con); if (errcode == ER_EMPTY_QUERY) continue; throw std::runtime_error("Error executing file " + path.string() + ": " + mysql_error(con)); } } } uint8_t DB::MySQL::getVersion() { MYSQL* con = &connection; int result = mysql_query(con, versionQuery); if (result != 0) { unsigned int errcode = mysql_errno(con); if (errcode == ER_NO_SUCH_TABLE) return 0; throw std::runtime_error(std::string("Error executing retreiving version: ") + mysql_error(con)); } std::unique_ptr res(mysql_store_result(con)); if (!res) throw std::runtime_error(std::string("Querying version returned no result: ") + mysql_error(con)); MYSQL_ROW row = mysql_fetch_row(res.get()); if (row) return std::stoi(row[0]); else return 0; } void DB::MySQL::setVersion(uint8_t version) { std::string strVersion = std::to_string(version); Statement statement(&connection, updateQuery); statement.bind(strVersion.data(), MYSQL_TYPE_VAR_STRING); statement.execute(); } void DB::MySQL::migrate(uint8_t targetVersion) { uint8_t currentVersion = getVersion(); while (currentVersion < targetVersion) { if (currentVersion == 255) throw std::runtime_error("Maximum possible database version reached"); uint8_t nextVersion = currentVersion + 1; std::string fileName = "migrations/m" + std::to_string(currentVersion) + ".sql"; std::cout << "Performing migration " << std::to_string(currentVersion) << " -> " << std::to_string(nextVersion) << std::endl; executeFile(fileName); setVersion(nextVersion); currentVersion = nextVersion; } std::cout << "Database is now on actual version " << std::to_string(targetVersion) << std::endl; } std::optional DB::MySQL::getComment(std::string& string) { ltrim(string); if (string.length() < 2) return std::nullopt; if (string[0] == '-') { if (string[1] == '-') { string.erase(0, 2); std::string::size_type eol = string.find('\n'); return extract(string, 0, eol); } } else if (string[0] == '/') { if (string[1] == '*') { string.erase(0, 2); std::string::size_type end = 0; do { end = string.find(end, '*'); } while (end != std::string::npos && end < string.size() - 1 && string[end + 1] == '/'); if (end < string.size() - 1) end = std::string::npos; return extract(string, 0, end); } } return std::nullopt; } unsigned int DB::MySQL::registerAccount(const std::string& login, const std::string& hash) { //TODO validate filed lengths! MYSQL* con = &connection; MySQL::Transaction txn(con); Statement addAcc(con, registerQuery); std::string l = login; //I hate copying just to please this horible API std::string h = hash; addAcc.bind(l.data(), MYSQL_TYPE_STRING); addAcc.bind(h.data(), MYSQL_TYPE_STRING); try { addAcc.execute(); } catch (const Duplicate& dup) { throw DuplicateLogin(dup.what()); } unsigned int id = lastInsertedId(); static std::string defaultRole("default"); Statement addRole(con, assignRoleQuery); addRole.bind(&id, MYSQL_TYPE_LONG, true); addRole.bind(defaultRole.data(), MYSQL_TYPE_STRING); addRole.execute(); txn.commit(); return id; } std::string DB::MySQL::getAccountHash(const std::string& login) { std::string l = login; MYSQL* con = &connection; Statement getHash(con, selectHash); getHash.bind(l.data(), MYSQL_TYPE_STRING); getHash.execute(); std::vector> result = getHash.fetchResult(); if (result.empty()) throw NoLogin("Couldn't find login " + l); if (result[0].empty()) throw std::runtime_error("Error with the query \"selectHash\""); return std::any_cast(result[0][0]); } DB::Session DB::MySQL::createSession(const std::string& login, const std::string& access, const std::string& renew) { std::string l = login; DB::Session res; res.accessToken = access; res.renewToken = renew; static std::string testingDevice("Testing..."); MYSQL* con = &connection; Statement session(con, createSessionQuery); session.bind(res.accessToken.data(), MYSQL_TYPE_STRING); session.bind(res.renewToken.data(), MYSQL_TYPE_STRING); session.bind(testingDevice.data(), MYSQL_TYPE_STRING); session.bind(l.data(), MYSQL_TYPE_STRING); session.execute(); std::vector> result = session.fetchResult(); if (result.empty()) throw std::runtime_error("Error returning ids after insertion in sessions table"); res.id = std::any_cast(result[0][0]); res.owner = std::any_cast(result[0][1]); return res; } unsigned int DB::MySQL::lastInsertedId() { MYSQL* con = &connection; int result = mysql_query(con, lastIdQuery); if (result != 0) throw std::runtime_error(std::string("Error executing last inserted id: ") + mysql_error(con)); std::unique_ptr res(mysql_store_result(con)); if (!res) throw std::runtime_error(std::string("Querying last inserted id returned no result: ") + mysql_error(con)); MYSQL_ROW row = mysql_fetch_row(res.get()); if (row) return std::stoi(row[0]); else throw std::runtime_error(std::string("Querying last inserted id returned no rows")); } DB::Session DB::MySQL::findSession(const std::string& accessToken) { std::string a = accessToken; MYSQL* con = &connection; Statement session(con, selectSession); session.bind(a.data(), MYSQL_TYPE_STRING); session.execute(); std::vector> result = session.fetchResult(); if (result.empty()) throw NoSession("Couldn't find session with token " + a); DB::Session res; res.id = std::any_cast(result[0][0]); res.owner = std::any_cast(result[0][1]); res.renewToken = std::any_cast(result[0][2]); res.accessToken = a; return res; } std::vector DB::MySQL::listAssets(unsigned int owner) { MYSQL* con = &connection; Statement st(con, selectSession); st.bind(&owner, MYSQL_TYPE_LONG, true); st.execute(); std::vector> res = st.fetchResult(); std::size_t size = res.size(); std::vector result(size); for (std::size_t i = 0; i < size; ++i) { const std::vector& proto = res[i]; DB::Asset& asset = result[i]; asset.id = std::any_cast(proto[0]); asset.owner = std::any_cast(proto[1]); asset.currency = std::any_cast(proto[2]); asset.title = std::any_cast(proto[3]); asset.icon = std::any_cast(proto[4]); asset.archived = std::any_cast(proto[5]); //TODO } return result; }