mirror of
https://github.com/nuxsmin/sysPass.git
synced 2026-03-07 00:46:59 +01:00
* [ADD] New encryption schema by using Defuse/php-encryption library. WARNING: work in progress
This commit is contained in:
nuxsmin
@@ -58,8 +58,6 @@ class MainActionController
|
||||
&& $hash === Config::getConfig()->getUpgradeKey()
|
||||
) {
|
||||
$this->upgrade($dbVersion, 'db');
|
||||
|
||||
ConfigDB::setValue('version', implode(Util::getVersion(true)));
|
||||
} else {
|
||||
$controller = new MainController();
|
||||
$controller->getUpgrade($dbVersion);
|
||||
@@ -103,7 +101,7 @@ class MainActionController
|
||||
private function upgrade($version, $type)
|
||||
{
|
||||
try {
|
||||
Upgrade::doUpgrade($version, $type);
|
||||
Upgrade::doUpgrade($version);
|
||||
|
||||
$Config = Config::getConfig();
|
||||
$Config->setMaintenance(false);
|
||||
|
||||
@@ -444,59 +444,43 @@ class Installer
|
||||
*/
|
||||
private function createAdminAccount()
|
||||
{
|
||||
$GroupData = new GroupData();
|
||||
$GroupData->setUsergroupName('Admins');
|
||||
$GroupData->setUsergroupDescription('sysPass Admins');
|
||||
|
||||
try {
|
||||
$GroupData = new GroupData();
|
||||
$GroupData->setUsergroupName('Admins');
|
||||
$GroupData->setUsergroupDescription('sysPass Admins');
|
||||
|
||||
Group::getItem($GroupData)->add();
|
||||
} catch (SPException $e) {
|
||||
$this->rollback();
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al crear el grupo "admin"', false),
|
||||
__('Informe al desarrollador', false));
|
||||
}
|
||||
|
||||
$ProfileData = new ProfileData();
|
||||
$ProfileData->setUserprofileName('Admin');
|
||||
$ProfileData = new ProfileData();
|
||||
$ProfileData->setUserprofileName('Admin');
|
||||
|
||||
try {
|
||||
Profile::getItem($ProfileData)->add();
|
||||
} catch (SPException $e) {
|
||||
$this->rollback();
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al crear el perfil "admin"', false),
|
||||
__('Informe al desarrollador', false));
|
||||
}
|
||||
|
||||
// Datos del usuario
|
||||
$UserData = new UserData();
|
||||
$UserData->setUserGroupId($GroupData->getUsergroupId());
|
||||
$UserData->setUserProfileId($ProfileData->getUserprofileId());
|
||||
$UserData->setUserLogin($this->InstallData->getAdminLogin());
|
||||
$UserData->setUserPass($this->InstallData->getAdminPass());
|
||||
$UserData->setUserName('Admin');
|
||||
$UserData->setUserIsAdminApp(1);
|
||||
// Datos del usuario
|
||||
$UserData = new UserData();
|
||||
$UserData->setUserGroupId($GroupData->getUsergroupId());
|
||||
$UserData->setUserProfileId($ProfileData->getUserprofileId());
|
||||
$UserData->setUserLogin($this->InstallData->getAdminLogin());
|
||||
$UserData->setUserPass($this->InstallData->getAdminPass());
|
||||
$UserData->setUserName('Admin');
|
||||
$UserData->setUserIsAdminApp(1);
|
||||
|
||||
try {
|
||||
User::getItem($UserData)->add();
|
||||
|
||||
// Guardar el hash de la clave maestra
|
||||
ConfigDB::setCacheConfigValue('masterPwd', Hash::hashKey($this->InstallData->getMasterPassword()));
|
||||
ConfigDB::setCacheConfigValue('lastupdatempass', time());
|
||||
ConfigDB::writeConfig(true);
|
||||
|
||||
if (!UserPass::getItem($UserData)->updateUserMPass($this->InstallData->getMasterPassword())) {
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al actualizar la clave maestra del usuario "admin"', false));
|
||||
}
|
||||
} catch (SPException $e) {
|
||||
$this->rollback();
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al crear el usuario "admin"', false),
|
||||
__('Informe al desarrollador', false));
|
||||
}
|
||||
|
||||
// Guardar el hash de la clave maestra
|
||||
ConfigDB::setCacheConfigValue('masterPwd', Hash::hashKey($this->InstallData->getMasterPassword()));
|
||||
ConfigDB::setCacheConfigValue('lastupdatempass', time());
|
||||
ConfigDB::writeConfig(true);
|
||||
|
||||
if (!UserPass::getItem($UserData)->updateUserMPass($this->InstallData->getMasterPassword())) {
|
||||
$this->rollback();
|
||||
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al actualizar la clave maestra del usuario "admin"', false),
|
||||
$e->getMessage(),
|
||||
__('Informe al desarrollador', false));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -71,12 +71,12 @@ class Category
|
||||
DB::getQuery($Data);
|
||||
|
||||
DB::endTransaction();
|
||||
|
||||
return true;
|
||||
} catch (SPException $e) {
|
||||
DB::rollbackTransaction();
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -71,12 +71,12 @@ class Customer
|
||||
DB::getQuery($Data);
|
||||
|
||||
DB::endTransaction();
|
||||
|
||||
return true;
|
||||
} catch (SPException $e) {
|
||||
DB::rollbackTransaction();
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -63,12 +63,12 @@ class Group
|
||||
DB::getQuery($Data);
|
||||
|
||||
DB::endTransaction();
|
||||
|
||||
return true;
|
||||
} catch (SPException $e) {
|
||||
DB::rollbackTransaction();
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -65,12 +65,12 @@ class Profile
|
||||
DB::getQuery($Data);
|
||||
|
||||
DB::endTransaction();
|
||||
|
||||
return true;
|
||||
} catch (SPException $e) {
|
||||
DB::rollbackTransaction();
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -52,7 +52,7 @@ defined('APP_ROOT') || die();
|
||||
*/
|
||||
class Upgrade
|
||||
{
|
||||
private static $dbUpgrade = [110, 1121, 1122, 1123, 11213, 11219, 11220, 12001, 12002, 1316011001, 1316020501, 1316100601, 20017011302, 20017011701, 20017012901, 20117021901];
|
||||
private static $dbUpgrade = [110, 1121, 1122, 1123, 11213, 11219, 11220, 12001, 12002, 1316011001, 1316100601, 20017011302, 20017011701, 20017012901, 20117021901];
|
||||
private static $cfgUpgrade = [1124, 1316020501, 20017011202];
|
||||
private static $auxUpgrade = [12001, 12002, 20017010901, 20017011202];
|
||||
private static $appUpgrade = [20117021901];
|
||||
@@ -61,34 +61,32 @@ class Upgrade
|
||||
* Inicia el proceso de actualización de la BBDD.
|
||||
*
|
||||
* @param int $version con la versión de la BBDD actual
|
||||
* @param $type
|
||||
* @return bool
|
||||
* @throws SPException
|
||||
*/
|
||||
public static function doUpgrade($version, $type)
|
||||
public static function doUpgrade($version)
|
||||
{
|
||||
if ($type === 'db') {
|
||||
foreach (self::$dbUpgrade as $upgradeVersion) {
|
||||
if ($version < $upgradeVersion) {
|
||||
if (self::auxPreDbUpgrade($upgradeVersion) === false) {
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al aplicar la actualización auxiliar', false),
|
||||
__('Compruebe el registro de eventos para más detalles', false));
|
||||
}
|
||||
|
||||
if (self::upgradeDB($upgradeVersion) === false) {
|
||||
throw new SPException(SPException::SP_CRITICAL, __('Error al aplicar la actualización de la Base de Datos', false),
|
||||
__('Compruebe el registro de eventos para más detalles', false));
|
||||
}
|
||||
}
|
||||
}
|
||||
} elseif ($type === 'app') {
|
||||
foreach (self::$appUpgrade as $upgradeVersion) {
|
||||
if ($version < $upgradeVersion && self::appUpgrades($upgradeVersion) === false) {
|
||||
foreach (self::$dbUpgrade as $upgradeVersion) {
|
||||
if ($version < $upgradeVersion) {
|
||||
if (self::auxPreDbUpgrade($upgradeVersion) === false) {
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al aplicar la actualización de la aplicación', false),
|
||||
__('Error al aplicar la actualización auxiliar', false),
|
||||
__('Compruebe el registro de eventos para más detalles', false));
|
||||
}
|
||||
|
||||
if (self::upgradeDB($upgradeVersion) === false) {
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al aplicar la actualización de la Base de Datos', false),
|
||||
__('Compruebe el registro de eventos para más detalles', false));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
foreach (self::$appUpgrade as $upgradeVersion) {
|
||||
if ($version < $upgradeVersion && self::appUpgrades($upgradeVersion) === false) {
|
||||
throw new SPException(SPException::SP_CRITICAL,
|
||||
__('Error al aplicar la actualización de la aplicación', false),
|
||||
__('Compruebe el registro de eventos para más detalles', false));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -113,8 +111,11 @@ class Upgrade
|
||||
{
|
||||
switch ($version) {
|
||||
case 1316011001:
|
||||
return self::upgradeDB(1300000000);
|
||||
case 1316100601:
|
||||
return
|
||||
UserUpgrade::fixUsersId(Request::analyze('userid', 1))
|
||||
Account::fixAccountsId()
|
||||
&& UserUpgrade::fixUsersId(Request::analyze('userid', 1))
|
||||
&& Group::fixGroupId(Request::analyze('groupid', 1))
|
||||
&& Profile::fixProfilesId(Request::analyze('profileid', 1))
|
||||
&& Category::fixCategoriesId(Request::analyze('categoryid', 1))
|
||||
@@ -139,7 +140,7 @@ class Upgrade
|
||||
|
||||
$queries = self::getQueriesFromFile($version);
|
||||
|
||||
if (count($queries) === 0) {
|
||||
if (count($queries) === 0 || (int)ConfigDB::getValue('version') === $version) {
|
||||
$LogMessage->addDescription(__('No es necesario actualizar la Base de Datos.', false));
|
||||
$Log->writeLog();
|
||||
return true;
|
||||
@@ -162,6 +163,8 @@ class Upgrade
|
||||
}
|
||||
}
|
||||
|
||||
ConfigDB::setValue('version', $version);
|
||||
|
||||
$LogMessage->addDescription(__('Actualización de la Base de Datos realizada correctamente.', false));
|
||||
$Log->writeLog();
|
||||
|
||||
@@ -210,9 +213,7 @@ class Upgrade
|
||||
$databaseVersion = (int)str_replace('.', '', ConfigDB::getValue('version'));
|
||||
|
||||
if ($databaseVersion < $version) {
|
||||
if (self::upgradeDB($version)) {
|
||||
ConfigDB::setValue('version', $version);
|
||||
} else {
|
||||
if (!self::upgradeDB($version)) {
|
||||
$dbResult = false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -93,14 +93,26 @@ class User
|
||||
|
||||
DB::getQuery($Data);
|
||||
|
||||
$query = /** @lang SQL */
|
||||
'DELETE FROM usrToGroups WHERE usertogroup_userId <> ? AND usertogroup_userId NOT IN (' . $paramsIn . ') OR usertogroup_userId IS NULL';
|
||||
$Data->setQuery($query);
|
||||
|
||||
DB::getQuery($Data);
|
||||
|
||||
$query = /** @lang SQL */
|
||||
'DELETE FROM accUsers WHERE accuser_userId <> ? AND accuser_userId NOT IN (' . $paramsIn . ') OR accuser_userId IS NULL';
|
||||
$Data->setQuery($query);
|
||||
|
||||
DB::getQuery($Data);
|
||||
|
||||
DB::endTransaction();
|
||||
|
||||
return true;
|
||||
} catch (SPException $e) {
|
||||
DB::rollbackTransaction();
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,5 +1,10 @@
|
||||
ALTER TABLE `accounts` CHANGE COLUMN `account_IV` `account_key` VARBINARY(500) NOT NULL ;
|
||||
ALTER TABLE `accHistory` CHANGE COLUMN `acchistory_IV` `acchistory_key` VARBINARY(500) NOT NULL ;
|
||||
ALTER TABLE `customFieldsData` CHANGE COLUMN `customfielddata_iv` `customfielddata_key` VARBINARY(500) NOT NULL;
|
||||
ALTER TABLE `usrData` CHANGE COLUMN `user_mPass` `user_mKey` VARBINARY(500) NULL DEFAULT NULL, CHANGE COLUMN `user_mIV` `user_mKey` VARBINARY(500) NULL DEFAULT NULL;
|
||||
ALTER TABLE `accounts`
|
||||
CHANGE COLUMN `account_IV` `account_key` VARBINARY(1000) NOT NULL ;
|
||||
ALTER TABLE `accHistory`
|
||||
CHANGE COLUMN `acchistory_IV` `acchistory_key` VARBINARY(1000) NOT NULL ;
|
||||
ALTER TABLE `customFieldsData`
|
||||
CHANGE COLUMN `customfielddata_iv` `customfielddata_key` VARBINARY(1000) NOT NULL;
|
||||
ALTER TABLE `usrData`
|
||||
CHANGE COLUMN `user_mPass` `user_mPass` VARBINARY(1000) NULL DEFAULT NULL,
|
||||
CHANGE COLUMN `user_mIV` `user_mKey` VARBINARY(1000) NULL DEFAULT NULL;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user