archive/nextcloud_server
0
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2025-02-15 21:47:57 +00:00
Code Issues Projects Releases Wiki Activity
nextcloud_server/core/Migrations/Version31000Date20240101084401.php
Maxence Lange 4591430c9c feat(ocm): signing ocm requests 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2024-12-04 09:30:55 -01:00

135 lines
3.7 KiB
PHP
Raw Permalink Blame History

<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OC\Core\Migrations;
use Closure;
use OCP\DB\ISchemaWrapper;
use OCP\DB\Types;
use OCP\Migration\Attributes\AddIndex;
use OCP\Migration\Attributes\CreateTable;
use OCP\Migration\Attributes\IndexType;
use OCP\Migration\IOutput;
use OCP\Migration\SimpleMigrationStep;
/**
* @since 31.0.0
*/
#[CreateTable(
table: 'sec_signatory',
columns: ['id', 'key_id_sum', 'key_id', 'host', 'provider_id', 'account', 'public_key', 'metadata', 'type', 'status', 'creation', 'last_updated'],
description: 'new table to store remove public/private key pairs'
)]
#[AddIndex(
table: 'sec_signatory',
type: IndexType::PRIMARY
)]
#[AddIndex(
table: 'sec_signatory',
type: IndexType::UNIQUE,
description: 'confirm uniqueness per host, provider and account'
)]
#[AddIndex(
table: 'sec_signatory',
type: IndexType::INDEX,
description: 'to search on key and provider'
)]
class Version31000Date20240101084401 extends SimpleMigrationStep {
public function description(): string {
return "creating new table 'sec_signatory' to store remote signatories";
}
public function name(): string {
return 'create sec_signatory';
}
/**
* @param IOutput $output
* @param Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper`
* @param array $options
* @return null|ISchemaWrapper
*/
public function changeSchema(IOutput $output, Closure $schemaClosure, array $options): ?ISchemaWrapper {
/** @var ISchemaWrapper $schema */
$schema = $schemaClosure();
if (!$schema->hasTable('sec_signatory')) {
$table = $schema->createTable('sec_signatory');
$table->addColumn('id', Types::BIGINT, [
'notnull' => true,
'length' => 64,
'autoincrement' => true,
'unsigned' => true,
]);
// key_id_sum will store a hash version of the key_id, more appropriate for search/index
$table->addColumn('key_id_sum', Types::STRING, [
'notnull' => true,
'length' => 127,
]);
$table->addColumn('key_id', Types::STRING, [
'notnull' => true,
'length' => 512
]);
// host/provider_id/account will help generate a unique entry, not based on key_id
// this way, a spoofed instance cannot publish a new key_id for same host+provider_id
// account will be used only to stored multiple keys for the same provider_id/host
$table->addColumn('host', Types::STRING, [
'notnull' => true,
'length' => 512
]);
$table->addColumn('provider_id', Types::STRING, [
'notnull' => true,
'length' => 31,
]);
$table->addColumn('account', Types::STRING, [
'notnull' => false,
'length' => 127,
'default' => ''
]);
$table->addColumn('public_key', Types::TEXT, [
'notnull' => true,
'default' => ''
]);
$table->addColumn('metadata', Types::TEXT, [
'notnull' => true,
'default' => '[]'
]);
// type+status are informative about the trustability of remote instance and status of the signatory
$table->addColumn('type', Types::SMALLINT, [
'notnull' => true,
'length' => 2,
'default' => 9
]);
$table->addColumn('status', Types::SMALLINT, [
'notnull' => true,
'length' => 2,
'default' => 0,
]);
$table->addColumn('creation', Types::INTEGER, [
'notnull' => false,
'length' => 4,
'default' => 0,
'unsigned' => true,
]);
$table->addColumn('last_updated', Types::INTEGER, [
'notnull' => false,
'length' => 4,
'default' => 0,
'unsigned' => true,
]);
$table->setPrimaryKey(['id'], 'sec_sig_id');
$table->addUniqueIndex(['provider_id', 'host', 'account'], 'sec_sig_unic');
$table->addIndex(['key_id_sum', 'provider_id'], 'sec_sig_key');
return $schema;
}
return null;
}
}
Reference in a new issue View git blame Copy permalink