Merge branch 'dev' into f-filesystem

8c20200a · Timm Fitschen · ce36011d · 7228e05a · 8c20200a · 8c20200a
Verified Commit 8c20200a authored 4 years ago by Timm Fitschen
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -23,7 +23,7 @@ services:
  - mariadb:10.4
 variables:
  DEPLOY_REF: dev
-  CI_REGISTRY_IMAGE: $CI_REGISTRY/caosdb/caosdb-mysqlbackend/testenv:latest
+  CI_REGISTRY_IMAGE: $CI_REGISTRY/caosdb/src/caosdb-mysqlbackend/testenv:latest
  MYSQL_ROOT_PASSWORD: caosdb1234

 image: $CI_REGISTRY_IMAGE
@@ -38,7 +38,7 @@ trigger_build:
  stage: deploy
  script:
    - /usr/bin/curl -X POST
-      -F token=$DEPLOY_TRIGGER_TOKEN
+      -F token=$CI_JOB_TOKEN
      -F "variables[F_BRANCH]=$CI_COMMIT_REF_NAME"
      -F "variables[MYSQLBACKEND]=$CI_COMMIT_REF_NAME"
      -F "variables[TriggerdBy]=MYSQLBACKEND"
@@ -64,7 +64,7 @@ build-testenv:
  image: docker:19.03
  only:
    - web
-    - shedules
+    - schedules
  stage: setup
  script:
    - cd .docker
@@ -84,7 +84,12 @@ pages:
  tags: [ docker ]
  stage: deploy
  only:
-    - dev
+    refs:
+      - /^release-.*$/i
+      - master
+    variables:
+      # run pages only on gitlab.com
+      - $CI_SERVER_HOST == "gitlab.com"
  script:
    - echo "Deploying"
    - cat doc/index.rst

--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 ### Added ###

+- `utils/make_db` has new `grant-permission` command.
+
 ### Changed ###

 ### Deprecated ###

--- a/README.md
+++ b/README.md
-<!--THIS FILE HAS BEEN GENERATED BY A SCRIPT. PLEASE DON'T CHANGE IT MANUALLY.-->

-# Welcome
+# README

-This is the **CaosDB MySQL Back-end** repository and a part of the CaosDB
-project.
+## Welcome

-# Setup
+This is the **CaosDB MySQL Backend** repository and a part of the
+CaosDB project.
+
+## Setup

 Please read the [README_SETUP.md](README_SETUP.md) for instructions on how to
 setup this code.


-# Further Reading
+## Further Reading
+
+Please refer to the [official documentation](https://docs.indiscale.com/caosdb-mysqlbackend/) for more information.
+
+## Contributing
+
+Thank you very much to all contributers—[past, present](https://gitlab.com/caosdb/caosdb/-/blob/dev/HUMANS.md), and prospective ones.

-Please refer to the [official gitlab repository of the CaosDB
-project](https://gitlab.com/caosdb/caosdb) for more information.
+### Code of Conduct

-# License
+By participating, you are expected to uphold our [Code of Conduct](https://gitlab.com/caosdb/caosdb/-/blob/dev/CODE_OF_CONDUCT.md).

-Copyright (C) 2018 Research Group Biomedical Physics, Max Planck Institute for
-Dynamics and Self-Organization Göttingen.
+### How to Contribute
+
+* You found a bug, have a question, or want to request a feature? Please
+[create an issue](https://gitlab.com/caosdb/caosdb-mysqlbackend/-/issues).
+* You want to contribute code? Please fork the repository and create a merge
+request in GitLab and choose this repository as target. Make sure to select
+"Allow commits from members who can merge the target branch" under Contribution
+when creating the merge request. This allows our team to work with you on your request.
+- If you have a suggestion for the [documentation](https://docs.indiscale.com/caosdb-mysqlbackend/),
+the preferred way is also a merge request as describe above (the documentation resides in `src/doc`).
+However, you can also create an issue for it.
+- You can also contact us at **info (AT) caosdb.de**.
+
+## License
+
+* Copyright (C) 2018 Research Group Biomedical Physics, Max Planck Institute
+  for Dynamics and Self-Organization Göttingen.
+* Copyright (C) 2020-2021 Indiscale GmbH <info@indiscale.com>

 All files in this repository are licensed under a [GNU Affero General Public
 License](LICENCE.md) (version 3 or later).
-
--- a/RELEASE_GUIDELINES.md
+++ b/RELEASE_GUIDELINES.md
@@ -18,10 +18,10 @@ guidelines of the CaosDB Project

 2. Check all general prerequisites.

-4. Merge the release branch into the master branch.
+4. Merge the release branch into the main branch.

-5. Tag the latest commit of the master branch with `v<VERSION>`.
+5. Tag the latest commit of the main branch with `v<VERSION>`.

 6. Delete the release branch.

-7. Merge the master branch back into the dev branch.
+7. Merge the main branch back into the dev branch.
--- a/tests/test_utils.sh
+++ b/tests/test_utils.sh
@@ -103,5 +103,7 @@ echo -n 'testing logging... '
 $UTILSPATH/log.sh "start"
 $UTILSPATH/log.sh "get" > /dev/null
 $UTILSPATH/log.sh "stop"
+$UTILSPATH/make_db grant-permission anonymous \
+                   '[{"grant":"true","priority":"true","permission":"*"}]'
 echo '[Ok]'
 echo '[Completed]'
--- a/utils/make_db
+++ b/utils/make_db
@@ -3,7 +3,8 @@
 # ** header v3.0
 # This file is a part of the CaosDB Project.
 #
-# Copyright (C) 2019, 2020 Daniel Hornung <d.hornung@indiscale.com>
+# Copyright (C) 2021 Indiscale GmbH <info@indiscale.com>
+# Copyright (C) 2019, 2020, 2021 Daniel Hornung <d.hornung@indiscale.com>
 # Copyright (C) 2020 Timm Fitschen <t.fitschen@indiscale.com>
 # Copyright (C) 2020 Henrik tom Wörden <h.tomwoerden@indiscale.com>
 # Copyright (C) 2020 IndiScale <info@indiscale.com>
@@ -23,6 +24,10 @@
 #
 # ** end header

+# Although some sanity checks are performed, this script still allows lots of SQL injection
+# possibilities.
+
+
 set -e

 INSTALL_SQL_FILE="db_2_0.sql"
@@ -198,12 +203,50 @@ function _db_exists() {
 }


+# Grant the given permissions to the given role.
+#
+# Arguments
+# ---------
+# role : str
+# The role, may consist of alphanumerical letters plus `.`, `_`, `-`.  The role must exist in the
+# `roles` table.
+#
+# permissions : str
+# The permissions string.  May not contain single quotes, should be similar to:
+# [{"grant":"true","priority":"true","permission":"*"}]
+function grant-permission() {
+    role="$1"
+    permissions="$2"
+    if echo -n "$role" | grep -v -q "^[[:alnum:]._-]*$" ; then
+        echo "Role contains invalid character(s)!"
+        exit 1
+    fi
+    if [[ $permissions == "'" ]]; then
+        echo "Permissions string contains single quote!"
+        exit 1
+    fi
+
+    cmd="SELECT COUNT(1) from roles where name='${role}';"
+    count=$($MYSQL_CMD $(get_mysql_args) -AN -e "$cmd")
+    if [[ $count == "0" ]]; then
+        echo "Role not found!"
+        exit 1
+    fi
+
+    cmd="INSERT INTO permissions (role, permissions) VALUE ('${role}', '${permissions}')"
+    cmd+="ON DUPLICATE KEY UPDATE role='${role}', permissions='${permissions}'"
+    cmd+=";"
+    $MYSQL_CMD $(get_mysql_args) -e "$cmd"
+}
+
+
 case $1 in
    "drop") drop $2 ;;
    "grant") grant $2 ;;
+    "grant-permission") grant-permission $2 $3 ;; # Args: role, permissions
    "test") shift ; runtests $@ ;;
    "test-connection") test-connection ;;
    "install_db") install_db ;;
    "restore_db") restore_db $2 ;;
-    *) echo "Unknown action: $1"
+    *) echo "Unknown action: $1"; exit 32
 esac