From 83fb066e7a2fe95fb260c0882bc68bd9539c0e25 Mon Sep 17 00:00:00 2001
From: sc979 <34628915+sc979@users.noreply.github.com>
Date: Tue, 5 Nov 2019 11:28:23 +0100
Subject: [PATCH] fix(install): check mariaDB version before using ALTER USER
 (#8068)

* fix(install): avoid trying to use the ALTER USER on a mariaDB < 10.2

* enh(BE): remove the useless prepare statement
---
 www/install/steps/process/createDbUser.php | 37 +++++++++++++++++-----
 1 file changed, 29 insertions(+), 8 deletions(-)

diff --git a/www/install/steps/process/createDbUser.php b/www/install/steps/process/createDbUser.php
index a95847764cd..3e30eceb508 100644
--- a/www/install/steps/process/createDbUser.php
+++ b/www/install/steps/process/createDbUser.php
@@ -1,7 +1,7 @@
 <?php
 /*
- * Copyright 2005-2015 Centreon
- * Centreon is developped by : Julien Mathis and Romain Le Merlus under
+ * Copyright 2005-2019 Centreon
+ * Centreon is developed by : Julien Mathis and Romain Le Merlus under
  * GPL Licence 2.0.
  *
  * This program is free software; you can redistribute it and/or modify it under
@@ -69,15 +69,19 @@
     $host = explode(":", $getIpQuery->fetchAll(PDO::FETCH_COLUMN)[0])[0];
 }
 
-// Compatibility adaptation for mysql 8 with php7.1 before 7.1.16, or php7.2 before 7.2.4.
-$createUser = "CREATE USER :dbUser@:host IDENTIFIED BY :dbPass";
-$alterQuery = "ALTER USER :dbUser@:host IDENTIFIED WITH mysql_native_password BY :dbPass";
-
 $queryValues = [];
 $queryValues[':dbUser'] = $parameters['db_user'];
 $queryValues[':host'] = $host;
 $queryValues[':dbPass'] = $parameters['db_password'];
 
+// Compatibility adaptation for mysql 8 with php7.1 before 7.1.16, or php7.2 before 7.2.4.
+$createUser = "CREATE USER :dbUser@:host IDENTIFIED BY :dbPass";
+
+// As ALTER USER won't work on a mariaDB < 10.2, we need to check it before trying this request
+$checkMysqlVersion = "SHOW VARIABLES WHERE Variable_name LIKE 'version%'";
+
+// creating the user - mandatory for MySQL DB
+$alterQuery = "ALTER USER :dbUser@:host IDENTIFIED WITH mysql_native_password BY :dbPass";
 $query = "GRANT ALL PRIVILEGES ON `%s`.* TO " . $parameters['db_user'] . "@" . $host . " WITH GRANT OPTION";
 $flushQuery = "FLUSH PRIVILEGES";
 
@@ -90,11 +94,28 @@
     }
     // creating the user
     $prepareCreate->execute();
+
+    // checking mysql version before trying to alter the password plugin
+    $prepareCheckVersion = $link->query($checkMysqlVersion);
+    while ($row = $prepareCheckVersion->fetch()) {
+        if (!isset($versionNumber) && $row['Variable_name'] === "version") {
+            $versionNumber = $row['version'];
+        } elseif (!isset($versionName) && $row['Variable_name'] === "version_comment") {
+            $versionName = $row['version_comment'];
+        }
+    }
+    if ((strpos($versionName, "MariaDB") !== false && version_compare($versionNumber, '10.2.0') >= 0)
+        || (strpos($versionName, "MySQL") !== false && version_compare($versionNumber, '8.0.0') >= 0)
+    ) {
+        // altering the mysql's password plugin using the ALTER USER request
+        $prepareAlter->execute();
+    }
+
     // granting privileges
     $link->exec(sprintf($query, $parameters['db_configuration']));
     $link->exec(sprintf($query, $parameters['db_storage']));
-    // altering the mysql's password plugin
-    $prepareAlter->execute();
+
+    // enabling the new parameters
     $link->exec($flushQuery);
 } catch (\PDOException $e) {
     $return['msg'] = $e->getMessage();