|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* PHPPgAdmin 6.1.3 |
|
5
|
|
|
*/ |
|
6
|
|
|
|
|
7
|
|
|
namespace PHPPgAdmin\Controller; |
|
8
|
|
|
|
|
9
|
|
|
/** |
|
10
|
|
|
* PrivilegesController controller class. |
|
11
|
|
|
*/ |
|
12
|
|
|
class PrivilegesController extends BaseController |
|
13
|
|
|
{ |
|
14
|
|
|
public $table_place = 'privileges-privileges'; |
|
15
|
|
|
|
|
16
|
|
|
public $controller_title = 'strprivileges'; |
|
17
|
|
|
|
|
18
|
|
|
/** |
|
19
|
|
|
* Default method to render the controller according to the action parameter. |
|
20
|
|
|
*/ |
|
21
|
|
|
public function render(): void |
|
22
|
|
|
{ |
|
23
|
|
|
$this->printHeader(); |
|
24
|
|
|
$this->printBody(); |
|
25
|
|
|
|
|
26
|
|
|
switch ($this->action) { |
|
27
|
|
|
case 'save': |
|
28
|
|
|
if (isset($_REQUEST['cancel'])) { |
|
29
|
|
|
$this->doDefault(); |
|
30
|
|
|
} else { |
|
31
|
|
|
$this->doAlter($_REQUEST['mode']); |
|
32
|
|
|
} |
|
33
|
|
|
|
|
34
|
|
|
break; |
|
35
|
|
|
case 'alter': |
|
36
|
|
|
$this->formAlter($_REQUEST['mode']); |
|
37
|
|
|
|
|
38
|
|
|
break; |
|
39
|
|
|
|
|
40
|
|
|
default: |
|
41
|
|
|
$this->doDefault(); |
|
42
|
|
|
|
|
43
|
|
|
break; |
|
44
|
|
|
} |
|
45
|
|
|
|
|
46
|
|
|
$this->printFooter(); |
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
/** |
|
50
|
|
|
* Show permissions on a database, namespace, relation, language or function. |
|
51
|
|
|
* |
|
52
|
|
|
* @param mixed $msg |
|
53
|
|
|
*/ |
|
54
|
|
|
public function doDefault($msg = ''): void |
|
55
|
|
|
{ |
|
56
|
|
|
$data = $this->misc->getDatabaseAccessor(); |
|
57
|
|
|
$subject = $_REQUEST['subject']; |
|
58
|
|
|
|
|
59
|
|
|
$this->printTrail($subject); |
|
60
|
|
|
|
|
61
|
|
|
// @@@FIXME: This switch is just a temporary solution, |
|
62
|
|
|
// need a better way, maybe every type of object should |
|
63
|
|
|
// have a tab bar??? |
|
64
|
|
|
|
|
65
|
|
|
if (\in_array($subject, [ |
|
66
|
|
|
'server', |
|
67
|
|
|
'database', |
|
68
|
|
|
'schema', |
|
69
|
|
|
'table', |
|
70
|
|
|
'column', |
|
71
|
|
|
'view', |
|
72
|
|
|
'function', |
|
73
|
|
|
], true)) { |
|
74
|
|
|
$this->printTabs($subject, 'privileges'); |
|
75
|
|
|
} else { |
|
76
|
|
|
$this->printTitle($this->lang['strprivileges'], 'pg.privilege'); |
|
77
|
|
|
} |
|
78
|
|
|
|
|
79
|
|
|
$this->printMsg($msg); |
|
80
|
|
|
|
|
81
|
|
|
if (!isset($data->privlist[$subject])) { |
|
82
|
|
|
$this->container->halt('No privileges defined for subject ' . $subject); |
|
83
|
|
|
|
|
84
|
|
|
return; |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
// Determine whether object should be ref'd by name or oid. |
|
88
|
|
|
if (isset($_REQUEST[$subject . '_oid'])) { |
|
89
|
|
|
$object = $_REQUEST[$subject . '_oid']; |
|
90
|
|
|
} else { |
|
91
|
|
|
$object = $_REQUEST[$subject]; |
|
92
|
|
|
} |
|
93
|
|
|
|
|
94
|
|
|
// Get the privileges on the object, given its type |
|
95
|
|
|
if ('column' === $subject) { |
|
96
|
|
|
$privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']); |
|
97
|
|
|
} else { |
|
98
|
|
|
$privileges = $data->getPrivileges($object, $subject); |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
if (0 < \count($privileges)) { |
|
|
|
|
|
|
102
|
|
|
echo '<table>' . \PHP_EOL; |
|
103
|
|
|
|
|
104
|
|
|
if ($data->hasRoles()) { |
|
105
|
|
|
echo \sprintf( |
|
106
|
|
|
'<tr><th class="data">%s</th>', |
|
107
|
|
|
$this->lang['strrole'] |
|
108
|
|
|
); |
|
109
|
|
|
} else { |
|
110
|
|
|
echo \sprintf( |
|
111
|
|
|
'<tr><th class="data">%s</th><th class="data">%s/%s</th>', |
|
112
|
|
|
$this->lang['strtype'], |
|
113
|
|
|
$this->lang['struser'], |
|
114
|
|
|
$this->lang['strgroup'] |
|
115
|
|
|
); |
|
116
|
|
|
} |
|
117
|
|
|
|
|
118
|
|
|
foreach ($data->privlist[$subject] as $v2) { |
|
119
|
|
|
// Skip over ALL PRIVILEGES |
|
120
|
|
|
if ('ALL PRIVILEGES' === $v2) { |
|
121
|
|
|
continue; |
|
122
|
|
|
} |
|
123
|
|
|
|
|
124
|
|
|
echo \sprintf( |
|
125
|
|
|
'<th class="data">%s</th>', |
|
126
|
|
|
$v2 |
|
127
|
|
|
) . \PHP_EOL; |
|
128
|
|
|
} |
|
129
|
|
|
|
|
130
|
|
|
if ($data->hasGrantOption()) { |
|
131
|
|
|
echo \sprintf( |
|
132
|
|
|
'<th class="data">%s</th>', |
|
133
|
|
|
$this->lang['strgrantor'] |
|
134
|
|
|
); |
|
135
|
|
|
} |
|
136
|
|
|
echo '</tr>' . \PHP_EOL; |
|
137
|
|
|
|
|
138
|
|
|
// Loop over privileges, outputting them |
|
139
|
|
|
$i = 0; |
|
140
|
|
|
|
|
141
|
|
|
foreach ($privileges as $v) { |
|
142
|
|
|
$id = (0 === ($i % 2) ? '1' : '2'); |
|
143
|
|
|
echo \sprintf( |
|
144
|
|
|
'<tr class="data%s">', |
|
145
|
|
|
$id |
|
146
|
|
|
) . \PHP_EOL; |
|
147
|
|
|
|
|
148
|
|
|
if (!$data->hasRoles()) { |
|
149
|
|
|
echo '<td>', $this->misc->printVal($v[0]), '</td>' . \PHP_EOL; |
|
150
|
|
|
} |
|
151
|
|
|
|
|
152
|
|
|
echo '<td>', $this->misc->printVal($v[1]), '</td>' . \PHP_EOL; |
|
153
|
|
|
|
|
154
|
|
|
foreach ($data->privlist[$subject] as $v2) { |
|
155
|
|
|
// Skip over ALL PRIVILEGES |
|
156
|
|
|
if ('ALL PRIVILEGES' === $v2) { |
|
157
|
|
|
continue; |
|
158
|
|
|
} |
|
159
|
|
|
|
|
160
|
|
|
echo '<td>'; |
|
161
|
|
|
|
|
162
|
|
|
if (\in_array($v2, $v[2], true)) { |
|
163
|
|
|
echo $this->lang['stryes']; |
|
164
|
|
|
} else { |
|
165
|
|
|
echo $this->lang['strno']; |
|
166
|
|
|
} |
|
167
|
|
|
|
|
168
|
|
|
// If we have grant option for this, end mark |
|
169
|
|
|
if ($data->hasGrantOption() && \in_array($v2, $v[4], true)) { |
|
170
|
|
|
echo $this->lang['strasterisk']; |
|
171
|
|
|
} |
|
172
|
|
|
|
|
173
|
|
|
echo '</td>' . \PHP_EOL; |
|
174
|
|
|
} |
|
175
|
|
|
|
|
176
|
|
|
if ($data->hasGrantOption()) { |
|
177
|
|
|
echo '<td>', $this->misc->printVal($v[3]), '</td>' . \PHP_EOL; |
|
178
|
|
|
} |
|
179
|
|
|
echo '</tr>' . \PHP_EOL; |
|
180
|
|
|
++$i; |
|
181
|
|
|
} |
|
182
|
|
|
|
|
183
|
|
|
echo '</table>'; |
|
184
|
|
|
} else { |
|
185
|
|
|
echo \sprintf( |
|
186
|
|
|
'<p>%s</p>', |
|
187
|
|
|
$this->lang['strnoprivileges'] |
|
188
|
|
|
) . \PHP_EOL; |
|
189
|
|
|
} |
|
190
|
|
|
$this->printGrantLinks(); |
|
191
|
|
|
} |
|
192
|
|
|
|
|
193
|
|
|
public function printGrantLinks(): void |
|
194
|
|
|
{ |
|
195
|
|
|
$data = $this->misc->getDatabaseAccessor(); |
|
196
|
|
|
$subject = $_REQUEST['subject']; |
|
197
|
|
|
$alllabel = ''; |
|
198
|
|
|
$alltxt = ''; |
|
199
|
|
|
// Links for granting to a user or group |
|
200
|
|
|
switch ($subject) { |
|
201
|
|
|
case 'table': |
|
202
|
|
|
case 'view': |
|
203
|
|
|
case 'sequence': |
|
204
|
|
|
case 'function': |
|
205
|
|
|
case 'tablespace': |
|
206
|
|
|
$alllabel = \sprintf( |
|
207
|
|
|
'showall%ss', |
|
208
|
|
|
$subject |
|
209
|
|
|
); |
|
210
|
|
|
$allurl = \sprintf( |
|
211
|
|
|
'%ss', |
|
212
|
|
|
$subject |
|
213
|
|
|
); |
|
214
|
|
|
$alltxt = $this->lang[\sprintf( |
|
215
|
|
|
'strshowall%ss', |
|
216
|
|
|
$subject |
|
217
|
|
|
)]; |
|
218
|
|
|
|
|
219
|
|
|
break; |
|
220
|
|
|
case 'schema': |
|
221
|
|
|
$alllabel = 'showallschemas'; |
|
222
|
|
|
$allurl = 'schemas'; |
|
223
|
|
|
$alltxt = $this->lang['strshowallschemas']; |
|
224
|
|
|
|
|
225
|
|
|
break; |
|
226
|
|
|
case 'database': |
|
227
|
|
|
$alllabel = 'showalldatabases'; |
|
228
|
|
|
$allurl = 'alldb'; |
|
229
|
|
|
$alltxt = $this->lang['strshowalldatabases']; |
|
230
|
|
|
|
|
231
|
|
|
break; |
|
232
|
|
|
} |
|
233
|
|
|
|
|
234
|
|
|
$object = $_REQUEST[$subject]; |
|
235
|
|
|
|
|
236
|
|
|
if ('function' === $subject) { |
|
237
|
|
|
$objectoid = $_REQUEST[$subject . '_oid']; |
|
238
|
|
|
$urlvars = [ |
|
239
|
|
|
'action' => 'alter', |
|
240
|
|
|
'server' => $_REQUEST['server'], |
|
241
|
|
|
'database' => $_REQUEST['database'], |
|
242
|
|
|
'schema' => $_REQUEST['schema'], |
|
243
|
|
|
$subject => $object, |
|
244
|
|
|
\sprintf( |
|
245
|
|
|
'%s_oid', |
|
246
|
|
|
$subject |
|
247
|
|
|
) => $objectoid, |
|
248
|
|
|
'subject' => $subject, |
|
249
|
|
|
]; |
|
250
|
|
|
} elseif ('column' === $subject) { |
|
251
|
|
|
$urlvars = [ |
|
252
|
|
|
'action' => 'alter', |
|
253
|
|
|
'server' => $_REQUEST['server'], |
|
254
|
|
|
'database' => $_REQUEST['database'], |
|
255
|
|
|
'schema' => $_REQUEST['schema'], |
|
256
|
|
|
$subject => $object, |
|
257
|
|
|
'subject' => $subject, |
|
258
|
|
|
]; |
|
259
|
|
|
|
|
260
|
|
|
if (isset($_REQUEST['table'])) { |
|
261
|
|
|
$urlvars['table'] = $_REQUEST['table']; |
|
262
|
|
|
} elseif (isset($_REQUEST['view'])) { |
|
263
|
|
|
$urlvars['view'] = $_REQUEST['view']; |
|
264
|
|
|
} else { |
|
265
|
|
|
$urlvars['matview'] = $_REQUEST['matview']; |
|
266
|
|
|
} |
|
267
|
|
|
} else { |
|
268
|
|
|
$urlvars = [ |
|
269
|
|
|
'action' => 'alter', |
|
270
|
|
|
'server' => $_REQUEST['server'], |
|
271
|
|
|
'database' => $_REQUEST['database'], |
|
272
|
|
|
$subject => $object, |
|
273
|
|
|
'subject' => $subject, |
|
274
|
|
|
]; |
|
275
|
|
|
|
|
276
|
|
|
if (isset($_REQUEST['schema'])) { |
|
277
|
|
|
$urlvars['schema'] = $_REQUEST['schema']; |
|
278
|
|
|
} |
|
279
|
|
|
} |
|
280
|
|
|
|
|
281
|
|
|
$navlinks = [ |
|
282
|
|
|
'grant' => [ |
|
283
|
|
|
'attr' => [ |
|
284
|
|
|
'href' => [ |
|
285
|
|
|
'url' => 'privileges', |
|
286
|
|
|
'urlvars' => \array_merge($urlvars, ['mode' => 'grant']), |
|
287
|
|
|
], |
|
288
|
|
|
], |
|
289
|
|
|
'content' => $this->lang['strgrant'], |
|
290
|
|
|
], |
|
291
|
|
|
'revoke' => [ |
|
292
|
|
|
'attr' => [ |
|
293
|
|
|
'href' => [ |
|
294
|
|
|
'url' => 'privileges', |
|
295
|
|
|
'urlvars' => \array_merge($urlvars, ['mode' => 'revoke']), |
|
296
|
|
|
], |
|
297
|
|
|
], |
|
298
|
|
|
'content' => $this->lang['strrevoke'], |
|
299
|
|
|
], |
|
300
|
|
|
]; |
|
301
|
|
|
|
|
302
|
|
|
if (isset($allurl)) { |
|
303
|
|
|
$navlinks[$alllabel] = [ |
|
304
|
|
|
'attr' => [ |
|
305
|
|
|
'href' => [ |
|
306
|
|
|
'url' => $allurl, |
|
307
|
|
|
'urlvars' => [ |
|
308
|
|
|
'server' => $_REQUEST['server'], |
|
309
|
|
|
'database' => $_REQUEST['database'], |
|
310
|
|
|
], |
|
311
|
|
|
], |
|
312
|
|
|
], |
|
313
|
|
|
'content' => $alltxt, |
|
314
|
|
|
]; |
|
315
|
|
|
|
|
316
|
|
|
if (isset($_REQUEST['schema'])) { |
|
317
|
|
|
$navlinks[$alllabel]['attr']['href']['urlvars']['schema'] = $_REQUEST['schema']; |
|
318
|
|
|
} |
|
319
|
|
|
} |
|
320
|
|
|
|
|
321
|
|
|
$this->printNavLinks($navlinks, $this->table_place, \get_defined_vars()); |
|
322
|
|
|
} |
|
323
|
|
|
|
|
324
|
|
|
/** |
|
325
|
|
|
* Prints the form to grants permision on an object to a user. |
|
326
|
|
|
* |
|
327
|
|
|
* @param string $mode either grant or revoke |
|
328
|
|
|
* @param string $msg The message |
|
329
|
|
|
*/ |
|
330
|
|
|
public function formAlter($mode, $msg = ''): void |
|
331
|
|
|
{ |
|
332
|
|
|
$data = $this->misc->getDatabaseAccessor(); |
|
333
|
|
|
|
|
334
|
|
|
$this->coalesceArr($_REQUEST, 'username', []); |
|
335
|
|
|
|
|
336
|
|
|
$this->coalesceArr($_REQUEST, 'groupname', []); |
|
337
|
|
|
|
|
338
|
|
|
$this->coalesceArr($_REQUEST, 'privilege', []); |
|
339
|
|
|
|
|
340
|
|
|
// Get users from the database |
|
341
|
|
|
$users = $data->getUsers(); |
|
342
|
|
|
// Get groups from the database |
|
343
|
|
|
$groups = $data->getGroups(); |
|
344
|
|
|
|
|
345
|
|
|
$this->printTrail($_REQUEST['subject']); |
|
346
|
|
|
|
|
347
|
|
|
$this->printTitle($this->lang['str' . $mode], 'pg.privilege.' . $mode); |
|
348
|
|
|
|
|
349
|
|
|
$this->printMsg($msg); |
|
350
|
|
|
|
|
351
|
|
|
echo '<form action="' . \containerInstance()->subFolder . '/src/views/privileges" method="post">' . \PHP_EOL; |
|
352
|
|
|
echo '<table>' . \PHP_EOL; |
|
353
|
|
|
echo \sprintf( |
|
354
|
|
|
'<tr><th class="data left">%s</th>', |
|
355
|
|
|
$this->lang['strusers'] |
|
356
|
|
|
) . \PHP_EOL; |
|
357
|
|
|
echo '<td class="data1"><select name="username[]" multiple="multiple" size="', \min(6, $users->recordCount()), '">' . \PHP_EOL; |
|
358
|
|
|
|
|
359
|
|
|
while (!$users->EOF) { |
|
360
|
|
|
$uname = \htmlspecialchars($users->fields['usename']); |
|
361
|
|
|
echo \sprintf( |
|
362
|
|
|
'<option value="%s"', |
|
363
|
|
|
$uname |
|
364
|
|
|
), |
|
365
|
|
|
\in_array($users->fields['usename'], $_REQUEST['username'], true) ? ' selected="selected"' : '', \sprintf( |
|
366
|
|
|
'>%s</option>', |
|
367
|
|
|
$uname |
|
368
|
|
|
) . \PHP_EOL; |
|
369
|
|
|
$users->moveNext(); |
|
370
|
|
|
} |
|
371
|
|
|
echo '</select></td></tr>' . \PHP_EOL; |
|
372
|
|
|
echo \sprintf( |
|
373
|
|
|
'<tr><th class="data left">%s</th>', |
|
374
|
|
|
$this->lang['strgroups'] |
|
375
|
|
|
) . \PHP_EOL; |
|
376
|
|
|
echo '<td class="data1">' . \PHP_EOL; |
|
377
|
|
|
echo '<input type="checkbox" id="public" name="public"', (isset($_REQUEST['public']) ? ' checked="checked"' : ''), ' /><label for="public">PUBLIC</label>' . \PHP_EOL; |
|
378
|
|
|
// Only show groups if there are groups! |
|
379
|
|
|
if (0 < $groups->recordCount()) { |
|
380
|
|
|
echo '<br /><select name="groupname[]" multiple="multiple" size="', \min(6, $groups->recordCount()), '">' . \PHP_EOL; |
|
381
|
|
|
|
|
382
|
|
|
while (!$groups->EOF) { |
|
383
|
|
|
$gname = \htmlspecialchars($groups->fields['groname']); |
|
384
|
|
|
echo \sprintf( |
|
385
|
|
|
'<option value="%s"', |
|
386
|
|
|
$gname |
|
387
|
|
|
), |
|
388
|
|
|
\in_array($groups->fields['groname'], $_REQUEST['groupname'], true) ? ' selected="selected"' : '', \sprintf( |
|
389
|
|
|
'>%s</option>', |
|
390
|
|
|
$gname |
|
391
|
|
|
) . \PHP_EOL; |
|
392
|
|
|
$groups->moveNext(); |
|
393
|
|
|
} |
|
394
|
|
|
echo '</select>' . \PHP_EOL; |
|
395
|
|
|
} |
|
396
|
|
|
echo '</td></tr>' . \PHP_EOL; |
|
397
|
|
|
echo \sprintf( |
|
398
|
|
|
'<tr><th class="data left required">%s</th>', |
|
399
|
|
|
$this->lang['strprivileges'] |
|
400
|
|
|
) . \PHP_EOL; |
|
401
|
|
|
echo '<td class="data1">' . \PHP_EOL; |
|
402
|
|
|
|
|
403
|
|
|
foreach ($data->privlist[$_REQUEST['subject']] as $v) { |
|
404
|
|
|
$v = \htmlspecialchars($v); |
|
405
|
|
|
echo \sprintf( |
|
406
|
|
|
'<input type="checkbox" id="privilege[%s]" name="privilege[%s]"', |
|
407
|
|
|
$v, |
|
408
|
|
|
$v |
|
409
|
|
|
), |
|
410
|
|
|
isset($_REQUEST['privilege'][$v]) ? ' checked="checked"' : '', \sprintf( |
|
411
|
|
|
' /><label for="privilege[%s]">%s</label><br />', |
|
412
|
|
|
$v, |
|
413
|
|
|
$v |
|
414
|
|
|
) . \PHP_EOL; |
|
415
|
|
|
} |
|
416
|
|
|
echo '</td></tr>' . \PHP_EOL; |
|
417
|
|
|
// Grant option |
|
418
|
|
|
if ($data->hasGrantOption()) { |
|
419
|
|
|
echo \sprintf( |
|
420
|
|
|
'<tr><th class="data left">%s</th>', |
|
421
|
|
|
$this->lang['stroptions'] |
|
422
|
|
|
) . \PHP_EOL; |
|
423
|
|
|
echo '<td class="data1">' . \PHP_EOL; |
|
424
|
|
|
|
|
425
|
|
|
if ('grant' === $mode) { |
|
426
|
|
|
echo '<input type="checkbox" id="grantoption" name="grantoption"', |
|
427
|
|
|
isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION</label>' . \PHP_EOL; |
|
428
|
|
|
} elseif ('revoke' === $mode) { |
|
429
|
|
|
echo '<input type="checkbox" id="grantoption" name="grantoption"', |
|
430
|
|
|
isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION FOR</label><br />' . \PHP_EOL; |
|
431
|
|
|
echo '<input type="checkbox" id="cascade" name="cascade"', |
|
432
|
|
|
isset($_REQUEST['cascade']) ? ' checked="checked"' : '', ' /><label for="cascade">CASCADE</label><br />' . \PHP_EOL; |
|
433
|
|
|
} |
|
434
|
|
|
echo '</td></tr>' . \PHP_EOL; |
|
435
|
|
|
} |
|
436
|
|
|
echo '</table>' . \PHP_EOL; |
|
437
|
|
|
|
|
438
|
|
|
echo '<p><input type="hidden" name="action" value="save" />' . \PHP_EOL; |
|
439
|
|
|
echo '<input type="hidden" name="mode" value="', \htmlspecialchars($mode), '" />' . \PHP_EOL; |
|
440
|
|
|
echo '<input type="hidden" name="subject" value="', \htmlspecialchars($_REQUEST['subject']), '" />' . \PHP_EOL; |
|
441
|
|
|
|
|
442
|
|
|
if (isset($_REQUEST[$_REQUEST['subject'] . '_oid'])) { |
|
443
|
|
|
echo '<input type="hidden" name="', \htmlspecialchars($_REQUEST['subject'] . '_oid'), |
|
444
|
|
|
'" value="', \htmlspecialchars($_REQUEST[$_REQUEST['subject'] . '_oid']), '" />' . \PHP_EOL; |
|
445
|
|
|
} |
|
446
|
|
|
|
|
447
|
|
|
echo '<input type="hidden" name="', \htmlspecialchars($_REQUEST['subject']), |
|
448
|
|
|
'" value="', \htmlspecialchars($_REQUEST[$_REQUEST['subject']]), '" />' . \PHP_EOL; |
|
449
|
|
|
|
|
450
|
|
|
if ('column' === $_REQUEST['subject']) { |
|
451
|
|
|
echo '<input type="hidden" name="table" value="', |
|
452
|
|
|
\htmlspecialchars($_REQUEST['table']), '" />' . \PHP_EOL; |
|
453
|
|
|
} |
|
454
|
|
|
|
|
455
|
|
|
echo $this->view->form; |
|
456
|
|
|
echo \sprintf( |
|
457
|
|
|
'<input type="submit" name="%s" value="%s" />%s', |
|
458
|
|
|
$mode, |
|
459
|
|
|
$this->lang['str' . $mode], |
|
460
|
|
|
\PHP_EOL |
|
461
|
|
|
); |
|
462
|
|
|
|
|
463
|
|
|
echo \sprintf( |
|
464
|
|
|
'<input type="submit" name="cancel" value="%s" /></p>', |
|
465
|
|
|
$this->lang['strcancel'] |
|
466
|
|
|
); |
|
467
|
|
|
echo '</form>' . \PHP_EOL; |
|
468
|
|
|
} |
|
469
|
|
|
|
|
470
|
|
|
/** |
|
471
|
|
|
* Grant permissions on an object to a user. |
|
472
|
|
|
* |
|
473
|
|
|
* @param string $mode 'grant' or 'revoke' |
|
474
|
|
|
*/ |
|
475
|
|
|
public function doAlter($mode): void |
|
476
|
|
|
{ |
|
477
|
|
|
$data = $this->misc->getDatabaseAccessor(); |
|
478
|
|
|
|
|
479
|
|
|
$this->coalesceArr($_REQUEST, 'username', []); |
|
480
|
|
|
|
|
481
|
|
|
$this->coalesceArr($_REQUEST, 'groupname', []); |
|
482
|
|
|
|
|
483
|
|
|
$this->coalesceArr($_REQUEST, 'privilege', []); |
|
484
|
|
|
|
|
485
|
|
|
// Determine whether object should be ref'd by name or oid. |
|
486
|
|
|
if (isset($_REQUEST[$_REQUEST['subject'] . '_oid'])) { |
|
487
|
|
|
$object = $_REQUEST[$_REQUEST['subject'] . '_oid']; |
|
488
|
|
|
} else { |
|
489
|
|
|
$object = $_REQUEST[$_REQUEST['subject']]; |
|
490
|
|
|
} |
|
491
|
|
|
|
|
492
|
|
|
if (isset($_REQUEST['table'])) { |
|
493
|
|
|
$table = $_REQUEST['table']; |
|
494
|
|
|
} else { |
|
495
|
|
|
$table = null; |
|
496
|
|
|
} |
|
497
|
|
|
|
|
498
|
|
|
$status = $data->setPrivileges( |
|
499
|
|
|
('grant' === $mode) ? 'GRANT' : 'REVOKE', |
|
500
|
|
|
$_REQUEST['subject'], |
|
501
|
|
|
$object, |
|
502
|
|
|
isset($_REQUEST['public']), |
|
503
|
|
|
$_REQUEST['username'], |
|
504
|
|
|
$_REQUEST['groupname'], |
|
505
|
|
|
\array_keys($_REQUEST['privilege']), |
|
506
|
|
|
isset($_REQUEST['grantoption']), |
|
507
|
|
|
isset($_REQUEST['cascade']), |
|
508
|
|
|
$table |
|
509
|
|
|
); |
|
510
|
|
|
|
|
511
|
|
|
if (0 === $status) { |
|
512
|
|
|
$this->doDefault($this->lang['strgranted']); |
|
513
|
|
|
} elseif (-3 === $status || -4 === $status) { |
|
514
|
|
|
$this->formAlter($_REQUEST['mode'], $this->lang['strgrantbad']); |
|
515
|
|
|
} else { |
|
516
|
|
|
$this->formAlter($_REQUEST['mode'], $this->lang['strgrantfailed']); |
|
517
|
|
|
} |
|
518
|
|
|
} |
|
519
|
|
|
} |
|
520
|
|
|
|
HuasoFoundries /
phpPgAdmin6
Loading history...