Merge pull request #9 from MacPaw/feat/added_schema_cli_commands

feat: added `disallowedSchemaNames` argument for security reasons

Author: alekseytupichenkov

README.md

@@ -96,14 +96,19 @@ Drops a PostgreSQL schema and all its objects:
 ```yaml
 # config/services.yaml
 services:
-    SharedServices\Command\Doctrine\DoctrineSchemaDropCommand: ~
+    SharedServices\Command\Doctrine\DoctrineSchemaDropCommand:
+        arguments:
+            - '@Doctrine\DBAL\Connection'
+            - ['public'] # Disallowed schema names for safety
 ```
 
 Usage:
 ```bash
 php bin/console doctrine:schema:delete <schema_name>
 ```
 
+**Security Note:** You can specify disallowed schema names to prevent accidental deletion of critical schemas like `public`.
+
 ### Schema Migrations Command
 Runs Doctrine migrations within a specific schema. Creates the schema if it doesn't exist:
 
@@ -129,13 +134,17 @@ services:
     SharedServices\Command\Doctrine\DoctrineSchemaFixturesLoadCommand:
         arguments:
             - '@doctrine.fixtures_load_command'
+            - '@Doctrine\DBAL\Connection'
+            - ['public'] # Disallowed schema names for safety
 ```
 
 Usage:
 ```bash
 php bin/console doctrine:schema:fixtures:load <schema_name> [options]
 ```
 
+**Security Note:** You can specify disallowed schema names to prevent accidental fixture loading into critical schemas like `public`.
+
 **Note:** These commands are optional and should only be registered if you're using the corresponding Doctrine features (migrations and/or fixtures) in your project.
 
 ## Testing

src/Command/Doctrine/DoctrineSchemaDropCommand.php

@@ -11,8 +11,13 @@
 
 class DoctrineSchemaDropCommand extends AbstractDoctrineSchemaCommand
 {
-    public function __construct(Connection $connection)
-    {
+    /**
+     * @param string[] $disallowedSchemaNames
+     */
+    public function __construct(
+        Connection $connection,
+        private readonly array $disallowedSchemaNames = [],
+    ) {
         parent::__construct('doctrine:schema:delete', $connection);
     }
 
@@ -22,6 +27,14 @@ protected function execute(
     ): int {
         $schema = $this->getSchemaFromInput($input);
 
+        if (in_array($schema, $this->disallowedSchemaNames, true)) {
+            $output->writeln(
+                "<error>Command is disallowed from being called for the '$schema' schema</error>"
+            );
+
+            return Command::FAILURE;
+        }
+
         $output->writeln("<info>Drop schema '{$schema}'...<info>");
 
         $quotedSchema = $this->connection->quoteIdentifier($schema);

src/Command/Doctrine/DoctrineSchemaFixturesLoadCommand.php

@@ -13,9 +13,13 @@
 
 class DoctrineSchemaFixturesLoadCommand extends AbstractNestingDoctrineSchemaCommand
 {
+    /**
+     * @param string[] $disallowedSchemaNames
+     */
     public function __construct(
         LoadDataFixturesDoctrineCommand $parentCommand,
         Connection $connection,
+        private readonly array $disallowedSchemaNames = [],
     ) {
         parent::__construct('doctrine:schema:fixtures:load', $parentCommand, $connection);
     }
@@ -27,6 +31,14 @@ protected function execute(
         try {
             $schema = $this->getSchemaFromInput($input);
 
+            if (in_array($schema, $this->disallowedSchemaNames, true)) {
+                $output->writeln(
+                    "<error>Command is disallowed from being called for the '$schema' schema</error>"
+                );
+
+                return Command::FAILURE;
+            }
+
             if (!$this->isSchemaExist($schema)) {
                 $output->writeln("<error>Schema '{$schema}' doesn't exist</error>");
 

tests/Command/Doctrine/DoctrineSchemaDropCommandTest.php

@@ -20,7 +20,7 @@ class DoctrineSchemaDropCommandTest extends TestCase
     protected function setUp(): void
     {
         $this->connection = $this->createMock(Connection::class);
-        $this->command = new DoctrineSchemaDropCommand($this->connection);
+        $this->command = new DoctrineSchemaDropCommand($this->connection, ['public']);
     }
 
     public function testSuccess(): void
@@ -41,4 +41,18 @@ public function testSuccess(): void
 
         $this->assertEquals(Command::SUCCESS, $result);
     }
+
+    public function testDisallowedSchemaNameFail(): void
+    {
+        $input = new ArrayInput(['schema' => 'public']);
+        $output = new BufferedOutput();
+
+        $result = $this->command->run($input, $output);
+
+        $this->assertStringContainsString(
+            "Command is disallowed from being called for the 'public' schema",
+            $output->fetch()
+        );
+        $this->assertEquals(Command::FAILURE, $result);
+    }
 }

tests/Command/Doctrine/DoctrineSchemaFixturesLoadCommandTest.php

@@ -34,7 +34,7 @@ protected function setUp(): void
                 new InputOption('no-interaction'),
             ]));
 
-        $this->command = new DoctrineSchemaFixturesLoadCommand($this->parentCommand, $this->connection);
+        $this->command = new DoctrineSchemaFixturesLoadCommand($this->parentCommand, $this->connection, ['public']);
         $this->command->setApplication($this->application);
     }
 
@@ -72,4 +72,18 @@ public function testSuccess(): void
         $this->assertEquals(Command::SUCCESS, $result);
         $this->assertStringContainsString("Load fixtures for 'test_schema'...", $output->fetch());
     }
+
+    public function testDisallowedSchemaNameFail(): void
+    {
+        $input = new ArrayInput(['schema' => 'public']);
+        $output = new BufferedOutput();
+
+        $result = $this->command->run($input, $output);
+
+        $this->assertStringContainsString(
+            "Command is disallowed from being called for the 'public' schema",
+            $output->fetch()
+        );
+        $this->assertEquals(Command::FAILURE, $result);
+    }
 }