Allow specifying connection URL in the environment #1789
Conversation
raboof
force-pushed
the
allow-setting-db-via-environment
branch
from
f829497 to
045dd58
Compare
|
My only concern here is it seems that the URL specified would be able to override the engine, which feels like a pretty forseeable trouble point. |
That sounds correct to me, yes
What kind of trouble do you expect? Are you thinking of security concerns? My impression is if an attacker can write to the environment they can pretty much do anything they like already (via influencing other more low-level variables like From a usability standpoint, of course if people select unsupported engines they are unlikely to work, but that seems expected :). |
|
My concern wasn't so much for security but just support, as a pretty accessible footgun potentially. It's not necessarily a big problem just because only a certain subset of users will use this feature. Charset would be a bigger issue as it's easy to forget and leaving it to a bad default can cause invisible but insidious problems, but since we can provide a default for that it should be fine. This probably won't go in for 3.2, our upcoming release, but could go into the next one. |
Might be a candidate for 4.0.0? |
|
We had a lot going on for 4.0.0 and, as you've seen, this didn't make it. But I haven't forgotten about it and we should be able to get it in for 4.1.0. |
No worries, congrats on the release! Happily running it in prod (with this patch ;) )
Would be great! |
|
A quick note: have you tried this out? A typical way users set variables (Apache SetEnv, passing through PHP-FPM) doesn't get picked up by the |
Yes ;)
Ah, that could be - I'm setting it as an environment variable when starting a docker container, where the docker startup script starts PHP-FPM and nginx. I'm not sure if there's any security implications from setting |
|
I tried to dig into that a little too, since as you say the docs are a little vague. I'm pretty sure I have it figured out: really this specifically comes from a problem with the env var
In our case... I don't think there's an issue using My understanding of the distinction here is that the way you have it now will not work if you try to set the var using SetEnv in Apache (or One-arg |
raboof
force-pushed
the
allow-setting-db-via-environment
branch
from
045dd58 to
f9c7c88
Compare
😆
Agreed - as
That matches what I see, yes
Agreed! |
|
OK, I've poked around with this and I'm pretty happy with it. The ability for it to work with the database.ini absent, and correctly throw the error if both the URL and the file are absent, seems to work well. I think on my prior concern about this setting the engine... it's already an "advanced" feature so I'm thinking we're probably okay not guarding specifically against people setting an engine that just won't work. One thing did occur to me: let's go ahead and change the env var name here to OMEKA_DB_CONNECTION_URL, just so we're clear on it being the DB and not any other "connection" we might make. |
Since Omeka just passes through these options to the Doctrine DBAL it didn't seem elegant to give Omeka 'knowledge' of the individual fields. Instead 'just' allowing to set the URL is sufficient, since fields from the URL will overwrite the individual settings. https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#getting-a-connection Fixes omeka#1765
raboof
force-pushed
the
allow-setting-db-via-environment
branch
from
f9c7c88 to
3e005ea
Compare
Agreed, updated & re-tested |
|
OK, we're good to go. So I'd expect this to be out (eventually) in 4.1.0. |
|
Great, thanks! |
Since Omeka just passes through these options to the Doctrine DBAL it
didn't seem elegant to give Omeka 'knowledge' of the individual fields.
Instead 'just' allowing to set the URL is sufficient, since fields from
the URL will overwrite the individual settings.
https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#getting-a-connection
Fixes #1765