1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* Controller for database privileges |
4
|
|
|
*/ |
5
|
|
|
|
6
|
|
|
declare(strict_types=1); |
7
|
|
|
|
8
|
|
|
namespace PhpMyAdmin\Controllers\Database; |
9
|
|
|
|
10
|
|
|
use PhpMyAdmin\CheckUserPrivileges; |
11
|
|
|
use PhpMyAdmin\Controllers\AbstractController; |
12
|
|
|
use PhpMyAdmin\DatabaseInterface; |
13
|
|
|
use PhpMyAdmin\Message; |
14
|
|
|
use PhpMyAdmin\ResponseRenderer; |
15
|
|
|
use PhpMyAdmin\Server\Privileges; |
16
|
|
|
use PhpMyAdmin\Template; |
17
|
|
|
use PhpMyAdmin\Util; |
18
|
|
|
|
19
|
|
|
use function __; |
20
|
|
|
use function mb_strtolower; |
21
|
|
|
use function ob_get_clean; |
22
|
|
|
use function ob_start; |
23
|
|
|
|
24
|
|
|
/** |
25
|
|
|
* Controller for database privileges |
26
|
|
|
*/ |
27
|
|
|
class PrivilegesController extends AbstractController |
28
|
4 |
|
{ |
29
|
|
|
/** @var Privileges */ |
30
|
|
|
private $privileges; |
31
|
|
|
|
32
|
|
|
/** @var DatabaseInterface */ |
33
|
|
|
private $dbi; |
34
|
4 |
|
|
35
|
4 |
|
public function __construct( |
36
|
4 |
|
ResponseRenderer $response, |
37
|
1 |
|
Template $template, |
38
|
|
|
Privileges $privileges, |
39
|
|
|
DatabaseInterface $dbi |
40
|
|
|
) { |
41
|
|
|
parent::__construct($response, $template); |
42
|
4 |
|
$this->privileges = $privileges; |
43
|
|
|
$this->dbi = $dbi; |
44
|
4 |
|
} |
45
|
4 |
|
|
46
|
|
|
public function __invoke(): void |
47
|
4 |
|
{ |
48
|
4 |
|
$GLOBALS['text_dir'] = $GLOBALS['text_dir'] ?? null; |
49
|
4 |
|
|
50
|
|
|
$checkUserPrivileges = new CheckUserPrivileges($this->dbi); |
51
|
|
|
$checkUserPrivileges->getPrivileges(); |
52
|
4 |
|
|
53
|
4 |
|
$this->addScriptFiles(['server/privileges.js', 'vendor/zxcvbn-ts.js']); |
54
|
4 |
|
|
55
|
1 |
|
/** |
56
|
4 |
|
* Checks if the user is allowed to do what they try to... |
57
|
4 |
|
*/ |
58
|
4 |
|
$isGrantUser = $this->dbi->isGrantUser(); |
59
|
1 |
|
$isCreateUser = $this->dbi->isCreateUser(); |
60
|
|
|
|
61
|
|
|
if (! $this->dbi->isSuperUser() && ! $isGrantUser && ! $isCreateUser) { |
62
|
|
|
$this->render('server/sub_page_header', [ |
63
|
|
|
'type' => 'privileges', |
64
|
|
|
'is_image' => false, |
65
|
|
|
]); |
66
|
|
|
$this->response->addHTML( |
67
|
|
|
Message::error(__('No Privileges')) |
68
|
|
|
->getDisplay() |
69
|
|
|
); |
70
|
|
|
|
71
|
|
|
return; |
72
|
|
|
} |
73
|
|
|
|
74
|
|
|
if (! $isGrantUser && ! $isCreateUser) { |
75
|
|
|
$this->response->addHTML(Message::notice( |
76
|
|
|
__('You do not have the privileges to administrate the users!') |
77
|
|
|
)->getDisplay()); |
78
|
|
|
} |
79
|
|
|
|
80
|
|
|
// Gets the database structure |
81
|
|
|
$GLOBALS['sub_part'] = '_structure'; |
82
|
|
|
ob_start(); |
83
|
|
|
|
84
|
|
|
[ |
85
|
|
|
$GLOBALS['tables'], |
86
|
|
|
$GLOBALS['num_tables'], |
87
|
|
|
$GLOBALS['total_num_tables'], |
88
|
|
|
$GLOBALS['sub_part'],,, |
89
|
|
|
$GLOBALS['tooltip_truename'], |
90
|
|
|
$GLOBALS['tooltip_aliasname'], |
91
|
|
|
$GLOBALS['pos'], |
92
|
|
|
] = Util::getDbInfo($GLOBALS['db'], $GLOBALS['sub_part']); |
93
|
|
|
|
94
|
|
|
$content = ob_get_clean(); |
95
|
|
|
$this->response->addHTML($content . "\n"); |
96
|
|
|
|
97
|
|
|
$scriptName = Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabDatabase'], 'database'); |
98
|
|
|
|
99
|
|
|
$db = $GLOBALS['db']; |
100
|
|
|
if ($this->dbi->getLowerCaseNames() === '1') { |
101
|
|
|
$db = mb_strtolower($GLOBALS['db']); |
102
|
|
|
} |
103
|
|
|
|
104
|
|
|
$privileges = []; |
105
|
|
|
if ($this->dbi->isSuperUser()) { |
106
|
|
|
$privileges = $this->privileges->getAllPrivileges($db); |
107
|
|
|
} |
108
|
|
|
|
109
|
|
|
$this->render('database/privileges/index', [ |
110
|
|
|
'is_superuser' => $this->dbi->isSuperUser(), |
111
|
|
|
'db' => $db, |
112
|
|
|
'database_url' => $scriptName, |
113
|
|
|
'text_dir' => $GLOBALS['text_dir'], |
114
|
|
|
'is_createuser' => $this->dbi->isCreateUser(), |
115
|
|
|
'is_grantuser' => $this->dbi->isGrantUser(), |
116
|
|
|
'privileges' => $privileges, |
117
|
|
|
]); |
118
|
|
|
$this->render('export_modal'); |
119
|
|
|
} |
120
|
|
|
} |
121
|
|
|
|