refacto(remote-server): optimize execution time of export/import #7749
Conversation
kduret
changed the title
kduret
changed the title
| // (`col_name`, `col_name`,...) | ||
|
|
||
| // Construct SQL statement | ||
| $sql = "LOAD DATA INFILE '$file'"; |
There was a problem hiding this comment.
as you didn't bound the values, you should sanitize them before sending them to the DB.
| * Copy directory recusively | ||
| */ | ||
| private function recursive_copy($src, $dst) { | ||
| $dir = opendir($src); |
There was a problem hiding this comment.
please could you sanitize $src and $dst to avoid RCE (using escapeShellArg maybe)
| return 0; | ||
| } | ||
|
|
||
| protected function getHostTemplates(&$host) |
There was a problem hiding this comment.
a getSomething method need to send back something
| } | ||
| $loop[$host_id] = 1; | ||
| if ($host_id == $host_tpl_id) { | ||
| return 1; |
There was a problem hiding this comment.
| return 1; | |
| return true; |
| $stack = array_merge($hosts_tpl[$host_id]['htpl'], $stack); | ||
| } | ||
|
|
||
| return 0; |
There was a problem hiding this comment.
| return 0; | |
| return false; |
There was a problem hiding this comment.
(used in an if condition in config-generate/servicetemplate.class.php +133 and config-generate-remote/servicetemplate.class.php +101)
|
|
||
| protected function getHostTimezone(&$host) | ||
| { | ||
| # not needed |
|
|
||
| protected function createFile($dir) | ||
| { | ||
| $full_file = $dir . '/' . $this->subdir . '/' . $this->generate_filename; |
There was a problem hiding this comment.
sanitize $this->generate_filename to avoid RCE exploit
There was a problem hiding this comment.
or use escapeshellarg on $full_file variable
sc979
force-pushed
the
refacto-remote-export-import
branch
2 times, most recently
from
e2da8ca to
356c2b1
Compare
sc979
force-pushed
the
refacto-remote-export-import
branch
from
8fa444f to
9a02592
Compare
|
I removed "request changes" taken in account and the outdated comments. |
|
@cgagnaire -> About : "MySQL user 'centreon' needs "FILE" privilege to use "LOAD DATA INFILE" statement : |
|
|
||
| // insert data | ||
| $exportPathFile = $this->getFile($data[filename]); | ||
| echo date("Y-m-d H:i:s") . " - INFO - Loading '" . $exportPathFile . "'.\n"; |
There was a problem hiding this comment.
Do not printing message directly from the method.
For example you can inject a logger class instance and use it to log message.
| } catch (\ErrorException $e) { | ||
| // rollback changes | ||
| $db->rollBack(); | ||
| echo date("Y-m-d H:i:s") . " - ERROR - Loading failed.\n"; |
| if (is_dir($src . '/' . $file)) { | ||
| $this->recursiveCopy($src . '/' . $file, $dst . '/' . $file); | ||
| } else { | ||
| echo date("Y-m-d H:i:s") . " - INFO - Copying '" . $src . "/" . $file . "'.\n"; |
There was a problem hiding this comment.
Do not printing message directly from the method.
For example you can inject a logger class instance and use it to log message.
sc979
force-pushed
the
refacto-remote-export-import
branch
2 times, most recently
from
26100fc to
0ca1f8f
Compare
| { | ||
| $severityId = HostCategory::getInstance($this->dependencyInjector)->getHostSeverityByHostId($hostIdArg); | ||
| if (!is_null($severityId)) { | ||
| Relations\HostCategoriesRelation::getInstance($this->dependencyInjector)->addRelation($severityId, $hostIdArg); |
There was a problem hiding this comment.
WARN: Line exceeds 120 characters; contains 123 characters
Description
Refactoring export/import routine of remote server.
This PR also include @lpinsivy insertBulk function of PR #7714 even though it's not used.(Unit tests have to be reworked as classes have been removed).
(Some code can also be remove from Repository classes).
MySQL user 'centreon' needs "FILE" privilege to use "LOAD DATA INFILE" statement :
GRANT FILE on *.* to 'centreon'@'localhost';Refs: MON-3998
Type of change
Target serie
How this pull request can be tested ?
Use the source files in a platform with one remote server and multiple pollers behind the remote server.
Checklist
Community contributors & Centreon team
Centreon team only