for testing and deploying your application
for finding and fixing issues
for empowering human code reviews
<?php
/*
* PHPPgAdmin v6.0.0-beta.30
*/
namespace PHPPgAdmin\Controller;
/**
* PrivilegesController controller class.
class PrivilegesController extends BaseController
{
public $controller_name = 'PrivilegesController';
public $table_place = 'privileges-privileges';
* Default method to render the controller according to the action parameter.
public function render()
$conf = $this->conf;
$lang = $this->lang;
$action = $this->action;
$data = $this->misc->getDatabaseAccessor();
$this->printHeader($lang['strprivileges']);
$this->printBody();
switch ($action) {
case 'save':
if (isset($_REQUEST['cancel'])) {
$this->doDefault();
} else {
$this->doAlter(false, $_REQUEST['mode']);
}
break;
case 'alter':
$this->doAlter(true, $_REQUEST['mode']);
default:
$this->printFooter();
* Show permissions on a database, namespace, relation, language or function.
*
* @param mixed $msg
public function doDefault($msg = '')
$database = $this->misc->getDatabase();
$this->printTrail($_REQUEST['subject']);
// @@@FIXME: This switch is just a temporary solution,
// need a better way, maybe every type of object should
// have a tab bar???
switch ($_REQUEST['subject']) {
case 'server':
case 'database':
case 'schema':
case 'table':
case 'column':
case 'view':
$this->printTabs($_REQUEST['subject'], 'privileges');
$this->printTitle($lang['strprivileges'], 'pg.privilege');
$this->printMsg($msg);
// Determine whether object should be ref'd by name or oid.
if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
$object = $_REQUEST[$_REQUEST['subject'].'_oid'];
$object = $_REQUEST[$_REQUEST['subject']];
// Get the privileges on the object, given its type
if ('column' == $_REQUEST['subject']) {
$privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']);
$privileges = $data->getPrivileges($object, $_REQUEST['subject']);
if (sizeof($privileges) > 0) {
echo "<table>\n";
if ($data->hasRoles()) {
echo "<tr><th class=\"data\">{$lang['strrole']}</th>";
echo "<tr><th class=\"data\">{$lang['strtype']}</th><th class=\"data\">{$lang['struser']}/{$lang['strgroup']}</th>";
foreach ($data->privlist[$_REQUEST['subject']] as $v2) {
// Skip over ALL PRIVILEGES
if ('ALL PRIVILEGES' == $v2) {
continue;
echo "<th class=\"data\">{$v2}</th>\n";
if ($data->hasGrantOption()) {
echo "<th class=\"data\">{$lang['strgrantor']}</th>";
echo "</tr>\n";
// Loop over privileges, outputting them
$i = 0;
foreach ($privileges as $v) {
$id = (0 == ($i % 2) ? '1' : '2');
echo "<tr class=\"data{$id}\">\n";
if (!$data->hasRoles()) {
echo '<td>', $this->misc->printVal($v[0]), "</td>\n";
echo '<td>', $this->misc->printVal($v[1]), "</td>\n";
echo '<td>';
if (in_array($v2, $v[2], true)) {
echo $lang['stryes'];
echo $lang['strno'];
// If we have grant option for this, end mark
if ($data->hasGrantOption() && in_array($v2, $v[4], true)) {
echo $lang['strasterisk'];
echo "</td>\n";
echo '<td>', $this->misc->printVal($v[3]), "</td>\n";
++$i;
echo '</table>';
echo "<p>{$lang['strnoprivileges']}</p>\n";
// Links for granting to a user or group
case 'sequence':
case 'function':
case 'tablespace':
$alllabel = "showall{$_REQUEST['subject']}s";
$allurl = "{$_REQUEST['subject']}s.php";
$alltxt = $lang["strshowall{$_REQUEST['subject']}s"];
$alllabel = 'showallschemas';
$allurl = 'schemas.php';
$alltxt = $lang['strshowallschemas'];
$alllabel = 'showalldatabases';
$allurl = 'alldb.php';
$alltxt = $lang['strshowalldatabases'];
$subject = $_REQUEST['subject'];
if ('function' == $_REQUEST['subject']) {
$objectoid = $_REQUEST[$_REQUEST['subject'].'_oid'];
$urlvars = [
'action' => 'alter',
'server' => $_REQUEST['server'],
'database' => $_REQUEST['database'],
'schema' => $_REQUEST['schema'],
$subject => $object,
"{$subject}_oid" => $objectoid,
'subject' => $subject,
];
} elseif ('column' == $_REQUEST['subject']) {
if (isset($_REQUEST['table'])) {
$urlvars['table'] = $_REQUEST['table'];
$urlvars['view'] = $_REQUEST['view'];
if (isset($_REQUEST['schema'])) {
$urlvars['schema'] = $_REQUEST['schema'];
$navlinks = [
'grant' => [
'attr' => [
'href' => [
'url' => 'privileges.php',
'urlvars' => array_merge($urlvars, ['mode' => 'grant']),
],
'content' => $lang['strgrant'],
'revoke' => [
'urlvars' => array_merge($urlvars, ['mode' => 'revoke']),
'content' => $lang['strrevoke'],
if (isset($allurl)) {
$navlinks[$alllabel] = [
'url' => $allurl,
'urlvars' => [
'content' => $alltxt,
$navlinks[$alllabel]['attr']['href']['urlvars']['schema'] = $_REQUEST['schema'];
$this->printNavLinks($navlinks, $this->table_place, get_defined_vars());
* Grant permissions on an object to a user.
* @param $confirm To show entry screen
* @param $mode 'grant' or 'revoke'
* @param $msg (optional) A message to show
public function doAlter($confirm, $mode, $msg = '')
if (!isset($_REQUEST['username'])) {
$_REQUEST['username'] = [];
if (!isset($_REQUEST['groupname'])) {
$_REQUEST['groupname'] = [];
if (!isset($_REQUEST['privilege'])) {
$_REQUEST['privilege'] = [];
if ($confirm) {
// Get users from the database
$users = $data->getUsers();
// Get groups from the database
$groups = $data->getGroups();
switch ($mode) {
case 'grant':
$this->printTitle($lang['strgrant'], 'pg.privilege.grant');
case 'revoke':
$this->printTitle($lang['strrevoke'], 'pg.privilege.revoke');
echo '<form action="'.\SUBFOLDER."/src/views/privileges.php\" method=\"post\">\n";
echo "<tr><th class=\"data left\">{$lang['strusers']}</th>\n";
echo '<td class="data1"><select name="username[]" multiple="multiple" size="', min(6, $users->recordCount()), "\">\n";
while (!$users->EOF) {
$uname = htmlspecialchars($users->fields['usename']);
echo "<option value=\"{$uname}\"",
in_array($users->fields['usename'], $_REQUEST['username'], true) ? ' selected="selected"' : '', ">{$uname}</option>\n";
$users->moveNext();
echo "</select></td></tr>\n";
echo "<tr><th class=\"data left\">{$lang['strgroups']}</th>\n";
echo "<td class=\"data1\">\n";
echo '<input type="checkbox" id="public" name="public"', (isset($_REQUEST['public']) ? ' checked="checked"' : ''), " /><label for=\"public\">PUBLIC</label>\n";
// Only show groups if there are groups!
if ($groups->recordCount() > 0) {
echo '<br /><select name="groupname[]" multiple="multiple" size="', min(6, $groups->recordCount()), "\">\n";
while (!$groups->EOF) {
$gname = htmlspecialchars($groups->fields['groname']);
echo "<option value=\"{$gname}\"",
in_array($groups->fields['groname'], $_REQUEST['groupname'], true) ? ' selected="selected"' : '', ">{$gname}</option>\n";
$groups->moveNext();
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><th class=\"data left required\">{$lang['strprivileges']}</th>\n";
foreach ($data->privlist[$_REQUEST['subject']] as $v) {
$v = htmlspecialchars($v);
echo "<input type=\"checkbox\" id=\"privilege[${v}]\" name=\"privilege[${v}]\"",
isset($_REQUEST['privilege'][$v]) ? ' checked="checked"' : '', " /><label for=\"privilege[${v}]\">{$v}</label><br />\n";
// Grant option
echo "<tr><th class=\"data left\">{$lang['stroptions']}</th>\n";
if ('grant' == $mode) {
echo '<input type="checkbox" id="grantoption" name="grantoption"',
isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', " /><label for=\"grantoption\">GRANT OPTION</label>\n";
} elseif ('revoke' == $mode) {
isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', " /><label for=\"grantoption\">GRANT OPTION FOR</label><br />\n";
echo '<input type="checkbox" id="cascade" name="cascade"',
isset($_REQUEST['cascade']) ? ' checked="checked"' : '', " /><label for=\"cascade\">CASCADE</label><br />\n";
echo "</table>\n";
echo "<p><input type=\"hidden\" name=\"action\" value=\"save\" />\n";
echo '<input type="hidden" name="mode" value="', htmlspecialchars($mode), "\" />\n";
echo '<input type="hidden" name="subject" value="', htmlspecialchars($_REQUEST['subject']), "\" />\n";
echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject'].'_oid'),
'" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject'].'_oid']), "\" />\n";
echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject']),
'" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject']]), "\" />\n";
echo '<input type="hidden" name="table" value="',
htmlspecialchars($_REQUEST['table']), "\" />\n";
echo $this->misc->form;
echo "<input type=\"submit\" name=\"grant\" value=\"{$lang['strgrant']}\" />\n";
echo "<input type=\"submit\" name=\"revoke\" value=\"{$lang['strrevoke']}\" />\n";
echo "<input type=\"submit\" name=\"cancel\" value=\"{$lang['strcancel']}\" /></p>";
echo "</form>\n";
$table = $_REQUEST['table'];
$table = null;
$status = $data->setPrivileges(
('grant' == $mode) ? 'GRANT' : 'REVOKE',
$_REQUEST['subject'],
$object,
isset($_REQUEST['public']),
$_REQUEST['username'],
$_REQUEST['groupname'],
array_keys($_REQUEST['privilege']),
isset($_REQUEST['grantoption']),
isset($_REQUEST['cascade']),
$table
);
if (0 == $status) {
$this->doDefault($lang['strgranted']);
} elseif ($status == -3 || $status == -4) {
$this->doAlter(true, $_REQUEST['mode'], $lang['strgrantbad']);
$this->doAlter(true, $_REQUEST['mode'], $lang['strgrantfailed']);
HuasoFoundries /
phpPgAdmin6
Amenadiel
Loading history...