Merge pull request #1810 from nordic-institute/XRDDEV-2470

fix: added unique constraint for security server code
nordic-institute · Oct 4, 2023 · afd4dbd · afd4dbd
2 parents 6255e48 + 90044ce
commit afd4dbd
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 18 deletions.
diff --git a/...entral-server/admin-service/infra-jpa/src/main/resources/liquibase/centerui-changelog.xml b/...entral-server/admin-service/infra-jpa/src/main/resources/liquibase/centerui-changelog.xml
@@ -24,6 +24,7 @@
     <include file="centerui/202306151639-drop-schema-migrations.xml" relativeToChangelogFile="true"/>
     <include file="centerui/202306161128-requests-remove-unused-columns.xml" relativeToChangelogFile="true"/>
     <include file="centerui/202308181600-system-param-unique-keys.xml" relativeToChangelogFile="true"/>
+    <include file="centerui/202310031700-security-server-unique.xml" relativeToChangelogFile="true"/>
 
     <!-- must be the last one -->
     <changeSet id="separate-admin-user" author="niis" context="admin" runAlways="true" runOnChange="true" runOrder="last">

diff --git a/...e/infra-jpa/src/main/resources/liquibase/centerui/202310031700-security-server-unique.xml b/...e/infra-jpa/src/main/resources/liquibase/centerui/202310031700-security-server-unique.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                   xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.5.xsd"
+                   logicalFilePath="centerui/202310031700-security-server-unique.xml">
+
+    <changeSet author="niis" id="202310031700-security-server-unique">
+        <comment>Make security server's code unique per owner.
+        </comment>
+        <addUniqueConstraint constraintName="unique_owner_server_code" tableName="security_servers" columnNames="owner_id,server_code" />
+    </changeSet>
+</databaseChangeLog>
diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-center.preinst b/src/packages/src/xroad/ubuntu/generic/xroad-center.preinst
@@ -9,30 +9,53 @@ if [ "$1" = "upgrade" ]; then
   source /usr/share/xroad/scripts/_read_cs_db_properties.sh
   prepare_db_props
 
-  # Start table system_parameters unique check (this check can be remove after LAST_SUPPORTED_VERSION > 7.4.0)
-  sys_param_select="select * from (select id, key, value, created_at, updated_at, ha_node_name, count(*) over (partition by key, ha_node_name order by key, ha_node_name) as count
-      from system_parameters) as s
-where s.count > 1;"
-  sys_param_check_result=$(
-    PGDATABASE="$db_database" PGUSER="$db_user" PGPASSWORD="$db_password" psql -h "$db_host" -p "$db_port" -qtA -c \
-      "$sys_param_select"
-  )
+  psql_query() {
+    local query=$1
+    PGDATABASE="$db_database" PGUSER="$db_user" PGPASSWORD="$db_password" \
+      psql -h "$db_host" -p "$db_port" -qA -c "$query"
+  }
+
+  check_unique() {
+    local query=$1
+    local error_message=$2
+
+    local query_result=$(psql_query "$query")
+    declare -i query_result_lines=$(echo "$query_result" | wc -l)
+    # subtract 2 for header and footer lines
+    local query_row_count=$((query_result_lines - 2))
 
-  if [ -n "$sys_param_check_result" ]; then
-    echo "ERROR: Data quality issues in the $db_database database. There are duplicate data in the table SYSTEM_PARAMETERS columns pair (KEY, HA_NODE_NAME):
+    if [ $query_row_count -gt 0 ]; then
+      echo "ERROR: Data quality issues in $db_database database. $error_message:
 ----------------------------------------------------------------------------------------------------------------------------------------------
-id|key|value|created_at|updated_at|ha_node_name|count
-$sys_param_check_result
+$query_result
 ----------------------------------------------------------------------------------------------------------------------------------------------
 
 To see duplicated rows, run the following query in the $db_database database:
-$sys_param_select
+$query
 
 Please fix incorrect data before continuing."
-    exit 1
-  fi
-  # End table system_parameters unique check
-# End database integrity checks
+      exit 1;
+    fi
+
+  }
+
+
+    # this check can be removed after LAST_SUPPORTED_VERSION > 7.4.0)
+    sys_param_select="select * from (select id, key, value, created_at, updated_at, ha_node_name, count(*) over (partition by key, ha_node_name order by key, ha_node_name) as count
+    from system_parameters) as s
+where s.count > 1;"
+      check_unique "$sys_param_select" "There is duplicate data in SYSTEM_PARAMETERS table, columns pair (KEY, HA_NODE_NAME)"
+
+
+    # this check can be removed after LAST_SUPPORTED_VERSION > 7.4.0)
+    security_server_select="select *
+from (select *, count(*) over (partition by server_code, owner_id) as count
+    from security_servers) as s
+where s.count > 1
+order by id;"
+      check_unique "$security_server_select" "There is duplicate data in SECURITY_SERVERS table, columns pair (SERVER_CODE, OWNER_ID)"
+
+  # End database integrity checks
 
 fi
 

diff --git a/src/shared-ui/audit-ci-shared.json b/src/shared-ui/audit-ci-shared.json
@@ -11,7 +11,7 @@
     "GHSA-ww39-953v-wcq6|copy-webpack-plugin>glob-parent>",
     "GHSA-4wf5-vphf-c2xc|terser",
     "GHSA-fwr7-v2mv-hh25|async",
-    "GHSA-rp65-9cf3-cjxr|@intervolga/optimize-cssnano-plugin>cssnano-preset-default>postcss-svgo>svgo>css-select>nth-check"
+    "GHSA-rp65-9cf3-cjxr|*>nth-check"
   ],
   "registry": "https://registry.npmjs.org"
 }