509 lines
17 KiB
C++
509 lines
17 KiB
C++
//SPDX-FileCopyrightText: 2023 Yury Gubich <blue@macaw.me>
|
|
//SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
#include "mysql.h"
|
|
|
|
#include <fstream>
|
|
#include <iostream>
|
|
#include <chrono>
|
|
|
|
#include "mysqld_error.h"
|
|
|
|
#include "statement.h"
|
|
#include "transaction.h"
|
|
#include "database/exceptions.h"
|
|
|
|
constexpr const char* versionQuery = "SELECT value FROM system WHERE `key` = 'version'";
|
|
constexpr const char* updateQuery = "UPDATE system SET `value` = ? WHERE `key` = 'version'";
|
|
constexpr const char* registerQuery = "INSERT INTO accounts (`login`, `type`, `password`) VALUES (?, 1, ?)";
|
|
constexpr const char* lastIdQuery = "SELECT LAST_INSERT_ID() AS id";
|
|
constexpr const char* assignRoleQuery = "INSERT INTO roleBindings (`account`, `role`) SELECT ?, roles.id FROM roles WHERE roles.name = ?";
|
|
constexpr const char* selectHash = "SELECT password FROM accounts where login = ?";
|
|
constexpr const char* createSessionQuery = "INSERT INTO sessions (`owner`, `access`, `renew`, `persist`, `device`)"
|
|
" SELECT accounts.id, ?, ?, true, ? FROM accounts WHERE accounts.login = ?"
|
|
" RETURNING id, owner";
|
|
constexpr const char* selectSession = "SELECT id, owner, access, renew FROM sessions where access = ?";
|
|
constexpr const char* selectAssets = "SELECT id, owner, currency, title, icon, color, archived FROM assets where owner = ?";
|
|
constexpr const char* insertAsset = "INSERT INTO assets (`owner`, `currency`, `title`, `icon`, `color`, `archived`, `type`)"
|
|
" VALUES (?, ?, ?, ?, ?, ?, 1)";
|
|
constexpr const char* updateAssetQuery = "UPDATE assets SET `owner` = ?, `currency` = ?, `title` = ?, `icon` = ?, `color` = ?, `archived` = ?"
|
|
" WHERE `id` = ?";
|
|
constexpr const char* removeAsset = "DELETE FROM assets where `id` = ? AND `owner` = ?";
|
|
constexpr const char* selectUsedCurrencies = "SELECT DISTINCT c.id, c.code, c.title, c.manual, c.icon FROM currencies c"
|
|
" JOIN assets a ON c.id = a.currency"
|
|
" WHERE a.owner = ?";
|
|
constexpr const char* addTransactionQuery = "INSERT INTO transactions"
|
|
" (`initiator`, `type`, `asset`, `parent`, `value`, `performed`)"
|
|
" VALUES (?, 1, ?, ?, ?, ?)";
|
|
constexpr const char* updateTransactionQuery = "UPDATE transactions SET"
|
|
" `initiator` = ?, `type` = 1, `asset` = ?,"
|
|
" `parent` = ?, `value` = ?, `performed` = ?"
|
|
" WHERE `id` = ?";
|
|
constexpr const char* deleteTransactionQuery = "DELETE FROM transactions where (`id` = ? OR `parent` = ?) AND `initiator` = ?";
|
|
constexpr const char* selectAllTransactions = "WITH RECURSIVE AllTransactions AS ("
|
|
" SELECT t.id, t.initiator, t.asset, t.parent, t.value, t.modified, t.performed t.notes FROM transactions t"
|
|
" JOIN assets a ON t.asset = a.id"
|
|
" WHERE a.owner = ?"
|
|
" UNION ALL"
|
|
|
|
" SELECT t.id, t.initiator, t.asset, t.parent, t.value, t.modified, t.performed t.notes FROM transactions t"
|
|
" JOIN AllTransactions at ON t.id = at.parent)"
|
|
|
|
" SELECT DISTINCT id, initiator, asset, parent, value, modified, performed notes FROM AllTransactions"
|
|
" ORDER BY performed"
|
|
" LIMIT 100 OFFSET 0;";
|
|
|
|
|
|
static const std::filesystem::path buildSQLPath = "database";
|
|
|
|
DB::MySQL::MySQL ():
|
|
Interface(Type::mysql),
|
|
connection(),
|
|
login(),
|
|
password(),
|
|
database()
|
|
{
|
|
mysql_init(&connection);
|
|
}
|
|
|
|
DB::MySQL::~MySQL() {
|
|
mysql_close(&connection);
|
|
}
|
|
|
|
void DB::MySQL::connect (const std::string& path) {
|
|
if (state != State::disconnected)
|
|
return;
|
|
|
|
MYSQL* con = &connection;
|
|
MYSQL* res = mysql_real_connect(
|
|
con,
|
|
NULL,
|
|
login.c_str(),
|
|
password.c_str(),
|
|
database.empty() ? NULL : database.c_str(),
|
|
0,
|
|
path.c_str(),
|
|
0
|
|
);
|
|
|
|
if (res != con)
|
|
throw std::runtime_error(std::string("Error changing connecting: ") + mysql_error(con));
|
|
|
|
state = State::connected;
|
|
}
|
|
|
|
void DB::MySQL::setCredentials (const std::string& login, const std::string& password) {
|
|
if (MySQL::login == login && MySQL::password == password)
|
|
return;
|
|
|
|
MySQL::login = login;
|
|
MySQL::password = password;
|
|
|
|
if (state == State::disconnected)
|
|
return;
|
|
|
|
MYSQL* con = &connection;
|
|
int result = mysql_change_user(
|
|
con,
|
|
login.c_str(),
|
|
password.c_str(),
|
|
database.empty() ? NULL : database.c_str()
|
|
);
|
|
|
|
if (result != 0)
|
|
throw std::runtime_error(std::string("Error changing credetials: ") + mysql_error(con));
|
|
}
|
|
|
|
void DB::MySQL::setDatabase (const std::string& database) {
|
|
if (MySQL::database == database)
|
|
return;
|
|
|
|
MySQL::database = database;
|
|
|
|
if (state == State::disconnected)
|
|
return;
|
|
|
|
MYSQL* con = &connection;
|
|
int result = mysql_select_db(con, database.c_str());
|
|
|
|
if (result != 0)
|
|
throw std::runtime_error(std::string("Error changing db: ") + mysql_error(con));
|
|
}
|
|
|
|
void DB::MySQL::disconnect () {
|
|
if (state == State::disconnected)
|
|
return;
|
|
|
|
MYSQL* con = &connection;
|
|
mysql_close(con);
|
|
mysql_init(con); //this is ridiculous!
|
|
}
|
|
|
|
void DB::MySQL::executeFile (const std::filesystem::path& relativePath) {
|
|
MYSQL* con = &connection;
|
|
std::filesystem::path path = sharedPath() / relativePath;
|
|
if (!std::filesystem::exists(path))
|
|
throw std::runtime_error("Error executing file "
|
|
+ std::filesystem::absolute(path).string()
|
|
+ ": file doesn't exist");
|
|
|
|
std::cout << "Executing file " << path << std::endl;
|
|
std::ifstream inputFile(path);
|
|
std::string block, comment;
|
|
while (getBlock(inputFile, block, comment)) {
|
|
if (!comment.empty())
|
|
std::cout << '\t' << comment << std::endl;
|
|
|
|
if (block.empty())
|
|
continue;
|
|
|
|
int result = mysql_query(con, block.c_str());
|
|
if (result != 0) {
|
|
int errcode = mysql_errno(con);
|
|
if (errcode == ER_EMPTY_QUERY)
|
|
continue;
|
|
|
|
throw std::runtime_error("Error executing file " + path.string() + ": " + mysql_error(con));
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
bool DB::MySQL::getBlock(std::ifstream& file, std::string& block, std::string& name) {
|
|
if (file.eof())
|
|
return false;
|
|
|
|
block.clear();
|
|
name.clear();
|
|
|
|
if (file.peek() == '-') {
|
|
file.get();
|
|
if (file.peek() == '-') {
|
|
file.get();
|
|
std::getline(file, name);
|
|
} else {
|
|
file.unget();
|
|
}
|
|
}
|
|
std::string line;
|
|
while (!file.eof()) {
|
|
if (file.peek() == '-')
|
|
return true;
|
|
|
|
if (!std::getline(file, line))
|
|
break;
|
|
|
|
if (!block.empty())
|
|
block.append(1, '\n');
|
|
|
|
block += line;
|
|
}
|
|
|
|
return !block.empty() || !name.empty();
|
|
}
|
|
|
|
uint8_t DB::MySQL::getVersion () {
|
|
MYSQL* con = &connection;
|
|
int result = mysql_query(con, versionQuery);
|
|
|
|
if (result != 0) {
|
|
unsigned int errcode = mysql_errno(con);
|
|
if (errcode == ER_NO_SUCH_TABLE)
|
|
return 0;
|
|
|
|
throw std::runtime_error(std::string("Error executing retreiving version: ") + mysql_error(con));
|
|
}
|
|
|
|
std::unique_ptr<MYSQL_RES, ResDeleter> res(mysql_store_result(con));
|
|
if (!res)
|
|
throw std::runtime_error(std::string("Querying version returned no result: ") + mysql_error(con));
|
|
|
|
MYSQL_ROW row = mysql_fetch_row(res.get());
|
|
if (row)
|
|
return std::stoi(row[0]);
|
|
else
|
|
return 0;
|
|
}
|
|
|
|
void DB::MySQL::setVersion (uint8_t version) {
|
|
std::string strVersion = std::to_string(version);
|
|
Statement statement(&connection, updateQuery);
|
|
statement.bind(strVersion.data(), MYSQL_TYPE_VAR_STRING);
|
|
statement.execute();
|
|
}
|
|
|
|
void DB::MySQL::migrate (uint8_t targetVersion) {
|
|
uint8_t currentVersion = getVersion();
|
|
|
|
while (currentVersion < targetVersion) {
|
|
if (currentVersion == 255)
|
|
throw std::runtime_error("Maximum possible database version reached");
|
|
|
|
uint8_t nextVersion = currentVersion + 1;
|
|
std::string fileName = "migrations/m" + std::to_string(currentVersion) + ".sql";
|
|
std::cout << "Performing migration "
|
|
<< std::to_string(currentVersion)
|
|
<< " -> "
|
|
<< std::to_string(nextVersion)
|
|
<< std::endl;
|
|
executeFile(fileName);
|
|
setVersion(nextVersion);
|
|
currentVersion = nextVersion;
|
|
}
|
|
|
|
std::cout << "Database is now on actual version " << std::to_string(targetVersion) << std::endl;
|
|
}
|
|
|
|
uint32_t DB::MySQL::registerAccount (const std::string& login, const std::string& hash) {
|
|
//TODO validate filed lengths!
|
|
MYSQL* con = &connection;
|
|
MySQL::Transaction txn(con);
|
|
|
|
Statement addAcc(con, registerQuery);
|
|
|
|
std::string l = login; //I hate copying just to please this horible API
|
|
std::string h = hash;
|
|
addAcc.bind(l.data(), MYSQL_TYPE_STRING);
|
|
addAcc.bind(h.data(), MYSQL_TYPE_STRING);
|
|
try {
|
|
addAcc.execute();
|
|
} catch (const Duplicate& dup) {
|
|
throw DuplicateLogin(dup.what());
|
|
}
|
|
|
|
uint32_t id = lastInsertedId();
|
|
static std::string defaultRole("default");
|
|
|
|
Statement addRole(con, assignRoleQuery);
|
|
addRole.bind(&id, MYSQL_TYPE_LONG, true);
|
|
addRole.bind(defaultRole.data(), MYSQL_TYPE_STRING);
|
|
addRole.execute();
|
|
|
|
txn.commit();
|
|
return id;
|
|
}
|
|
|
|
std::string DB::MySQL::getAccountHash (const std::string& login) {
|
|
std::string l = login;
|
|
MYSQL* con = &connection;
|
|
|
|
Statement getHash(con, selectHash);
|
|
getHash.bind(l.data(), MYSQL_TYPE_STRING);
|
|
getHash.execute();
|
|
|
|
std::vector<std::vector<std::any>> result = getHash.fetchResult();
|
|
if (result.empty())
|
|
throw NoLogin("Couldn't find login " + l);
|
|
|
|
if (result[0].empty())
|
|
throw std::runtime_error("Error with the query \"selectHash\"");
|
|
|
|
return std::any_cast<const std::string&>(result[0][0]);
|
|
}
|
|
|
|
DB::Session DB::MySQL::createSession (const std::string& login, const std::string& access, const std::string& renew) {
|
|
std::string l = login;
|
|
DB::Session res;
|
|
res.accessToken = access;
|
|
res.renewToken = renew;
|
|
static std::string testingDevice("Testing...");
|
|
|
|
MYSQL* con = &connection;
|
|
|
|
Statement session(con, createSessionQuery);
|
|
session.bind(res.accessToken.data(), MYSQL_TYPE_STRING);
|
|
session.bind(res.renewToken.data(), MYSQL_TYPE_STRING);
|
|
session.bind(testingDevice.data(), MYSQL_TYPE_STRING);
|
|
session.bind(l.data(), MYSQL_TYPE_STRING);
|
|
session.execute();
|
|
|
|
std::vector<std::vector<std::any>> result = session.fetchResult();
|
|
if (result.empty())
|
|
throw std::runtime_error("Error returning ids after insertion in sessions table");
|
|
|
|
res.id = std::any_cast<uint32_t>(result[0][0]);
|
|
res.owner = std::any_cast<uint32_t>(result[0][1]);
|
|
|
|
return res;
|
|
}
|
|
|
|
uint32_t DB::MySQL::lastInsertedId () {
|
|
MYSQL* con = &connection;
|
|
int result = mysql_query(con, lastIdQuery);
|
|
|
|
if (result != 0)
|
|
throw std::runtime_error(std::string("Error executing last inserted id: ") + mysql_error(con));
|
|
|
|
std::unique_ptr<MYSQL_RES, ResDeleter> res(mysql_store_result(con));
|
|
if (!res)
|
|
throw std::runtime_error(std::string("Querying last inserted id returned no result: ") + mysql_error(con));
|
|
|
|
MYSQL_ROW row = mysql_fetch_row(res.get());
|
|
if (row)
|
|
return std::stoi(row[0]);
|
|
else
|
|
throw std::runtime_error(std::string("Querying last inserted id returned no rows"));
|
|
}
|
|
DB::Session DB::MySQL::findSession (const std::string& accessToken) {
|
|
std::string a = accessToken;
|
|
MYSQL* con = &connection;
|
|
|
|
Statement session(con, selectSession);
|
|
session.bind(a.data(), MYSQL_TYPE_STRING);
|
|
session.execute();
|
|
|
|
std::vector<std::vector<std::any>> result = session.fetchResult();
|
|
if (result.empty())
|
|
throw NoSession("Couldn't find session with token " + a);
|
|
|
|
return DB::Session(result[0]);
|
|
}
|
|
|
|
std::vector<DB::Asset> DB::MySQL::listAssets (uint32_t owner) {
|
|
MYSQL* con = &connection;
|
|
|
|
Statement st(con, selectAssets);
|
|
st.bind(&owner, MYSQL_TYPE_LONG, true);
|
|
st.execute();
|
|
std::vector<std::vector<std::any>> res = st.fetchResult();
|
|
|
|
std::size_t size = res.size();
|
|
std::vector<DB::Asset> result(size);
|
|
for (std::size_t i = 0; i < size; ++i)
|
|
result[i].parse(res[i]);
|
|
|
|
return result;
|
|
}
|
|
|
|
DB::Asset DB::MySQL::addAsset(const Asset& asset) {
|
|
MYSQL* con = &connection;
|
|
Asset result = asset;
|
|
|
|
Statement add(con, insertAsset);
|
|
add.bind(&result.owner, MYSQL_TYPE_LONG, true);
|
|
add.bind(&result.currency, MYSQL_TYPE_LONG, true);
|
|
add.bind(result.title.data(), MYSQL_TYPE_STRING);
|
|
add.bind(result.icon.data(), MYSQL_TYPE_STRING);
|
|
add.bind(&result.color, MYSQL_TYPE_LONG, true);
|
|
add.bind(&result.archived, MYSQL_TYPE_TINY);
|
|
add.execute();
|
|
|
|
result.id = lastInsertedId();
|
|
|
|
return result;
|
|
}
|
|
|
|
void DB::MySQL::updateAsset(const Asset& asset) {
|
|
MYSQL* con = &connection;
|
|
Asset result = asset;
|
|
|
|
Statement update(con, updateAssetQuery);
|
|
update.bind(&result.owner, MYSQL_TYPE_LONG, true);
|
|
update.bind(&result.currency, MYSQL_TYPE_LONG, true);
|
|
update.bind(result.title.data(), MYSQL_TYPE_STRING);
|
|
update.bind(result.icon.data(), MYSQL_TYPE_STRING);
|
|
update.bind(&result.color, MYSQL_TYPE_LONG, true);
|
|
update.bind(&result.archived, MYSQL_TYPE_TINY);
|
|
update.bind(&result.id, MYSQL_TYPE_LONG, true);
|
|
update.execute();
|
|
}
|
|
|
|
bool DB::MySQL::deleteAsset(uint32_t assetId, uint32_t actorId) {
|
|
Statement del(&connection, removeAsset);
|
|
del.bind(&assetId, MYSQL_TYPE_LONG, true);
|
|
del.bind(&actorId, MYSQL_TYPE_LONG, true);
|
|
del.execute();
|
|
|
|
if (del.affectedRows() == 0)
|
|
return false;
|
|
|
|
return true;
|
|
}
|
|
|
|
std::vector<DB::Currency> DB::MySQL::listUsedCurrencies(uint32_t owner) {
|
|
Statement list(&connection, selectUsedCurrencies);
|
|
list.bind(&owner, MYSQL_TYPE_LONG, true);
|
|
list.execute();
|
|
|
|
std::vector<std::vector<std::any>> res = list.fetchResult();
|
|
|
|
std::size_t size = res.size();
|
|
std::vector<DB::Currency> result(size);
|
|
for (std::size_t i = 0; i < size; ++i)
|
|
result[i].parse(res[i]);
|
|
|
|
return result;
|
|
}
|
|
|
|
DB::Transaction DB::MySQL::addTransaction(const DB::Transaction& transaction) {
|
|
MYSQL* con = &connection;
|
|
DB::Transaction result = transaction;
|
|
|
|
std::string value = std::to_string(result.value);
|
|
|
|
Statement add(con, addTransactionQuery);
|
|
add.bind(&result.initiator, MYSQL_TYPE_LONG, true);
|
|
add.bind(&result.asset, MYSQL_TYPE_LONG, true);
|
|
add.bind(&result.parent, MYSQL_TYPE_LONG, true);
|
|
add.bind(value.data(), MYSQL_TYPE_STRING);
|
|
add.bind(&result.performed, MYSQL_TYPE_LONG, true);
|
|
add.execute();
|
|
|
|
result.id = lastInsertedId();
|
|
std::chrono::time_point currently = std::chrono::time_point_cast<std::chrono::seconds>(
|
|
std::chrono::system_clock::now()
|
|
);
|
|
result.modified = currently.time_since_epoch().count();
|
|
//todo actual value which could have changed after insertion
|
|
|
|
return result;
|
|
}
|
|
|
|
void DB::MySQL::updateTransaction(const DB::Transaction& transaction) {
|
|
MYSQL* con = &connection;
|
|
DB::Transaction result = transaction;
|
|
|
|
std::string value = std::to_string(result.value);
|
|
|
|
Statement upd(con, updateTransactionQuery);
|
|
upd.bind(&result.initiator, MYSQL_TYPE_LONG, true);
|
|
upd.bind(&result.asset, MYSQL_TYPE_LONG, true);
|
|
upd.bind(&result.parent, MYSQL_TYPE_LONG, true);
|
|
upd.bind(value.data(), MYSQL_TYPE_STRING);
|
|
upd.bind(&result.performed, MYSQL_TYPE_LONG, true);
|
|
upd.bind(&result.id, MYSQL_TYPE_LONG, true);
|
|
upd.execute();
|
|
}
|
|
|
|
bool DB::MySQL::deleteTransaction(uint32_t id, uint32_t actorId) {
|
|
MYSQL* con = &connection;
|
|
|
|
Statement del(con, deleteTransactionQuery);
|
|
del.bind(&id, MYSQL_TYPE_LONG, true); //for actual transactions
|
|
del.bind(&id, MYSQL_TYPE_LONG, true); //for potential children
|
|
del.bind(&actorId, MYSQL_TYPE_LONG, true); //for preventing unauthorized removal, but it needs to be improved
|
|
del.execute(); //need to think of a parent with no children transactions...
|
|
|
|
if (del.affectedRows() == 0)
|
|
return false;
|
|
|
|
return true;
|
|
}
|
|
|
|
std::vector<DB::Transaction> DB::MySQL::listTransactions(uint32_t owner) {
|
|
MYSQL* con = &connection;
|
|
|
|
Statement get(con, selectAllTransactions);
|
|
get.bind(&owner, MYSQL_TYPE_LONG, true);
|
|
get.execute();
|
|
|
|
std::vector<std::vector<std::any>> res = get.fetchResult();
|
|
std::size_t size = res.size();
|
|
|
|
std::vector<DB::Transaction> result(size);
|
|
for (std::size_t i = 0; i < size; ++i)
|
|
result[i].parse(res[i]);
|
|
|
|
return result;
|
|
}
|