PrivilegesController::formAlter() - Code Metrics - Inspection of "Tag v 6.0.0-beta.49 adds role group and function d..." - HuasoFoundries/phpPgAdmin6 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( b546ed...d78264 )

by Felipe

created 2018-08-22 19:21 UTC

PrivilegesController::formAlter() D

↳ Parent: PrivilegesController

Complexity

Conditions	17
Paths	128

Size

Total Lines	92
Code Lines	66

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	66
dl	0
loc	92
c	0
b	0
f	0
rs	4.9833
cc	17
nc	128
nop	2

How to fix Long Method Complexity

<?php

/**
 * PHPPgAdmin v6.0.0-beta.49
 */

namespace PHPPgAdmin\Controller;

/**
 * PrivilegesController controller class.
 */
class PrivilegesController extends BaseController
{
    public $table_place      = 'privileges-privileges';
    public $controller_title = 'strprivileges';

    /**
     * Default method to render the controller according to the action parameter.
     */
    public function render()
    {
        $this->printHeader();
        $this->printBody();

        switch ($this->action) {
            case 'save':
                if (isset($_REQUEST['cancel'])) {
                    $this->doDefault();
                } else {
                    $this->doAlter($_REQUEST['mode']);
                }

                break;
            case 'alter':
                $this->formAlter($_REQUEST['mode']);

                break;
            default:
                $this->doDefault();

                break;
        }

        $this->printFooter();
    }

    /**
     * Show permissions on a database, namespace, relation, language or function.
     *
     * @param mixed $msg
     */
    public function doDefault($msg = '')
    {
        $data    = $this->misc->getDatabaseAccessor();
        $subject = $_REQUEST['subject'];

        $this->printTrail($subject);

        // @@@FIXME: This switch is just a temporary solution,
        // need a better way, maybe every type of object should
        // have a tab bar???

        if (in_array($subject, [
            'server',
            'database',
            'schema',
            'table',
            'column',
            'view',
            'function',
        ], true)) {
            $this->printTabs($subject, 'privileges');
        } else {
            $this->printTitle($this->lang['strprivileges'], 'pg.privilege');
        }

        $this->printMsg($msg);
        if (!isset($data->privlist[$subject])) {
            $this->container->utils->halt('No privileges defined for subject '.$subject);

            return;
        }

        // Determine whether object should be ref'd by name or oid.
        if (isset($_REQUEST[$subject.'_oid'])) {
            $object = $_REQUEST[$subject.'_oid'];
        } else {
            $object = $_REQUEST[$subject];
        }

        // Get the privileges on the object, given its type
        if ('column' == $subject) {
            $privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']);
        } else {
            $privileges = $data->getPrivileges($object, $subject);
        }

        if (sizeof($privileges) > 0) {
            echo '<table>'.PHP_EOL;
            if ($data->hasRoles()) {
                echo "<tr><th class=\"data\">{$this->lang['strrole']}</th>";
            } else {
                echo "<tr><th class=\"data\">{$this->lang['strtype']}</th><th class=\"data\">{$this->lang['struser']}/{$this->lang['strgroup']}</th>";
            }

            foreach ($data->privlist[$subject] as $v2) {
                // Skip over ALL PRIVILEGES
                if ('ALL PRIVILEGES' == $v2) {
                    continue;
                }

                echo "<th class=\"data\">{$v2}</th>".PHP_EOL;
            }
            if ($data->hasGrantOption()) {
                echo "<th class=\"data\">{$this->lang['strgrantor']}</th>";
            }
            echo '</tr>'.PHP_EOL;

            // Loop over privileges, outputting them
            $i = 0;
            foreach ($privileges as $v) {
                $id = (0 == ($i % 2) ? '1' : '2');
                echo "<tr class=\"data{$id}\">".PHP_EOL;
                if (!$data->hasRoles()) {
                    echo '<td>', $this->misc->printVal($v[0]), '</td>'.PHP_EOL;
                }

                echo '<td>', $this->misc->printVal($v[1]), '</td>'.PHP_EOL;
                foreach ($data->privlist[$subject] as $v2) {
                    // Skip over ALL PRIVILEGES
                    if ('ALL PRIVILEGES' == $v2) {
                        continue;
                    }

                    echo '<td>';
                    if (in_array($v2, $v[2], true)) {
                        echo $this->lang['stryes'];
                    } else {
                        echo $this->lang['strno'];
                    }

                    // If we have grant option for this, end mark
                    if ($data->hasGrantOption() && in_array($v2, $v[4], true)) {
                        echo $this->lang['strasterisk'];
                    }

                    echo '</td>'.PHP_EOL;
                }
                if ($data->hasGrantOption()) {
                    echo '<td>', $this->misc->printVal($v[3]), '</td>'.PHP_EOL;
                }
                echo '</tr>'.PHP_EOL;
                ++$i;
            }

            echo '</table>';
        } else {
            echo "<p>{$this->lang['strnoprivileges']}</p>".PHP_EOL;
        }
        $this->printGrantLinks();
    }

    public function printGrantLinks()
    {
        $data     = $this->misc->getDatabaseAccessor();
        $subject  = $_REQUEST['subject'];
        $alllabel = '';
        $alltxt   = '';
        // Links for granting to a user or group
        switch ($subject) {
            case 'table':
            case 'view':
            case 'sequence':
            case 'function':
            case 'tablespace':
                $alllabel = "showall{$subject}s";
                $allurl   = "{$subject}s";
                $alltxt   = $this->lang["strshowall{$subject}s"];

                break;
            case 'schema':
                $alllabel = 'showallschemas';
                $allurl   = 'schemas';
                $alltxt   = $this->lang['strshowallschemas'];

                break;
            case 'database':
                $alllabel = 'showalldatabases';
                $allurl   = 'alldb';
                $alltxt   = $this->lang['strshowalldatabases'];

                break;
        }

        $object = $_REQUEST[$subject];

        if ('function' == $subject) {
            $objectoid = $_REQUEST[$subject.'_oid'];
            $urlvars   = [
                'action'         => 'alter',
                'server'         => $_REQUEST['server'],
                'database'       => $_REQUEST['database'],
                'schema'         => $_REQUEST['schema'],
                $subject         => $object,
                "{$subject}_oid" => $objectoid,
                'subject'        => $subject,
            ];
        } elseif ('column' == $subject) {
            $urlvars = [
                'action'   => 'alter',
                'server'   => $_REQUEST['server'],
                'database' => $_REQUEST['database'],
                'schema'   => $_REQUEST['schema'],
                $subject   => $object,
                'subject'  => $subject,
            ];

            if (isset($_REQUEST['table'])) {
                $urlvars['table'] = $_REQUEST['table'];
            } elseif (isset($_REQUEST['view'])) {
                $urlvars['view'] = $_REQUEST['view'];
            } else {
                $urlvars['matview'] = $_REQUEST['matview'];
            }
        } else {
            $urlvars = [
                'action'   => 'alter',
                'server'   => $_REQUEST['server'],
                'database' => $_REQUEST['database'],
                $subject   => $object,
                'subject'  => $subject,
            ];
            if (isset($_REQUEST['schema'])) {
                $urlvars['schema'] = $_REQUEST['schema'];
            }
        }

        $navlinks = [
            'grant'  => [
                'attr'    => [
                    'href' => [
                        'url'     => 'privileges',
                        'urlvars' => array_merge($urlvars, ['mode' => 'grant']),
                    ],
                ],
                'content' => $this->lang['strgrant'],
            ],
            'revoke' => [
                'attr'    => [
                    'href' => [
                        'url'     => 'privileges',
                        'urlvars' => array_merge($urlvars, ['mode' => 'revoke']),
                    ],
                ],
                'content' => $this->lang['strrevoke'],
            ],
        ];

        if (isset($allurl)) {
            $navlinks[$alllabel] = [
                'attr'    => [
                    'href' => [
                        'url'     => $allurl,
                        'urlvars' => [
                            'server'   => $_REQUEST['server'],
                            'database' => $_REQUEST['database'],
                        ],
                    ],
                ],
                'content' => $alltxt,
            ];
            if (isset($_REQUEST['schema'])) {
                $navlinks[$alllabel]['attr']['href']['urlvars']['schema'] = $_REQUEST['schema'];
            }
        }

        $this->printNavLinks($navlinks, $this->table_place, get_defined_vars());
    }

    /**
     * Prints the form to grants permision on an object to a user.
     *
     * @param string $mode either grant or revoke
     * @param string $msg  The message
     */
    public function formAlter($mode, $msg = '')
    {
        $data = $this->misc->getDatabaseAccessor();

        $this->coalesceArr($_REQUEST, 'username', []);

        $this->coalesceArr($_REQUEST, 'groupname', []);

        $this->coalesceArr($_REQUEST, 'privilege', []);

        // Get users from the database
        $users = $data->getUsers();
        // Get groups from the database
        $groups = $data->getGroups();

        $this->printTrail($_REQUEST['subject']);

        $this->printTitle($this->lang['str'.$mode], 'pg.privilege.'.$mode);

        $this->printMsg($msg);

        echo '<form action="'.\SUBFOLDER.'/src/views/privileges" method="post">'.PHP_EOL;
        echo '<table>'.PHP_EOL;
        echo "<tr><th class=\"data left\">{$this->lang['strusers']}</th>".PHP_EOL;
        echo '<td class="data1"><select name="username[]" multiple="multiple" size="', min(6, $users->recordCount()), '">'.PHP_EOL;
        while (!$users->EOF) {
            $uname = htmlspecialchars($users->fields['usename']);
            echo "<option value=\"{$uname}\"",
            in_array($users->fields['usename'], $_REQUEST['username'], true) ? ' selected="selected"' : '', ">{$uname}</option>".PHP_EOL;
            $users->moveNext();
        }
        echo '</select></td></tr>'.PHP_EOL;
        echo "<tr><th class=\"data left\">{$this->lang['strgroups']}</th>".PHP_EOL;
        echo '<td class="data1">'.PHP_EOL;
        echo '<input type="checkbox" id="public" name="public"', (isset($_REQUEST['public']) ? ' checked="checked"' : ''), ' /><label for="public">PUBLIC</label>'.PHP_EOL;
        // Only show groups if there are groups!
        if ($groups->recordCount() > 0) {
            echo '<br /><select name="groupname[]" multiple="multiple" size="', min(6, $groups->recordCount()), '">'.PHP_EOL;
            while (!$groups->EOF) {
                $gname = htmlspecialchars($groups->fields['groname']);
                echo "<option value=\"{$gname}\"",
                in_array($groups->fields['groname'], $_REQUEST['groupname'], true) ? ' selected="selected"' : '', ">{$gname}</option>".PHP_EOL;
                $groups->moveNext();
            }
            echo '</select>'.PHP_EOL;
        }
        echo '</td></tr>'.PHP_EOL;
        echo "<tr><th class=\"data left required\">{$this->lang['strprivileges']}</th>".PHP_EOL;
        echo '<td class="data1">'.PHP_EOL;
        foreach ($data->privlist[$_REQUEST['subject']] as $v) {
            $v = htmlspecialchars($v);
            echo "<input type=\"checkbox\" id=\"privilege[${v}]\" name=\"privilege[${v}]\"",
            isset($_REQUEST['privilege'][$v]) ? ' checked="checked"' : '', " /><label for=\"privilege[${v}]\">{$v}</label><br />".PHP_EOL;
        }
        echo '</td></tr>'.PHP_EOL;
        // Grant option
        if ($data->hasGrantOption()) {
            echo "<tr><th class=\"data left\">{$this->lang['stroptions']}</th>".PHP_EOL;
            echo '<td class="data1">'.PHP_EOL;
            if ('grant' == $mode) {
                echo '<input type="checkbox" id="grantoption" name="grantoption"',
                isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION</label>'.PHP_EOL;
            } elseif ('revoke' == $mode) {
                echo '<input type="checkbox" id="grantoption" name="grantoption"',
                isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION FOR</label><br />'.PHP_EOL;
                echo '<input type="checkbox" id="cascade" name="cascade"',
                isset($_REQUEST['cascade']) ? ' checked="checked"' : '', ' /><label for="cascade">CASCADE</label><br />'.PHP_EOL;
            }
            echo '</td></tr>'.PHP_EOL;
        }
        echo '</table>'.PHP_EOL;

        echo '<p><input type="hidden" name="action" value="save" />'.PHP_EOL;
        echo '<input type="hidden" name="mode" value="', htmlspecialchars($mode), '" />'.PHP_EOL;
        echo '<input type="hidden" name="subject" value="', htmlspecialchars($_REQUEST['subject']), '" />'.PHP_EOL;
        if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
            echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject'].'_oid'),
            '" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject'].'_oid']), '" />'.PHP_EOL;
        }

        echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject']),
        '" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject']]), '" />'.PHP_EOL;
        if ('column' == $_REQUEST['subject']) {
            echo '<input type="hidden" name="table" value="',
            htmlspecialchars($_REQUEST['table']), '" />'.PHP_EOL;
        }

        echo $this->misc->form;
        echo sprintf('<input type="submit" name="%s" value="%s" />%s', $mode, $this->lang['str'.$mode], PHP_EOL);

        echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>";
        echo '</form>'.PHP_EOL;
    }

    /**
     * Grant permissions on an object to a user.
     *
     * @param string $mode 'grant' or 'revoke'
     */
    public function doAlter($mode)
    {
        $data = $this->misc->getDatabaseAccessor();

        $this->coalesceArr($_REQUEST, 'username', []);

        $this->coalesceArr($_REQUEST, 'groupname', []);

        $this->coalesceArr($_REQUEST, 'privilege', []);

        // Determine whether object should be ref'd by name or oid.
        if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
            $object = $_REQUEST[$_REQUEST['subject'].'_oid'];
        } else {
            $object = $_REQUEST[$_REQUEST['subject']];
        }

        if (isset($_REQUEST['table'])) {
            $table = $_REQUEST['table'];
        } else {
            $table = null;
        }

        $status = $data->setPrivileges(
            ('grant' == $mode) ? 'GRANT' : 'REVOKE',
            $_REQUEST['subject'],
            $object,
            isset($_REQUEST['public']),
            $_REQUEST['username'],
            $_REQUEST['groupname'],
            array_keys($_REQUEST['privilege']),
            isset($_REQUEST['grantoption']),
            isset($_REQUEST['cascade']),
            $table
        );

        if (0 == $status) {
            $this->doDefault($this->lang['strgranted']);
        } elseif ($status == -3 || $status == -4) {
            $this->formAlter($_REQUEST['mode'], $this->lang['strgrantbad']);
        } else {
            $this->formAlter($_REQUEST['mode'], $this->lang['strgrantfailed']);
        }
    }
}


1			<?php
2
3			/**
4			* PHPPgAdmin v6.0.0-beta.49
5			*/
6
7			namespace PHPPgAdmin\Controller;
8
9			/**
10			* PrivilegesController controller class.
11			*/
12			class PrivilegesController extends BaseController
13			{
14			public $table_place = 'privileges-privileges';
15			public $controller_title = 'strprivileges';
16
17			/**
18			* Default method to render the controller according to the action parameter.
19			*/
20			public function render()
21			{
22			$this->printHeader();
23			$this->printBody();
24
25			switch ($this->action) {
26			case 'save':
27			if (isset($_REQUEST['cancel'])) {
28			$this->doDefault();
29			} else {
30			$this->doAlter($_REQUEST['mode']);
31			}
32
33			break;
34			case 'alter':
35			$this->formAlter($_REQUEST['mode']);
36
37			break;
38			default:
39			$this->doDefault();
40
41			break;
42			}
43
44			$this->printFooter();
45			}
46
47			/**
48			* Show permissions on a database, namespace, relation, language or function.
49			*
50			* @param mixed $msg
51			*/
52			public function doDefault($msg = '')
53			{
54			$data = $this->misc->getDatabaseAccessor();
55			$subject = $_REQUEST['subject'];
56
57			$this->printTrail($subject);
58
59			// @@@FIXME: This switch is just a temporary solution,
60			// need a better way, maybe every type of object should
61			// have a tab bar???
62
63			if (in_array($subject, [
64			'server',
65			'database',
66			'schema',
67			'table',
68			'column',
69			'view',
70			'function',
71			], true)) {
72			$this->printTabs($subject, 'privileges');
73			} else {
74			$this->printTitle($this->lang['strprivileges'], 'pg.privilege');
75			}
76
77			$this->printMsg($msg);
78			if (!isset($data->privlist[$subject])) {
79			$this->container->utils->halt('No privileges defined for subject '.$subject);
80
81			return;
82			}
83
84			// Determine whether object should be ref'd by name or oid.
85			if (isset($_REQUEST[$subject.'_oid'])) {
86			$object = $_REQUEST[$subject.'_oid'];
87			} else {
88			$object = $_REQUEST[$subject];
89			}
90
91			// Get the privileges on the object, given its type
92			if ('column' == $subject) {
93			$privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']);
94			} else {
95			$privileges = $data->getPrivileges($object, $subject);
96			}
97
98			if (sizeof($privileges) > 0) {
99			echo '<table>'.PHP_EOL;
100			if ($data->hasRoles()) {
101			echo "<tr><th class=\"data\">{$this->lang['strrole']}</th>";
102			} else {
103			echo "<tr><th class=\"data\">{$this->lang['strtype']}</th><th class=\"data\">{$this->lang['struser']}/{$this->lang['strgroup']}</th>";
104			}
105
106			foreach ($data->privlist[$subject] as $v2) {
107			// Skip over ALL PRIVILEGES
108			if ('ALL PRIVILEGES' == $v2) {
109			continue;
110			}
111
112			echo "<th class=\"data\">{$v2}</th>".PHP_EOL;
113			}
114			if ($data->hasGrantOption()) {
115			echo "<th class=\"data\">{$this->lang['strgrantor']}</th>";
116			}
117			echo '</tr>'.PHP_EOL;
118
119			// Loop over privileges, outputting them
120			$i = 0;
121			foreach ($privileges as $v) {
122			$id = (0 == ($i % 2) ? '1' : '2');
123			echo "<tr class=\"data{$id}\">".PHP_EOL;
124			if (!$data->hasRoles()) {
125			echo '<td>', $this->misc->printVal($v[0]), '</td>'.PHP_EOL;
126			}
127
128			echo '<td>', $this->misc->printVal($v[1]), '</td>'.PHP_EOL;
129			foreach ($data->privlist[$subject] as $v2) {
130			// Skip over ALL PRIVILEGES
131			if ('ALL PRIVILEGES' == $v2) {
132			continue;
133			}
134
135			echo '<td>';
136			if (in_array($v2, $v[2], true)) {
137			echo $this->lang['stryes'];
138			} else {
139			echo $this->lang['strno'];
140			}
141
142			// If we have grant option for this, end mark
143			if ($data->hasGrantOption() && in_array($v2, $v[4], true)) {
144			echo $this->lang['strasterisk'];
145			}
146
147			echo '</td>'.PHP_EOL;
148			}
149			if ($data->hasGrantOption()) {
150			echo '<td>', $this->misc->printVal($v[3]), '</td>'.PHP_EOL;
151			}
152			echo '</tr>'.PHP_EOL;
153			++$i;
154			}
155
156			echo '</table>';
157			} else {
158			echo "<p>{$this->lang['strnoprivileges']}</p>".PHP_EOL;
159			}
160			$this->printGrantLinks();
161			}
162
163			public function printGrantLinks()
164			{
165			$data = $this->misc->getDatabaseAccessor();
166			$subject = $_REQUEST['subject'];
167			$alllabel = '';
168			$alltxt = '';
169			// Links for granting to a user or group
170			switch ($subject) {
171			case 'table':
172			case 'view':
173			case 'sequence':
174			case 'function':
175			case 'tablespace':
176			$alllabel = "showall{$subject}s";
177			$allurl = "{$subject}s";
178			$alltxt = $this->lang["strshowall{$subject}s"];
179
180			break;
181			case 'schema':
182			$alllabel = 'showallschemas';
183			$allurl = 'schemas';
184			$alltxt = $this->lang['strshowallschemas'];
185
186			break;
187			case 'database':
188			$alllabel = 'showalldatabases';
189			$allurl = 'alldb';
190			$alltxt = $this->lang['strshowalldatabases'];
191
192			break;
193			}
194
195			$object = $_REQUEST[$subject];
196
197			if ('function' == $subject) {
198			$objectoid = $_REQUEST[$subject.'_oid'];
199			$urlvars = [
200			'action' => 'alter',
201			'server' => $_REQUEST['server'],
202			'database' => $_REQUEST['database'],
203			'schema' => $_REQUEST['schema'],
204			$subject => $object,
205			"{$subject}_oid" => $objectoid,
206			'subject' => $subject,
207			];
208			} elseif ('column' == $subject) {
209			$urlvars = [
210			'action' => 'alter',
211			'server' => $_REQUEST['server'],
212			'database' => $_REQUEST['database'],
213			'schema' => $_REQUEST['schema'],
214			$subject => $object,
215			'subject' => $subject,
216			];
217
218			if (isset($_REQUEST['table'])) {
219			$urlvars['table'] = $_REQUEST['table'];
220			} elseif (isset($_REQUEST['view'])) {
221			$urlvars['view'] = $_REQUEST['view'];
222			} else {
223			$urlvars['matview'] = $_REQUEST['matview'];
224			}
225			} else {
226			$urlvars = [
227			'action' => 'alter',
228			'server' => $_REQUEST['server'],
229			'database' => $_REQUEST['database'],
230			$subject => $object,
231			'subject' => $subject,
232			];
233			if (isset($_REQUEST['schema'])) {
234			$urlvars['schema'] = $_REQUEST['schema'];
235			}
236			}
237
238			$navlinks = [
239			'grant' => [
240			'attr' => [
241			'href' => [
242			'url' => 'privileges',
243			'urlvars' => array_merge($urlvars, ['mode' => 'grant']),
244			],
245			],
246			'content' => $this->lang['strgrant'],
247			],
248			'revoke' => [
249			'attr' => [
250			'href' => [
251			'url' => 'privileges',
252			'urlvars' => array_merge($urlvars, ['mode' => 'revoke']),
253			],
254			],
255			'content' => $this->lang['strrevoke'],
256			],
257			];
258
259			if (isset($allurl)) {
260			$navlinks[$alllabel] = [
261			'attr' => [
262			'href' => [
263			'url' => $allurl,
264			'urlvars' => [
265			'server' => $_REQUEST['server'],
266			'database' => $_REQUEST['database'],
267			],
268			],
269			],
270			'content' => $alltxt,
271			];
272			if (isset($_REQUEST['schema'])) {
273			$navlinks[$alllabel]['attr']['href']['urlvars']['schema'] = $_REQUEST['schema'];
274			}
275			}
276
277			$this->printNavLinks($navlinks, $this->table_place, get_defined_vars());
278			}
279
280			/**
281			* Prints the form to grants permision on an object to a user.
282			*
283			* @param string $mode either grant or revoke
284			* @param string $msg The message
285			*/
286			public function formAlter($mode, $msg = '')
287			{
288			$data = $this->misc->getDatabaseAccessor();
289
290			$this->coalesceArr($_REQUEST, 'username', []);
291
292			$this->coalesceArr($_REQUEST, 'groupname', []);
293
294			$this->coalesceArr($_REQUEST, 'privilege', []);
295
296			// Get users from the database
297			$users = $data->getUsers();
298			// Get groups from the database
299			$groups = $data->getGroups();
300
301			$this->printTrail($_REQUEST['subject']);
302
303			$this->printTitle($this->lang['str'.$mode], 'pg.privilege.'.$mode);
304
305			$this->printMsg($msg);
306
307			echo '<form action="'.\SUBFOLDER.'/src/views/privileges" method="post">'.PHP_EOL;
308			echo '<table>'.PHP_EOL;
309			echo "<tr><th class=\"data left\">{$this->lang['strusers']}</th>".PHP_EOL;
310			echo '<td class="data1"><select name="username[]" multiple="multiple" size="', min(6, $users->recordCount()), '">'.PHP_EOL;
311			while (!$users->EOF) {
312			$uname = htmlspecialchars($users->fields['usename']);
313			echo "<option value=\"{$uname}\"",
314			in_array($users->fields['usename'], $_REQUEST['username'], true) ? ' selected="selected"' : '', ">{$uname}</option>".PHP_EOL;
315			$users->moveNext();
316			}
317			echo '</select></td></tr>'.PHP_EOL;
318			echo "<tr><th class=\"data left\">{$this->lang['strgroups']}</th>".PHP_EOL;
319			echo '<td class="data1">'.PHP_EOL;
320			echo '<input type="checkbox" id="public" name="public"', (isset($_REQUEST['public']) ? ' checked="checked"' : ''), ' /><label for="public">PUBLIC</label>'.PHP_EOL;
321			// Only show groups if there are groups!
322			if ($groups->recordCount() > 0) {
323			echo '<br /><select name="groupname[]" multiple="multiple" size="', min(6, $groups->recordCount()), '">'.PHP_EOL;
324			while (!$groups->EOF) {
325			$gname = htmlspecialchars($groups->fields['groname']);
326			echo "<option value=\"{$gname}\"",
327			in_array($groups->fields['groname'], $_REQUEST['groupname'], true) ? ' selected="selected"' : '', ">{$gname}</option>".PHP_EOL;
328			$groups->moveNext();
329			}
330			echo '</select>'.PHP_EOL;
331			}
332			echo '</td></tr>'.PHP_EOL;
333			echo "<tr><th class=\"data left required\">{$this->lang['strprivileges']}</th>".PHP_EOL;
334			echo '<td class="data1">'.PHP_EOL;
335			foreach ($data->privlist[$_REQUEST['subject']] as $v) {
336			$v = htmlspecialchars($v);
337			echo "<input type=\"checkbox\" id=\"privilege[${v}]\" name=\"privilege[${v}]\"",
338			isset($_REQUEST['privilege'][$v]) ? ' checked="checked"' : '', " /><label for=\"privilege[${v}]\">{$v}</label><br />".PHP_EOL;
339			}
340			echo '</td></tr>'.PHP_EOL;
341			// Grant option
342			if ($data->hasGrantOption()) {
343			echo "<tr><th class=\"data left\">{$this->lang['stroptions']}</th>".PHP_EOL;
344			echo '<td class="data1">'.PHP_EOL;
345			if ('grant' == $mode) {
346			echo '<input type="checkbox" id="grantoption" name="grantoption"',
347			isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION</label>'.PHP_EOL;
348			} elseif ('revoke' == $mode) {
349			echo '<input type="checkbox" id="grantoption" name="grantoption"',
350			isset($_REQUEST['grantoption']) ? ' checked="checked"' : '', ' /><label for="grantoption">GRANT OPTION FOR</label><br />'.PHP_EOL;
351			echo '<input type="checkbox" id="cascade" name="cascade"',
352			isset($_REQUEST['cascade']) ? ' checked="checked"' : '', ' /><label for="cascade">CASCADE</label><br />'.PHP_EOL;
353			}
354			echo '</td></tr>'.PHP_EOL;
355			}
356			echo '</table>'.PHP_EOL;
357
358			echo '<p><input type="hidden" name="action" value="save" />'.PHP_EOL;
359			echo '<input type="hidden" name="mode" value="', htmlspecialchars($mode), '" />'.PHP_EOL;
360			echo '<input type="hidden" name="subject" value="', htmlspecialchars($_REQUEST['subject']), '" />'.PHP_EOL;
361			if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
362			echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject'].'_oid'),
363			'" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject'].'_oid']), '" />'.PHP_EOL;
364			}
365
366			echo '<input type="hidden" name="', htmlspecialchars($_REQUEST['subject']),
367			'" value="', htmlspecialchars($_REQUEST[$_REQUEST['subject']]), '" />'.PHP_EOL;
368			if ('column' == $_REQUEST['subject']) {
369			echo '<input type="hidden" name="table" value="',
370			htmlspecialchars($_REQUEST['table']), '" />'.PHP_EOL;
371			}
372
373			echo $this->misc->form;
374			echo sprintf('<input type="submit" name="%s" value="%s" />%s', $mode, $this->lang['str'.$mode], PHP_EOL);
375
376			echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>";
377			echo '</form>'.PHP_EOL;
378			}
379
380			/**
381			* Grant permissions on an object to a user.
382			*
383			* @param string $mode 'grant' or 'revoke'
384			*/
385			public function doAlter($mode)
386			{
387			$data = $this->misc->getDatabaseAccessor();
388
389			$this->coalesceArr($_REQUEST, 'username', []);
390
391			$this->coalesceArr($_REQUEST, 'groupname', []);
392
393			$this->coalesceArr($_REQUEST, 'privilege', []);
394
395			// Determine whether object should be ref'd by name or oid.
396			if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) {
397			$object = $_REQUEST[$_REQUEST['subject'].'_oid'];
398			} else {
399			$object = $_REQUEST[$_REQUEST['subject']];
400			}
401
402			if (isset($_REQUEST['table'])) {
403			$table = $_REQUEST['table'];
404			} else {
405			$table = null;
406			}
407
408			$status = $data->setPrivileges(
409			('grant' == $mode) ? 'GRANT' : 'REVOKE',
410			$_REQUEST['subject'],
411			$object,
412			isset($_REQUEST['public']),
413			$_REQUEST['username'],
414			$_REQUEST['groupname'],
415			array_keys($_REQUEST['privilege']),
416			isset($_REQUEST['grantoption']),
417			isset($_REQUEST['cascade']),
418			$table
419			);
420
421			if (0 == $status) {
422			$this->doDefault($this->lang['strgranted']);
423			} elseif ($status == -3 \|\| $status == -4) {
424			$this->formAlter($_REQUEST['mode'], $this->lang['strgrantbad']);
425			} else {
426			$this->formAlter($_REQUEST['mode'], $this->lang['strgrantfailed']);
427			}
428			}
429			}
430

HuasoFoundries / phpPgAdmin6

Push — master ( b546ed...d78264 )

PrivilegesController::formAlter() D

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like