printHeader(); $this->printBody(); switch ($this->action) { case 'save': if (isset($_REQUEST['cancel'])) { $this->doDefault(); } else { $this->doAlter($_REQUEST['mode']); } break; case 'alter': $this->formAlter($_REQUEST['mode']); break; default: $this->doDefault(); break; } $this->printFooter(); } /** * Show permissions on a database, namespace, relation, language or function. * * @param mixed $msg */ public function doDefault($msg = '') { $data = $this->misc->getDatabaseAccessor(); $subject = $_REQUEST['subject']; $this->printTrail($subject); // @@@FIXME: This switch is just a temporary solution, // need a better way, maybe every type of object should // have a tab bar??? if (in_array($subject, [ 'server', 'database', 'schema', 'table', 'column', 'view', 'function', ], true)) { $this->printTabs($subject, 'privileges'); } else { $this->printTitle($this->lang['strprivileges'], 'pg.privilege'); } $this->printMsg($msg); if (!isset($data->privlist[$subject])) { $this->container->utils->halt('No privileges defined for subject '.$subject); return; } // Determine whether object should be ref'd by name or oid. if (isset($_REQUEST[$subject.'_oid'])) { $object = $_REQUEST[$subject.'_oid']; } else { $object = $_REQUEST[$subject]; } // Get the privileges on the object, given its type if ('column' == $subject) { $privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']); } else { $privileges = $data->getPrivileges($object, $subject); } if (sizeof($privileges) > 0) { echo ''.PHP_EOL; if ($data->hasRoles()) { echo ""; } else { echo ""; } foreach ($data->privlist[$subject] as $v2) { // Skip over ALL PRIVILEGES if ('ALL PRIVILEGES' == $v2) { continue; } echo "".PHP_EOL; } if ($data->hasGrantOption()) { echo ""; } echo ''.PHP_EOL; // Loop over privileges, outputting them $i = 0; foreach ($privileges as $v) { $id = (0 == ($i % 2) ? '1' : '2'); echo "".PHP_EOL; if (!$data->hasRoles()) { echo ''.PHP_EOL; } echo ''.PHP_EOL; foreach ($data->privlist[$subject] as $v2) { // Skip over ALL PRIVILEGES if ('ALL PRIVILEGES' == $v2) { continue; } echo ''.PHP_EOL; } if ($data->hasGrantOption()) { echo ''.PHP_EOL; } echo ''.PHP_EOL; ++$i; } echo '

{$this->lang['strrole']}
{$this->lang['strtype']}	{$this->lang['struser']}/{$this->lang['strgroup']}	{$v2}	{$this->lang['strgrantor']}
', $this->misc->printVal($v[0]), '	', $this->misc->printVal($v[1]), '	'; if (in_array($v2, $v[2], true)) { echo $this->lang['stryes']; } else { echo $this->lang['strno']; } // If we have grant option for this, end mark if ($data->hasGrantOption() && in_array($v2, $v[4], true)) { echo $this->lang['strasterisk']; } echo '	', $this->misc->printVal($v[3]), '

'; } else { echo "

{$this->lang['strnoprivileges']}

".PHP_EOL; } $this->printGrantLinks(); } public function printGrantLinks() { $data = $this->misc->getDatabaseAccessor(); $subject = $_REQUEST['subject']; $alllabel = ''; $alltxt = ''; // Links for granting to a user or group switch ($subject) { case 'table': case 'view': case 'sequence': case 'function': case 'tablespace': $alllabel = "showall{$subject}s"; $allurl = "{$subject}s"; $alltxt = $this->lang["strshowall{$subject}s"]; break; case 'schema': $alllabel = 'showallschemas'; $allurl = 'schemas'; $alltxt = $this->lang['strshowallschemas']; break; case 'database': $alllabel = 'showalldatabases'; $allurl = 'alldb'; $alltxt = $this->lang['strshowalldatabases']; break; } $object = $_REQUEST[$subject]; if ('function' == $subject) { $objectoid = $_REQUEST[$subject.'_oid']; $urlvars = [ 'action' => 'alter', 'server' => $_REQUEST['server'], 'database' => $_REQUEST['database'], 'schema' => $_REQUEST['schema'], $subject => $object, "{$subject}_oid" => $objectoid, 'subject' => $subject, ]; } elseif ('column' == $subject) { $urlvars = [ 'action' => 'alter', 'server' => $_REQUEST['server'], 'database' => $_REQUEST['database'], 'schema' => $_REQUEST['schema'], $subject => $object, 'subject' => $subject, ]; if (isset($_REQUEST['table'])) { $urlvars['table'] = $_REQUEST['table']; } elseif (isset($_REQUEST['view'])) { $urlvars['view'] = $_REQUEST['view']; } else { $urlvars['matview'] = $_REQUEST['matview']; } } else { $urlvars = [ 'action' => 'alter', 'server' => $_REQUEST['server'], 'database' => $_REQUEST['database'], $subject => $object, 'subject' => $subject, ]; if (isset($_REQUEST['schema'])) { $urlvars['schema'] = $_REQUEST['schema']; } } $navlinks = [ 'grant' => [ 'attr' => [ 'href' => [ 'url' => 'privileges', 'urlvars' => array_merge($urlvars, ['mode' => 'grant']), ], ], 'content' => $this->lang['strgrant'], ], 'revoke' => [ 'attr' => [ 'href' => [ 'url' => 'privileges', 'urlvars' => array_merge($urlvars, ['mode' => 'revoke']), ], ], 'content' => $this->lang['strrevoke'], ], ]; if (isset($allurl)) { $navlinks[$alllabel] = [ 'attr' => [ 'href' => [ 'url' => $allurl, 'urlvars' => [ 'server' => $_REQUEST['server'], 'database' => $_REQUEST['database'], ], ], ], 'content' => $alltxt, ]; if (isset($_REQUEST['schema'])) { $navlinks[$alllabel]['attr']['href']['urlvars']['schema'] = $_REQUEST['schema']; } } $this->printNavLinks($navlinks, $this->table_place, get_defined_vars()); } /** * Prints the form to grants permision on an object to a user. * * @param string $mode either grant or revoke * @param string $msg The message */ public function formAlter($mode, $msg = '') { $data = $this->misc->getDatabaseAccessor(); $this->coalesceArr($_REQUEST, 'username', []); $this->coalesceArr($_REQUEST, 'groupname', []); $this->coalesceArr($_REQUEST, 'privilege', []); // Get users from the database $users = $data->getUsers(); // Get groups from the database $groups = $data->getGroups(); $this->printTrail($_REQUEST['subject']); $this->printTitle($this->lang['str'.$mode], 'pg.privilege.'.$mode); $this->printMsg($msg); echo '

'.PHP_EOL; echo ''.PHP_EOL; echo "".PHP_EOL; echo ''.PHP_EOL; echo "".PHP_EOL; echo ''.PHP_EOL; echo "".PHP_EOL; echo ''.PHP_EOL; // Grant option if ($data->hasGrantOption()) { echo "".PHP_EOL; echo ''.PHP_EOL; } echo '

{$this->lang['strusers']}
{$this->lang['strgroups']}	'.PHP_EOL; echo 'PUBLIC'.PHP_EOL; // Only show groups if there are groups! if ($groups->recordCount() > 0) { echo ' '.PHP_EOL; } echo '
{$this->lang['strprivileges']}	'.PHP_EOL; foreach ($data->privlist[$_REQUEST['subject']] as $v) { $v = htmlspecialchars($v); echo "{$v} ".PHP_EOL; } echo '
{$this->lang['stroptions']}	'.PHP_EOL; if ('grant' == $mode) { echo 'GRANT OPTION'.PHP_EOL; } elseif ('revoke' == $mode) { echo 'GRANT OPTION FOR '.PHP_EOL; echo 'CASCADE '.PHP_EOL; } echo '

'.PHP_EOL; echo '

'.PHP_EOL; echo ''.PHP_EOL; echo ''.PHP_EOL; if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) { echo ''.PHP_EOL; } echo ''.PHP_EOL; if ('column' == $_REQUEST['subject']) { echo ''.PHP_EOL; } echo $this->misc->form; echo sprintf('%s', $mode, $this->lang['str'.$mode], PHP_EOL); echo "lang['strcancel']}\" />

"; echo '

'.PHP_EOL; } /** * Grant permissions on an object to a user. * * @param string $mode 'grant' or 'revoke' */ public function doAlter($mode) { $data = $this->misc->getDatabaseAccessor(); $this->coalesceArr($_REQUEST, 'username', []); $this->coalesceArr($_REQUEST, 'groupname', []); $this->coalesceArr($_REQUEST, 'privilege', []); // Determine whether object should be ref'd by name or oid. if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) { $object = $_REQUEST[$_REQUEST['subject'].'_oid']; } else { $object = $_REQUEST[$_REQUEST['subject']]; } if (isset($_REQUEST['table'])) { $table = $_REQUEST['table']; } else { $table = null; } $status = $data->setPrivileges( ('grant' == $mode) ? 'GRANT' : 'REVOKE', $_REQUEST['subject'], $object, isset($_REQUEST['public']), $_REQUEST['username'], $_REQUEST['groupname'], array_keys($_REQUEST['privilege']), isset($_REQUEST['grantoption']), isset($_REQUEST['cascade']), $table ); if (0 == $status) { $this->doDefault($this->lang['strgranted']); } elseif ($status == -3 || $status == -4) { $this->formAlter($_REQUEST['mode'], $this->lang['strgrantbad']); } else { $this->formAlter($_REQUEST['mode'], $this->lang['strgrantfailed']); } } }