MySQL fix timezone (#1626)

* MySQL fix timezone * Ajout de la sécurité
afup · Feb 13, 2025 · e6af094 · e6af094
1 parent 0c683d2
commit e6af094
Show file tree

Hide file tree

Showing 10 changed files with 129 additions and 1 deletion.
diff --git a/.env.dist b/.env.dist
@@ -8,6 +8,7 @@ DATABASE_PORT=3306
 DATABASE_NAME=web
 DATABASE_USER=afup
 DATABASE_PASSWORD=afup
+DATABASE_TIMEZONE=+01:00
 
 SECRET=ThisTokenIsNotSoSecretChangeIt
 

diff --git a/app/Resources/views/admin/healthcheck.html.twig b/app/Resources/views/admin/healthcheck.html.twig
@@ -0,0 +1,45 @@
+{% extends 'admin/base_with_header.html.twig' %}
+
+{% block content %}
+    <h1>Healthcheck</h1>
+    <div class="ui grid">
+        <div class="eight wide column">
+            <div class="ui segment">
+                <h2 class="ui header">Dates</h2>
+                <div class="ui clearing divider"></div>
+                <dl>
+                    <dt>PHP</dt>
+                    <dd>{{ dates.php }}</dd>
+                    <dt>MySQL Base_De_Donnees</dt>
+                    <dd>{{ dates.mysql_bdd }}</dd>
+                    <dt>MySQL Ting</dt>
+                    <dd>{{ dates.mysql_ting }}</dd>
+                    <dt>Différence MySQL et PHP</dt>
+                    <dd>
+                        {{ dates.diff ? 'Les timezones sont différentes' : 'Pas de différence de timezones' }}
+                    </dd>
+                </dl>
+            </div>
+        </div>
+        <div class="eight wide column">
+            <div class="ui segment">
+                <h2 class="ui header">Versions</h2>
+                <div class="ui clearing divider"></div>
+                <dl>
+                    <dt>PHP</dt>
+                    <dd>{{ versions.php }}</dd>
+                    <dt>Symfony</dt>
+                    <dd>{{ versions.symfony }}</dd>
+                </dl>
+            </div>
+        </div>
+    </div>
+    <style>
+        dt {
+            font-weight: bold;
+        }
+        dd {
+            font-family: "Noto Sans Mono", monospace;
+        }
+    </style>
+{% endblock %}
diff --git a/app/config/config.yml b/app/config/config.yml
@@ -287,6 +287,10 @@ parameters:
                 forum_partenaire:
                     nom: 'Sponsors/Partenaires'
                     niveau: 'ROLE_ADMIN'
+                healthcheck:
+                    nom: 'Healthcheck'
+                    niveau: 'ROLE_ADMIN'
+                    url: '/admin/healthcheck'
         connexion:
             nom: 'Connexion'
             masquee: true
@@ -357,6 +361,11 @@ ting:
                 port:     "%database_port%"
                 user:     "%database_user%"
                 password: "%database_password%"
+
+    databases_options:
+        "%database_name%":
+            timezone: "%database_timezone%"
+
     repositories:
         event:
             namespace : AppBundle\Event\Model\Repository

diff --git a/app/config/routing/admin.yml b/app/config/routing/admin.yml
@@ -108,3 +108,7 @@ admin_site:
 admin_github_user_routes:
   resource: "admin_github_user.yml"
   prefix: /event/github-user
+
+admin_healthcheck:
+  path: /healthcheck
+  defaults: {_controller: AppBundle\Controller\Admin\HealthcheckController}
diff --git a/app/config/security.yml b/app/config/security.yml
@@ -61,7 +61,7 @@ security:
         - { path: ^/admin/members/general_meeting_vote, roles: ROLE_ADMIN }
         - { path: ^/admin/site, roles: ROLE_ADMIN }
         - { path: ^/admin/planete, roles: ROLE_ADMIN }
-        - { path: ^/admin/(members/reporting|association/relances|talk|slackmembers/check), roles: ROLE_ADMIN}
+        - { path: ^/admin/(members/reporting|association/relances|talk|slackmembers/check|healthcheck), roles: ROLE_ADMIN}
         - { path: ^/member, roles: [ROLE_USER, ROLE_MEMBER_EXPIRED]}
         - { path: ^/admin/, roles: ROLE_MEMBER_EXPIRED }
         - { path: ^/blog, allow_if: "request.getClientIp() in ['217.70.189.71', '127.0.0.1', '192.168.42.1'] or request.server.get('ALLOW_BLOG_FROM_ALL') == 1 or request.headers.get('x-afup-blog-api-key') == '%blog_api_key%'" }

diff --git a/docker/dockerfiles/mysql/my.cnf b/docker/dockerfiles/mysql/my.cnf
@@ -3,3 +3,4 @@ skip-host-cache
 skip-name-resolve
 innodb_file_per_table=1
 sql-mode="STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION"
+default-time-zone = "+00:00"
diff --git a/docker/dockerfiles/mysqltest/my.cnf b/docker/dockerfiles/mysqltest/my.cnf
@@ -3,3 +3,4 @@ skip-host-cache
 skip-name-resolve
 innodb_file_per_table=1
 sql-mode="STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION"
+default-time-zone = "+00:00"
diff --git a/sources/Afup/Utils/Base_De_Donnees.php b/sources/Afup/Utils/Base_De_Donnees.php
@@ -42,6 +42,7 @@ public function getDbLink()
         if ($this->link === null) {
             $this->link = mysqli_connect($this->config['host'], $this->config['user'], $this->config['password'], null, (int) $this->config['port']) or die('Connexion à la base de données impossible');
             mysqli_set_charset($this->link, "utf8mb4");
+            mysqli_query($this->link, "SET time_zone = '" . getenv('DATABASE_TIMEZONE') . "'");
             $this->selectionnerBase($this->config['database']);
         }
         return $this->link;

diff --git a/sources/AppBundle/Controller/Admin/HealthcheckController.php b/sources/AppBundle/Controller/Admin/HealthcheckController.php
@@ -0,0 +1,51 @@
+<?php
+
+declare(strict_types=1);
+
+namespace AppBundle\Controller\Admin;
+
+use Afup\Site\Corporate\_Site_Base_De_Donnees;
+use AppBundle\Event\Model\Repository\EventRepository;
+use CCMBenchmark\TingBundle\Repository\RepositoryFactory;
+use DateTime;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Kernel;
+
+class HealthcheckController extends AbstractController
+{
+    private RepositoryFactory $ting;
+
+    public function __construct(RepositoryFactory $ting)
+    {
+        $this->ting = $ting;
+    }
+
+    public function __invoke(): Response
+    {
+        $php = new DateTime();
+
+        $bdd = new _Site_Base_De_Donnees();
+        $mysqlBdd = $bdd->obtenirUn('SELECT CURRENT_TIMESTAMP');
+        $mysqlBdd = new DateTime($mysqlBdd);
+
+        $repo = $this->ting->get(EventRepository::class);
+        $mysqlTing = $repo->getQuery('SELECT CURRENT_TIMESTAMP')->execute()['CURRENT_TIMESTAMP'];
+        $mysqlTing = new DateTime($mysqlTing);
+
+        $diff = $php->getTimestamp() !== $mysqlBdd->getTimestamp() || $php->getTimestamp() !== $mysqlTing->getTimestamp();
+
+        return $this->render('admin/healthcheck.html.twig', [
+            'dates' => [
+                'php' => $php->format(\DateTime::ATOM),
+                'mysql_bdd' => $mysqlBdd->format(\DateTime::ATOM),
+                'mysql_ting' => $mysqlTing->format(\DateTime::ATOM),
+                'diff' => $diff
+            ],
+            'versions' => [
+                'php' => phpversion(),
+                'symfony' => Kernel::VERSION
+            ]
+        ]);
+    }
+}
diff --git a/tests/behat/features/Admin/Divers/Healthcheck.feature b/tests/behat/features/Admin/Divers/Healthcheck.feature
@@ -0,0 +1,15 @@
+Feature: Administration - Healthcheck
+
+  @reloadDbWithTestData
+  Scenario: Un membre ne peut pas accéder aux vérifications du site
+    Given I am logged-in with the user "paul" and the password "paul"
+    And I am on "/admin/healthcheck"
+    Then the response status code should be 403
+
+  @reloadDbWithTestData
+  Scenario: Vérifications du site
+    Given I am logged in as admin and on the Administration
+    And I follow "Healthcheck"
+    Then I should see "Healthcheck"
+    And I should see "Pas de différence de timezones"
+    And I should not see "Les timezones sont différentes"