PrivilegesController - Code Metrics - Inspection of "testing new scrutinizer" - HuasoFoundries/phpPgAdmin6 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — develop ( c2019a...2cab77 )

by Felipe

created 2018-06-19 16:14 UTC

PrivilegesController F

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	414
Duplicated Lines	0 %

Importance

Changes

Metric	Value
wmc	62
dl	0
loc	414
rs	3.8461
c	0
b	0
f	0

5 Methods

Rating	Name	Size	Complexity
B	render()	25	4
D	doDefault()	108	19
D	printGrantLinks()	115	15
C	doAlter()	42	7
D	formAlter()	92	17

How to fix Complexity

<?php

/**
 * PHPPgAdmin v6.0.0-beta.48
 */

namespace PHPPgAdmin\Controller;

/**
 * PrivilegesController controller class.
 */
class PrivilegesController extends BaseController
{
    public $table_place      = 'privileges-privileges';
    public $controller_title = 'strprivileges';

    /**
     * Default method to render the controller according to the action parameter.
     */
    public function render()
    {
        $this->printHeader();
        $this->printBody();

        switch ($this->action) {
            case 'save':
                if (isset($_REQUEST['cancel'])) {
                    $this->doDefault();
                } else {
                    $this->doAlter($_REQUEST['mode']);
                }

                break;
            case 'alter':
                $this->formAlter($_REQUEST['mode']);

                break;
            default:
                $this->doDefault();

                break;
        }

        $this->printFooter();
    }

    /**
     * Show permissions on a database, namespace, relation, language or function.
     *
     * @param mixed $msg
     */
    public function doDefault($msg = '')
    {
        $data    = $this->misc->getDatabaseAccessor();
        $subject = $_REQUEST['subject'];

        $this->printTrail($subject);

        // @@@FIXME: This switch is just a temporary solution,
        // need a better way, maybe every type of object should
        // have a tab bar???

        if (in_array($subject, [
            'server',
            'database',
            'schema',
            'table',
            'column',
            'view',
        ], true)) {
            $this->printTabs($subject, 'privileges');
        } else {
            $this->printTitle($this->lang['strprivileges'], 'pg.privilege');
        }

        $this->printMsg($msg);
        if (!isset($data->privlist[$subject])) {
            $this->container->utils->halt('No privileges defined for subject '.$subject);

            return;
        }

        // Determine whether object should be ref'd by name or oid.
        if (isset($_REQUEST[$subject.'_oid'])) {
            $object = $_REQUEST[$subject.'_oid'];
        } else {
            $object = $_REQUEST[$subject];
        }

        // Get the privileges on the object, given its type
        if ('column' == $subject) {
            $privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']);
        } else {
            $privileges = $data->getPrivileges($object, $subject);
        }

        if (sizeof($privileges) > 0) {
            echo '<table>'.PHP_EOL;
            if ($data->hasRoles()) {
                echo "<tr><th class=\"data\">{$this->lang['strrole']}</th>";
            } else {
                echo "<tr><th class=\"data\">{$this->lang['strtype']}</th><th class=\"data\">{$this->lang['struser']}/{$this->lang['strgroup']}</th>";
            }

            foreach ($data->privlist[$subject] as $v2) {
                // Skip over ALL PRIVILEGES
                if ('ALL PRIVILEGES' == $v2) {
                    continue;
                }

                echo "<th class=\"data\">{$v2}</th>".PHP_EOL;
            }
            if ($data->hasGrantOption()) {
                echo "<th class=\"data\">{$this->lang['strgrantor']}</th>";
            }
            echo '</tr>'.PHP_EOL;

            // Loop over privileges, outputting them
            $i = 0;
            foreach ($privileges as $v) {
                $id = (0 == ($i % 2) ? '1' : '2');
                echo "<tr class=\"data{$id}\">".PHP_EOL;
                if (!$data->hasRoles()) {
                    echo '<td>', $this->misc->printVal($v[0]), '</td>'.PHP_EOL;
                }

                echo '<td>', $this->misc->printVal($v[1]), '</td>'.PHP_EOL;
                foreach ($data->privlist[$subject] as $v2) {
                    // Skip over ALL PRIVILEGES
                    if ('ALL PRIVILEGES' == $v2) {
                        continue;
                    }

                    echo '<td>';
                    if (in_array($v2, $v[2], true)) {
                        echo $this->lang['stryes'];
                    } else {
                        echo $this->lang['strno'];
                    }

                    // If we have grant option for this, end mark
                    if ($data->hasGrantOption() && in_array($v2, $v[4], true)) {
                        echo $this->lang['strasterisk'];
                    }

                    echo '</td>'.PHP_EOL;
                }
                if ($data->hasGrantOption()) {
                    echo '<td>', $this->misc->printVal($v[3]), '</td>'.PHP_EOL;
                }
                echo '</tr>'.PHP_EOL;
                ++$i;
            }

            echo '</table>';
        } else {
            echo "<p>{$this->lang['strnoprivileges']}</p>".PHP_EOL;
        }
        $this->printGrantLinks();
    }

    public function printGrantLinks()
    {
        $data     = $this->misc->getDatabaseAccessor();
        $subject  = $_REQUEST['subject'];
        $alllabel = '';
        $alltxt   = '';
        // Links for granting to a user or group
        switch ($subject) {
            case 'table':
            case 'view':
            case 'sequence':
            case 'function':
            case 'tablespace':
                $alllabel = "showall{$subject}s";
                $allurl   = "{$subject}s";
                $alltxt   = $this->lang["strshowall{$subject}s"];

                break;
            case 'schema':
                $alllabel = 'showallschemas';
                $allurl   = 'schemas';
                $alltxt   = $this->lang['strshowallschemas'];

                break;
            case 'database':
                $alllabel = 'showalldatabases';
                $allurl   = 'alldb';
                $alltxt   = $this->lang['strshowalldatabases'];

                break;
        }

        $object = $_REQUEST[$subject];

        if ('function' == $subject) {
            $objectoid = $_REQUEST[$subject.'_oid'];
            $urlvars   = [
                'action'         => 'alter',
                'server'         => $_REQUEST['server'],
                'database'       => $_REQUEST['database'],
                'schema'         => $_REQUEST['schema'],
                $subject         => $object,
                "{$subject}_oid" => $objectoid,
                'subject'        => $subject,
            ];
        } elseif ('column' == $subject) {
            $urlvars = [
                'action'   => 'alter',
                'server'   => $_REQUEST['server'],
                'database' => $_REQUEST['database'],
                'schema'   => $_REQUEST['schema'],
                $subject   => $object,
                'subject'  => $subject,
            ];

            if (isset($_REQUEST['table'])) {
                $urlvars['table'] = $_REQUEST['table'];
            } elseif (isset($_REQUEST['view'])) {
                $urlvars['view'] = $_REQUEST['view'];
            } else {
                $urlvars['matview'] = $_REQUEST['matview'];
            }
        } else {
            $urlvars = [
                'action'   => 'alter',
                'server'   => $_REQUEST['server'],
                'database' => $_REQUEST['database'],
                $subject   => $object,
                'subject'  => $subject,
            ];
            if (isset($_REQUEST['schema'])) {
                $urlvars['schema'] = $_REQUEST['schema'];
            }
        }

        $navlinks = [
            'grant'  => [
                'attr'    => [
                    'href' => [
                        'url'     => 'privileges',
                        'urlvars' => array_merge($urlvars, ['mode' => 'grant']),
                    ],
                ],
                'content' => $this->lang['strgrant'],
            ],
            'revoke' => [
                'attr'    => [
                    'href' => [
                        'url'     => 'privileges',
                        'urlvars' => array_merge($urlvars, ['mode' => 'revoke']),
                    ],
                ],
                'content' => $this->lang['strrevoke'],
            ],
        ];

        if (isset($allurl)) {
            $navlinks[$alllabel] = [
                'attr'    => [
                    'href' => [
                        'url'     => $allurl,
                        'urlvars' => [
                            'server'   => $_REQUEST['server'],
                            'database' => $_REQUEST['database'],
                        ],
                    ],
                ],
                'content' => $alltxt,
            ];
            if (isset($_REQUEST['schema'])) {
                $navlinks[$alllabel]['attr']['href']['urlvars']['schema'] = $_REQUEST['schema'];
            }
        }

        $this->printNavLinks($navlinks, $this->table_place, get_defined_vars());
    }

    /**
     * Prints the form to grants permision on an object to a user.
     *
     * @param string $mode either grant or revoke
     * @param string $msg  The message
     */
    public function formAlter($mode, $msg = '')
    {
        $data = $this->misc->getDatabaseAccessor();

        $this->coalesceArr($_REQUEST, 'username', []);

        $this->coalesceArr($_REQUEST, 'groupname', []);

        $this->coalesceArr($_REQUEST, 'privilege', []);

        // Get users from the database
        $users = $data->getUsers();
        // Get groups from the database
        $groups = $data->getGroups();

        $this->printTrail($_REQUEST['subject']);

        $this->printTitle($this->lang['str'.$mode], 'pg.privilege.'.$mode);

        $this->printMsg($msg);

        echo '<form action="'.\SUBFOLDER.'/src/views/privileges" method="post">'.PHP_EOL;
        echo '<table>'.PHP_EOL;
        echo "<tr><th class=\"data left\">{$this->lang['strusers']}</th>".PHP_EOL;
        echo '<td class="data1"><select name="username[]" multiple="multiple" size="', min(6, $users->recordCount()), '">'.PHP_EOL;
        while (!$users->EOF) {
            $uname = htmlspecialchars($users->fields['usename']);
            echo "<option value=\"{$uname}\"",
            in_array($users->fields['usename'], $_REQUEST['username'], true) ? ' selected="selected"' : '', ">{$uname}</option>".PHP_EOL;
            $users->moveNext();
        }
        echo '</select></td></tr>'.PHP_EOL;
        echo "<tr><th class=\"data left\">{$this->lang['strgroups']}</th>".PHP_EOL;
        echo '<td class="data1">'.PHP_EOL;
        echo '<input type="checkbox" id="public" name="public"', (isset($_REQUEST['public']) ? ' checked="checked"' : ''), ' /><label for="public">PUBLIC</label>'.PHP_EOL;
        // Only show groups if there are groups!
        if ($groups->recordCount() > 0) {
            echo '<br /><select name="groupname[]" multiple="multiple" size="', min(6, $groups->recordCount()), '">'.PHP_EOL;
            while (!$groups->EOF) {
                $gname = htmlspecialchars($groups->fields['groname']);
                echo "<option value=\"{$gname}\"",
                in_array($groups->fields['groname'], $_REQUEST['groupname'], true) ? ' selected="selected"' : '', ">{$gname}</option>".PHP_EOL;
                $groups->moveNext();
            }
            echo '</select>'.PHP_EOL;
        }
        echo '</td></tr>'.PHP_EOL;
        echo "<tr><th class=\"data left required\">{$this->lang['strprivileges']}</th>".PHP_EOL;
        echo '<td class="data1">'.PHP_EOL;
        foreach ($data->privlist[$_REQUEST['subject']] as $v) {
            $v = htmlspecialchars($v);
            echo "<input type=\"checkbox\" id=\"privilege[${v}]\" name=\"privilege[${v}]\"",
            isset($_REQUEST['privilege'][$v]) ? ' checked="checked"' : '', " /><label for=\"privilege[${v}]\">{$v}</label><br />".PHP_EOL;
        }
        echo '</td></tr>'.PHP_EOL;
        // Grant option
        if ($data->hasGrantOption()) {
            echo "<tr><th class=\"data left\">{$this->lang['stroptions']}</th>".PHP_EOL;
            echo '<td class="data1">'.PHP_EOL;
            if ('grant' == $mode) {
                echo '<input type="checkbox" id="grantoption" name="grantoption"',
                isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION</label>'.PHP_EOL;
            } elseif ('revoke' == $mode) {
                echo '<input type="checkbox" id="grantoption" name="grantoption"',
                isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION FOR</label><br />'.PHP_EOL;
                echo '<input type="checkbox" id="cascade" name="cascade"',
                isset($_REQUEST['cascade']) ? ' checked="checked"' : '', ' /><label for="cascade">CASCADE</label><br />'.PHP_EOL;
            }
            echo '</td></tr>'.PHP_EOL;
        }
        echo '</table>'.PHP_EOL;

        echo '<p><input type="hidden" name="action" value="save" />'.PHP_EOL;
        echo '<input type="hidden" name="mode" value="', htmlspecialchars($mode), '" />'.PHP_EOL;
        echo '<input type="hidden" name="subject" value="', htmlspecialchars($_REQUEST['subject']), '" />'.PHP_EOL;
        if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
            echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject'].'_oid'),
            '" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject'].'_oid']), '" />'.PHP_EOL;
        }

        echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject']),
        '" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject']]), '" />'.PHP_EOL;
        if ('column' == $_REQUEST['subject']) {
            echo '<input type="hidden" name="table" value="',
            htmlspecialchars($_REQUEST['table']), '" />'.PHP_EOL;
        }

        echo $this->misc->form;
        echo sprintf('<input type="submit" name="%s" value="%s" />%s', $mode, $this->lang['str'.$mode], PHP_EOL);

        echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>";
        echo '</form>'.PHP_EOL;
    }

    /**
     * Grant permissions on an object to a user.
     *
     * @param string $mode 'grant' or 'revoke'
     */
    public function doAlter($mode)
    {
        $data = $this->misc->getDatabaseAccessor();

        $this->coalesceArr($_REQUEST, 'username', []);

        $this->coalesceArr($_REQUEST, 'groupname', []);

        $this->coalesceArr($_REQUEST, 'privilege', []);

        // Determine whether object should be ref'd by name or oid.
        if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
            $object = $_REQUEST[$_REQUEST['subject'].'_oid'];
        } else {
            $object = $_REQUEST[$_REQUEST['subject']];
        }

        if (isset($_REQUEST['table'])) {
            $table = $_REQUEST['table'];
        } else {
            $table = null;
        }

        $status = $data->setPrivileges(
            ('grant' == $mode) ? 'GRANT' : 'REVOKE',
            $_REQUEST['subject'],
            $object,
            isset($_REQUEST['public']),
            $_REQUEST['username'],
            $_REQUEST['groupname'],
            array_keys($_REQUEST['privilege']),
            isset($_REQUEST['grantoption']),
            isset($_REQUEST['cascade']),
            $table
        );

        if (0 == $status) {
            $this->doDefault($this->lang['strgranted']);
        } elseif ($status == -3 || $status == -4) {
            $this->formAlter($_REQUEST['mode'], $this->lang['strgrantbad']);
        } else {
            $this->formAlter($_REQUEST['mode'], $this->lang['strgrantfailed']);
        }
    }
}


1			<?php
2
3			/**
4			* PHPPgAdmin v6.0.0-beta.48
5			*/
6
7			namespace PHPPgAdmin\Controller;
8
9			/**
10			* PrivilegesController controller class.
11			*/
12			class PrivilegesController extends BaseController
13			{
14			public $table_place = 'privileges-privileges';
15			public $controller_title = 'strprivileges';
16
17			/**
18			* Default method to render the controller according to the action parameter.
19			*/
20			public function render()
21			{
22			$this->printHeader();
23			$this->printBody();
24
25			switch ($this->action) {
26			case 'save':
27			if (isset($_REQUEST['cancel'])) {
28			$this->doDefault();
29			} else {
30			$this->doAlter($_REQUEST['mode']);
31			}
32
33			break;
34			case 'alter':
35			$this->formAlter($_REQUEST['mode']);
36
37			break;
38			default:
39			$this->doDefault();
40
41			break;
42			}
43
44			$this->printFooter();
45			}
46
47			/**
48			* Show permissions on a database, namespace, relation, language or function.
49			*
50			* @param mixed $msg
51			*/
52			public function doDefault($msg = '')
53			{
54			$data = $this->misc->getDatabaseAccessor();
55			$subject = $_REQUEST['subject'];
56
57			$this->printTrail($subject);
58
59			// @@@FIXME: This switch is just a temporary solution,
60			// need a better way, maybe every type of object should
61			// have a tab bar???
62
63			if (in_array($subject, [
64			'server',
65			'database',
66			'schema',
67			'table',
68			'column',
69			'view',
70			], true)) {
71			$this->printTabs($subject, 'privileges');
72			} else {
73			$this->printTitle($this->lang['strprivileges'], 'pg.privilege');
74			}
75
76			$this->printMsg($msg);
77			if (!isset($data->privlist[$subject])) {
78			$this->container->utils->halt('No privileges defined for subject '.$subject);
79
80			return;
81			}
82
83			// Determine whether object should be ref'd by name or oid.
84			if (isset($_REQUEST[$subject.'_oid'])) {
85			$object = $_REQUEST[$subject.'_oid'];
86			} else {
87			$object = $_REQUEST[$subject];
88			}
89
90			// Get the privileges on the object, given its type
91			if ('column' == $subject) {
92			$privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']);
93			} else {
94			$privileges = $data->getPrivileges($object, $subject);
95			}
96
97			if (sizeof($privileges) > 0) {
98			echo '<table>'.PHP_EOL;
99			if ($data->hasRoles()) {
100			echo "<tr><th class=\"data\">{$this->lang['strrole']}</th>";
101			} else {
102			echo "<tr><th class=\"data\">{$this->lang['strtype']}</th><th class=\"data\">{$this->lang['struser']}/{$this->lang['strgroup']}</th>";
103			}
104
105			foreach ($data->privlist[$subject] as $v2) {
106			// Skip over ALL PRIVILEGES
107			if ('ALL PRIVILEGES' == $v2) {
108			continue;
109			}
110
111			echo "<th class=\"data\">{$v2}</th>".PHP_EOL;
112			}
113			if ($data->hasGrantOption()) {
114			echo "<th class=\"data\">{$this->lang['strgrantor']}</th>";
115			}
116			echo '</tr>'.PHP_EOL;
117
118			// Loop over privileges, outputting them
119			$i = 0;
120			foreach ($privileges as $v) {
121			$id = (0 == ($i % 2) ? '1' : '2');
122			echo "<tr class=\"data{$id}\">".PHP_EOL;
123			if (!$data->hasRoles()) {
124			echo '<td>', $this->misc->printVal($v[0]), '</td>'.PHP_EOL;
125			}
126
127			echo '<td>', $this->misc->printVal($v[1]), '</td>'.PHP_EOL;
128			foreach ($data->privlist[$subject] as $v2) {
129			// Skip over ALL PRIVILEGES
130			if ('ALL PRIVILEGES' == $v2) {
131			continue;
132			}
133
134			echo '<td>';
135			if (in_array($v2, $v[2], true)) {
136			echo $this->lang['stryes'];
137			} else {
138			echo $this->lang['strno'];
139			}
140
141			// If we have grant option for this, end mark
142			if ($data->hasGrantOption() && in_array($v2, $v[4], true)) {
143			echo $this->lang['strasterisk'];
144			}
145
146			echo '</td>'.PHP_EOL;
147			}
148			if ($data->hasGrantOption()) {
149			echo '<td>', $this->misc->printVal($v[3]), '</td>'.PHP_EOL;
150			}
151			echo '</tr>'.PHP_EOL;
152			++$i;
153			}
154
155			echo '</table>';
156			} else {
157			echo "<p>{$this->lang['strnoprivileges']}</p>".PHP_EOL;
158			}
159			$this->printGrantLinks();
160			}
161
162			public function printGrantLinks()
163			{
164			$data = $this->misc->getDatabaseAccessor();
165			$subject = $_REQUEST['subject'];
166			$alllabel = '';
167			$alltxt = '';
168			// Links for granting to a user or group
169			switch ($subject) {
170			case 'table':
171			case 'view':
172			case 'sequence':
173			case 'function':
174			case 'tablespace':
175			$alllabel = "showall{$subject}s";
176			$allurl = "{$subject}s";
177			$alltxt = $this->lang["strshowall{$subject}s"];
178
179			break;
180			case 'schema':
181			$alllabel = 'showallschemas';
182			$allurl = 'schemas';
183			$alltxt = $this->lang['strshowallschemas'];
184
185			break;
186			case 'database':
187			$alllabel = 'showalldatabases';
188			$allurl = 'alldb';
189			$alltxt = $this->lang['strshowalldatabases'];
190
191			break;
192			}
193
194			$object = $_REQUEST[$subject];
195
196			if ('function' == $subject) {
197			$objectoid = $_REQUEST[$subject.'_oid'];
198			$urlvars = [
199			'action' => 'alter',
200			'server' => $_REQUEST['server'],
201			'database' => $_REQUEST['database'],
202			'schema' => $_REQUEST['schema'],
203			$subject => $object,
204			"{$subject}_oid" => $objectoid,
205			'subject' => $subject,
206			];
207			} elseif ('column' == $subject) {
208			$urlvars = [
209			'action' => 'alter',
210			'server' => $_REQUEST['server'],
211			'database' => $_REQUEST['database'],
212			'schema' => $_REQUEST['schema'],
213			$subject => $object,
214			'subject' => $subject,
215			];
216
217			if (isset($_REQUEST['table'])) {
218			$urlvars['table'] = $_REQUEST['table'];
219			} elseif (isset($_REQUEST['view'])) {
220			$urlvars['view'] = $_REQUEST['view'];
221			} else {
222			$urlvars['matview'] = $_REQUEST['matview'];
223			}
224			} else {
225			$urlvars = [
226			'action' => 'alter',
227			'server' => $_REQUEST['server'],
228			'database' => $_REQUEST['database'],
229			$subject => $object,
230			'subject' => $subject,
231			];
232			if (isset($_REQUEST['schema'])) {
233			$urlvars['schema'] = $_REQUEST['schema'];
234			}
235			}
236
237			$navlinks = [
238			'grant' => [
239			'attr' => [
240			'href' => [
241			'url' => 'privileges',
242			'urlvars' => array_merge($urlvars, ['mode' => 'grant']),
243			],
244			],
245			'content' => $this->lang['strgrant'],
246			],
247			'revoke' => [
248			'attr' => [
249			'href' => [
250			'url' => 'privileges',
251			'urlvars' => array_merge($urlvars, ['mode' => 'revoke']),
252			],
253			],
254			'content' => $this->lang['strrevoke'],
255			],
256			];
257
258			if (isset($allurl)) {
259			$navlinks[$alllabel] = [
260			'attr' => [
261			'href' => [
262			'url' => $allurl,
263			'urlvars' => [
264			'server' => $_REQUEST['server'],
265			'database' => $_REQUEST['database'],
266			],
267			],
268			],
269			'content' => $alltxt,
270			];
271			if (isset($_REQUEST['schema'])) {
272			$navlinks[$alllabel]['attr']['href']['urlvars']['schema'] = $_REQUEST['schema'];
273			}
274			}
275
276			$this->printNavLinks($navlinks, $this->table_place, get_defined_vars());
277			}
278
279			/**
280			* Prints the form to grants permision on an object to a user.
281			*
282			* @param string $mode either grant or revoke
283			* @param string $msg The message
284			*/
285			public function formAlter($mode, $msg = '')
286			{
287			$data = $this->misc->getDatabaseAccessor();
288
289			$this->coalesceArr($_REQUEST, 'username', []);
290
291			$this->coalesceArr($_REQUEST, 'groupname', []);
292
293			$this->coalesceArr($_REQUEST, 'privilege', []);
294
295			// Get users from the database
296			$users = $data->getUsers();
297			// Get groups from the database
298			$groups = $data->getGroups();
299
300			$this->printTrail($_REQUEST['subject']);
301
302			$this->printTitle($this->lang['str'.$mode], 'pg.privilege.'.$mode);
303
304			$this->printMsg($msg);
305
306			echo '<form action="'.\SUBFOLDER.'/src/views/privileges" method="post">'.PHP_EOL;
307			echo '<table>'.PHP_EOL;
308			echo "<tr><th class=\"data left\">{$this->lang['strusers']}</th>".PHP_EOL;
309			echo '<td class="data1"><select name="username[]" multiple="multiple" size="', min(6, $users->recordCount()), '">'.PHP_EOL;
310			while (!$users->EOF) {
311			$uname = htmlspecialchars($users->fields['usename']);
312			echo "<option value=\"{$uname}\"",
313			in_array($users->fields['usename'], $_REQUEST['username'], true) ? ' selected="selected"' : '', ">{$uname}</option>".PHP_EOL;
314			$users->moveNext();
315			}
316			echo '</select></td></tr>'.PHP_EOL;
317			echo "<tr><th class=\"data left\">{$this->lang['strgroups']}</th>".PHP_EOL;
318			echo '<td class="data1">'.PHP_EOL;
319			echo '<input type="checkbox" id="public" name="public"', (isset($_REQUEST['public']) ? ' checked="checked"' : ''), ' /><label for="public">PUBLIC</label>'.PHP_EOL;
320			// Only show groups if there are groups!
321			if ($groups->recordCount() > 0) {
322			echo '<br /><select name="groupname[]" multiple="multiple" size="', min(6, $groups->recordCount()), '">'.PHP_EOL;
323			while (!$groups->EOF) {
324			$gname = htmlspecialchars($groups->fields['groname']);
325			echo "<option value=\"{$gname}\"",
326			in_array($groups->fields['groname'], $_REQUEST['groupname'], true) ? ' selected="selected"' : '', ">{$gname}</option>".PHP_EOL;
327			$groups->moveNext();
328			}
329			echo '</select>'.PHP_EOL;
330			}
331			echo '</td></tr>'.PHP_EOL;
332			echo "<tr><th class=\"data left required\">{$this->lang['strprivileges']}</th>".PHP_EOL;
333			echo '<td class="data1">'.PHP_EOL;
334			foreach ($data->privlist[$_REQUEST['subject']] as $v) {
335			$v = htmlspecialchars($v);
336			echo "<input type=\"checkbox\" id=\"privilege[${v}]\" name=\"privilege[${v}]\"",
337			isset($_REQUEST['privilege'][$v]) ? ' checked="checked"' : '', " /><label for=\"privilege[${v}]\">{$v}</label><br />".PHP_EOL;
338			}
339			echo '</td></tr>'.PHP_EOL;
340			// Grant option
341			if ($data->hasGrantOption()) {
342			echo "<tr><th class=\"data left\">{$this->lang['stroptions']}</th>".PHP_EOL;
343			echo '<td class="data1">'.PHP_EOL;
344			if ('grant' == $mode) {
345			echo '<input type="checkbox" id="grantoption" name="grantoption"',
346			isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION</label>'.PHP_EOL;
347			} elseif ('revoke' == $mode) {
348			echo '<input type="checkbox" id="grantoption" name="grantoption"',
349			isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION FOR</label><br />'.PHP_EOL;
350			echo '<input type="checkbox" id="cascade" name="cascade"',
351			isset($_REQUEST['cascade']) ? ' checked="checked"' : '', ' /><label for="cascade">CASCADE</label><br />'.PHP_EOL;
352			}
353			echo '</td></tr>'.PHP_EOL;
354			}
355			echo '</table>'.PHP_EOL;
356
357			echo '<p><input type="hidden" name="action" value="save" />'.PHP_EOL;
358			echo '<input type="hidden" name="mode" value="', htmlspecialchars($mode), '" />'.PHP_EOL;
359			echo '<input type="hidden" name="subject" value="', htmlspecialchars($_REQUEST['subject']), '" />'.PHP_EOL;
360			if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
361			echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject'].'_oid'),
362			'" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject'].'_oid']), '" />'.PHP_EOL;
363			}
364
365			echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject']),
366			'" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject']]), '" />'.PHP_EOL;
367			if ('column' == $_REQUEST['subject']) {
368			echo '<input type="hidden" name="table" value="',
369			htmlspecialchars($_REQUEST['table']), '" />'.PHP_EOL;
370			}
371
372			echo $this->misc->form;
373			echo sprintf('<input type="submit" name="%s" value="%s" />%s', $mode, $this->lang['str'.$mode], PHP_EOL);
374
375			echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>";
376			echo '</form>'.PHP_EOL;
377			}
378
379			/**
380			* Grant permissions on an object to a user.
381			*
382			* @param string $mode 'grant' or 'revoke'
383			*/
384			public function doAlter($mode)
385			{
386			$data = $this->misc->getDatabaseAccessor();
387
388			$this->coalesceArr($_REQUEST, 'username', []);
389
390			$this->coalesceArr($_REQUEST, 'groupname', []);
391
392			$this->coalesceArr($_REQUEST, 'privilege', []);
393
394			// Determine whether object should be ref'd by name or oid.
395			if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
396			$object = $_REQUEST[$_REQUEST['subject'].'_oid'];
397			} else {
398			$object = $_REQUEST[$_REQUEST['subject']];
399			}
400
401			if (isset($_REQUEST['table'])) {
402			$table = $_REQUEST['table'];
403			} else {
404			$table = null;
405			}
406
407			$status = $data->setPrivileges(
408			('grant' == $mode) ? 'GRANT' : 'REVOKE',
409			$_REQUEST['subject'],
410			$object,
411			isset($_REQUEST['public']),
412			$_REQUEST['username'],
413			$_REQUEST['groupname'],
414			array_keys($_REQUEST['privilege']),
415			isset($_REQUEST['grantoption']),
416			isset($_REQUEST['cascade']),
417			$table
418			);
419
420			if (0 == $status) {
421			$this->doDefault($this->lang['strgranted']);
422			} elseif ($status == -3 \|\| $status == -4) {
423			$this->formAlter($_REQUEST['mode'], $this->lang['strgrantbad']);
424			} else {
425			$this->formAlter($_REQUEST['mode'], $this->lang['strgrantfailed']);
426			}
427			}
428			}
429

HuasoFoundries / phpPgAdmin6

Push — develop ( c2019a...2cab77 )

PrivilegesController F

Complexity

Size/Duplication

Importance

5 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like