CIL-1769 Enagle use of read-only database endpoint.

For those functions that only do "SELECT" on the database, use the read-only endpoint if configured. Note that PHP Sessions require write access to the database.
cilogon · Jun 12, 2023 · 1bd1398 · 1bd1398
1 parent f5a37ab
commit 1bd1398
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 6 deletions.
diff --git a/src/Service/Bypass.php b/src/Service/Bypass.php
@@ -98,7 +98,7 @@ public function init()
         $readin = false; // Did we read the 'bypass' table from the database?
         $this->bypassarray = []; // Reset the class bypassarray to empty
 
-        $db = Util::getDB();
+        $db = Util::getDB(true);
         if (!is_null($db)) {
             $data = $db->getAssoc(
                 'SELECT * FROM bypass',

diff --git a/src/Service/Skin.php b/src/Service/Skin.php
@@ -265,7 +265,7 @@ protected function readSkinFromDatabase($skinvar)
         $readin = false; // Make sure we read in either XML or CSS (or both)
 
         if (strlen($skinvar) > 0) {
-            $db = Util::getDB();
+            $db = Util::getDB(true);
             if (!is_null($db)) {
                 $data = $db->getRow(
                     'SELECT * from skins WHERE name = ?',

diff --git a/src/Service/Util.php b/src/Service/Util.php
@@ -154,19 +154,27 @@ public static function getSkin()
      * by DB::connect() suitable for future DB calls. If there is a
      * problem, the returned object is null.
      *
+     * @param $readonly Should we use the read-only database endpoint
+     *        (if configured)? Defaults to false.
      * @return DB A PEAR DB object connected to a database, or null
      *         on error connecting to database.
      */
-    public static function getDB()
+    public static function getDB($readonly = false)
     {
         $retval = null;
 
+        // CIL-1769 Enable selection of read-only database endpoint
+        $hostspec = DB_HOSTSPEC;
+        if (($readonly) && defined('DB_HOSTSPEC_RO')) {
+            $hostspec = DB_HOSTSPEC_RO;
+        }
+
         $db_const = new DB(); // So constants defined in DB.php are read in
         $dsn = array(
             'phptype'  => DB_TYPE,
             'username' => DB_USERNAME,
             'password' => DB_PASSWORD,
-            'hostspec' => DB_HOSTSPEC,
+            'hostspec' => $hostspec,
             'database' => DB_DATABASE
         );
 
@@ -1355,7 +1363,7 @@ public static function getOIDCClientParams(&$clientparams)
         $log = new Loggit();
 
         if (strlen(@$clientparams['client_id']) > 0) {
-            $db = static::getDB();
+            $db = static::getDB(true);
             if (!is_null($db)) {
                 $data = $db->getRow(
                     'SELECT name,home_url,callback_uri,scopes from clients WHERE client_id = ?',
@@ -1408,7 +1416,7 @@ public static function getAdminForClient($client_id)
             if (array_key_exists($client_id, $clienttoadminmap)) {
                 $retval = $clienttoadminmap[$client_id];
             } else { // Search the database for the client_id's admin_id+name
-                $db = static::getDB();
+                $db = static::getDB(true);
                 if (!is_null($db)) {
                     $data = $db->getRow(
                         "SELECT admin_id,name FROM adminClients WHERE admin_id IN " .