[TASK] Protect copying/pushing/pulling database to top level instance.

sourcebroker · Feb 16, 2020 · dc129bd · dc129bd
1 parent 6f25870
commit dc129bd
Show file tree

Hide file tree

Showing 4 changed files with 78 additions and 34 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -8,6 +8,7 @@ master
 2) [FEATURE] Add FileUtility->locateLocalBinaryPath.
 3) [TASK][BREAKING] Remove not needed dependency to deployer-extended-loader.
 4) [TASK][BREAKING] Cleanup variables naming.
+5) [TASK] Protect copying/pushing/pulling database to top level instance.
 
 9.0.0
 ~~~~~~

diff --git a/deployer/db/task/db_copy.php b/deployer/db/task/db_copy.php
@@ -12,34 +12,51 @@
     if (null === get('argument_stage')) {
         throw new GracefulShutdownException("The source instance is required for db:move command.");
     }
+
     $targetInstanceName = (new ConsoleUtility())->getOption('target');
-    if ($targetInstanceName) {
-        if (!askConfirmation(sprintf("Do you really want to copy database from instance %s to instance %s",
-            get('argument_stage'), $targetInstanceName), true)) {
-            throw new GracefulShutdownException(
-                "Process aborted"
-            );
-        }
-        if ($targetInstanceName == null) {
-            throw new GracefulShutdownException(
-                "You must set the target instance the database will be copied to as second parameter."
-            );
-        }
-        if ($targetInstanceName == get('instance_live_name', 'live')) {
+    if (null === $targetInstanceName) {
+        throw new GracefulShutdownException(
+            "The target instance is not set as second parameter. You must set the target instance as '--options=target:[target-name]'"
+        );
+    }
+
+    $doNotAskAgainForLive = false;
+    if ($targetInstanceName === get('instance_live_name', 'live')) {
+        if (!get('db_allow_copy_live', true)) {
             throw new GracefulShutdownException(
-                "FORBIDDEN: For security its forbidden to move database to live instance!"
+                'FORBIDDEN: For security its forbidden to copy database to top instance: "' .
+                get('instance_live_name', 'live') . '"!'
             );
         }
-        if ($targetInstanceName == get('instance_local_name', 'local')) {
-            throw new GracefulShutdownException(
-                "FORBIDDEN: For synchro local database use: \ndep db:pull live"
-            );
+        if (!get('db_allow_copy_live_force', false)) {
+            $doNotAskAgainForLive = true;
+            write("<error>\n\n");
+            write(sprintf("You going to copy database to top instance \"%s\". ", get('argument_stage')));
+            write("This can be destructive.\n\n");
+            write("</error>");
+            if (!askConfirmation('Do you really want to continue?', false)) {
+                throw new GracefulShutdownException('Process aborted.');
+            }
+            if (!askConfirmation('Are you sure?', false)) {
+                throw new GracefulShutdownException('Process aborted.');
+            }
         }
-    } else {
+
+    }
+
+    if ($targetInstanceName == get('instance_local_name', 'local')) {
         throw new GracefulShutdownException(
-            "The target instance is not set as second parameter. You must set the target instance as '--options=target:[target-name]'"
+            "FORBIDDEN: For synchro local database use: \ndep db:pull live"
         );
     }
+
+    if (!$doNotAskAgainForLive && !askConfirmation(sprintf("Do you really want to copy database from instance %s to instance %s",
+            get('argument_stage'), $targetInstanceName), true)) {
+        throw new GracefulShutdownException(
+            "Process aborted"
+        );
+    }
+
     $verbosity = (new ConsoleUtility())->getVerbosityAsParameter();
     $sourceInstance = get('argument_stage');
     $dl = get('local/bin/deployer');

diff --git a/deployer/db/task/db_pull.php b/deployer/db/task/db_pull.php
@@ -10,16 +10,29 @@
  */
 task('db:pull', function () {
     $sourceName = get('argument_stage');
-    if (null !== $sourceName) {
-        if (!get('db_allow_pull_live', false) && get('default_stage') === get('instance_live_name', 'live')) {
+    if (null === $sourceName) {
+        throw new GracefulShutdownException("The source instance is required for db:pull command. [Error code: 1488149981776]");
+    }
+
+    if (get('default_stage') === get('instance_live_name', 'live')) {
+        if (!get('db_allow_pull_live', true)) {
             throw new GracefulShutdownException(
-                'FORBIDDEN: For security its forbidden to pull database to "'
-                . get('instance_live_name', 'live') . '" instance! ' .
-                ' Use "set(\'db_allow_push_live\', true);" to allow this. [Error code: 1488149981777]'
+                'FORBIDDEN: For security its forbidden to pull database to top instance: "' .
+                get('instance_live_name', 'live') . '"!'
             );
         }
-    } else {
-        throw new GracefulShutdownException("The source instance is required for db:pull command. [Error code: 1488149981776]");
+        if (!get('db_allow_pull_live_force', false)) {
+            write("<error>\n\n");
+            write(sprintf("You going to pull database to top instance \"%s\". ", get('default_stage')));
+            write("This can be destructive.\n\n");
+            write("</error>");
+            if (!askConfirmation('Do you really want to continue?', false)) {
+                throw new GracefulShutdownException('Process aborted.');
+            }
+            if (!askConfirmation('Are you sure?', false)) {
+                throw new GracefulShutdownException('Process aborted.');
+            }
+        }
     }
 
     $dumpCode = md5(microtime(true) . rand(0, 10000));

diff --git a/deployer/db/task/db_push.php b/deployer/db/task/db_push.php
@@ -10,16 +10,29 @@
  */
 task('db:push', function () {
     $targetName = get('argument_stage');
-    if (null !== $targetName) {
-        if (!get('db_allow_push_live', false) && $targetName === get('instance_live_name', 'live')) {
+    if (null === $targetName) {
+        throw new GracefulShutdownException("The target instance is required for media:push command. [Error code: 1488149981776]");
+    }
+
+    if ($targetName === get('instance_live_name', 'live')) {
+        if (!get('db_allow_push_live', true)) {
             throw new GracefulShutdownException(
-                'FORBIDDEN: For security its forbidden to push media to "'
-                . get('instance_live_name', 'live') . '" instance!' .
-                ' Use "set(\'db_allow_push_live\', true);" to allow this. [Error code: 1488149981778]'
+                'FORBIDDEN: For security its forbidden to push database to top instance: "' .
+                get('instance_live_name', 'live') . '"!'
             );
         }
-    } else {
-        throw new GracefulShutdownException("The target instance is required for media:push command. [Error code: 1488149981776]");
+        if (!get('db_allow_push_live_force', false)) {
+            write("<error>\n\n");
+            write(sprintf("You going to push database to top instance \"%s\". ", get('argument_stage')));
+            write("This can be destructive.\n\n");
+            write("</error>");
+            if (!askConfirmation('Do you really want to continue?', false)) {
+                throw new GracefulShutdownException('Process aborted.');
+            }
+            if (!askConfirmation('Are you sure?', false)) {
+                throw new GracefulShutdownException('Process aborted.');
+            }
+        }
     }
 
     $dumpCode = md5(microtime(true) . rand(0, 10000));