diff options
| author | Christian Foellmann <foellmann@foe-services.de> | 2014-04-05 17:35:38 +0400 |
|---|---|---|
| committer | Christian Foellmann <foellmann@foe-services.de> | 2014-04-05 17:35:38 +0400 |
| commit | 9eb27ef6ebc763ddc6f6278462b8ffeed6de0e36 (patch) | |
| tree | d3b4a1c7ae68cafb05b9d60040c9c22d457cee62 /libraries/server_user_groups.lib.php | |
| parent | d472216554769ba596795f23a70c1809fa8897a3 (diff) | |
INIT phpmyadmin 4.1.12 multilanguage
Diffstat (limited to 'libraries/server_user_groups.lib.php')
| -rw-r--r-- | libraries/server_user_groups.lib.php | 355 |
1 files changed, 355 insertions, 0 deletions
diff --git a/libraries/server_user_groups.lib.php b/libraries/server_user_groups.lib.php new file mode 100644 index 0000000000..671cc026ef --- /dev/null +++ b/libraries/server_user_groups.lib.php @@ -0,0 +1,355 @@ +<?php +/* vim: set expandtab sw=4 ts=4 sts=4: */ +/** + * set of functions for user group handling + * + * @package PhpMyAdmin + */ + +if (! defined('PHPMYADMIN')) { + exit; +} + +/** + * Return HTML to list the users belonging to a given user group + * + * @param string $userGroup user group name + * + * @return string HTML to list the users belonging to a given user group + */ +function PMA_getHtmlForListingUsersofAGroup($userGroup) +{ + $html_output = '<h2>' + . sprintf(__('Users of \'%s\' user group'), htmlspecialchars($userGroup)) + . '</h2>'; + + $usersTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb']) + . "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['users']); + $sql_query = "SELECT `username` FROM " . $usersTable + . " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'"; + $result = PMA_queryAsControlUser($sql_query, false); + if ($result) { + if ($GLOBALS['dbi']->numRows($result) == 0) { + $html_output .= '<p>' + . __('No users were found belonging to this user group.') + . '</p>'; + } else { + $html_output .= '<table>' + . '<thead><tr><th>#</th><th>' . __('User') . '</th></tr></thead>' + . '<tbody>'; + $i = 0; + while ($row = $GLOBALS['dbi']->fetchRow($result)) { + $i++; + $html_output .= '<tr>' + . '<td>' . $i . ' </td>' + . '<td>' . htmlspecialchars($row[0]) . '</td>' + . '</tr>'; + } + $html_output .= '</tbody>' + . '</table>'; + } + } + $GLOBALS['dbi']->freeResult($result); + return $html_output; +} + +/** + * Returns HTML for the 'user groups' table + * + * @return string HTML for the 'user groups' table + */ +function PMA_getHtmlForUserGroupsTable() +{ + $tabs = PMA_Util::getMenuTabList(); + + $html_output = '<h2>' . __('User groups') . '</h2>'; + $groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb']) + . "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']); + $sql_query = "SELECT * FROM " . $groupTable . " ORDER BY `usergroup` ASC"; + $result = PMA_queryAsControlUser($sql_query, false); + + if ($result && $GLOBALS['dbi']->numRows($result)) { + $html_output .= '<form name="userGroupsForm" id="userGroupsForm"' + . ' action="server_privileges.php" method="post">'; + $html_output .= PMA_URL_getHiddenInputs(); + $html_output .= '<table id="userGroupsTable">'; + $html_output .= '<thead><tr>'; + $html_output .= '<th style="white-space: nowrap">' + . __('User group') . '</th>'; + $html_output .= '<th>' . __('Server level tabs') . '</th>'; + $html_output .= '<th>' . __('Database level tabs') . '</th>'; + $html_output .= '<th>' . __('Table level tabs') . '</th>'; + $html_output .= '<th>' . __('Action') . '</th>'; + $html_output .= '</tr></thead>'; + $html_output .= '<tbody>'; + + $odd = true; + $userGroups = array(); + while ($row = $GLOBALS['dbi']->fetchAssoc($result)) { + $groupName = $row['usergroup']; + if (! isset($userGroups[$groupName])) { + $userGroups[$groupName] = array(); + } + $userGroups[$groupName][$row['tab']] = $row['allowed']; + } + foreach ($userGroups as $groupName => $tabs) { + $html_output .= '<tr class="' . ($odd ? 'odd' : 'even') . '">'; + $html_output .= '<td>' . htmlspecialchars($groupName) . '</td>'; + $html_output .= '<td>' . _getAllowedTabNames($tabs, 'server') . '</td>'; + $html_output .= '<td>' . _getAllowedTabNames($tabs, 'db') . '</td>'; + $html_output .= '<td>' . _getAllowedTabNames($tabs, 'table') . '</td>'; + + $html_output .= '<td>'; + $html_output .= '<a class="" href="server_user_groups.php' + . PMA_URL_getCommon( + array( + 'viewUsers' => 1, 'userGroup' => $groupName + ) + ) + . '">' + . PMA_Util::getIcon('b_usrlist.png', __('View users')) . '</a>'; + $html_output .= ' '; + $html_output .= '<a class="" href="server_user_groups.php' + . PMA_URL_getCommon( + array( + 'editUserGroup' => 1, 'userGroup' => $groupName + ) + ) + . '">' + . PMA_Util::getIcon('b_edit.png', __('Edit')) . '</a>'; + $html_output .= ' '; + $html_output .= '<a class="deleteUserGroup ajax"' + . ' href="server_user_groups.php' + . PMA_URL_getCommon( + array( + 'deleteUserGroup' => 1, 'userGroup' => $groupName + ) + ) + . '">' + . PMA_Util::getIcon('b_drop.png', __('Delete')) . '</a>'; + $html_output .= '</td>'; + + $html_output .= '</tr>'; + + $odd = ! $odd; + } + + $html_output .= '</tbody>'; + $html_output .= '</table>'; + $html_output .= '</form>'; + } + $GLOBALS['dbi']->freeResult($result); + + $html_output .= '<fieldset id="fieldset_add_user_group">'; + $html_output .= '<a href="server_user_groups.php' + . PMA_URL_getCommon(array('addUserGroup' => 1)) . '">' + . PMA_Util::getIcon('b_usradd.png') + . __('Add user group') . '</a>'; + $html_output .= '</fieldset>'; + + return $html_output; +} + +/** + * Returns the list of allowed menu tab names + * based on a data row from usergroup table. + * + * @param array $row row of usergroup table + * @param string $level 'server', 'db' or 'table' + * + * @return string comma seperated list of allowed menu tab names + */ +function _getAllowedTabNames($row, $level) +{ + $tabNames = array(); + $tabs = PMA_Util::getMenuTabList($level); + foreach ($tabs as $tab => $tabName) { + if (! isset($row[$level . '_' . $tab]) + || $row[$level . '_' . $tab] == 'Y' + ) { + $tabNames[] = $tabName; + } + } + return implode(', ', $tabNames); +} + +/** + * Deletes a user group + * + * @param string $userGroup user group name + * + * @return void + */ +function PMA_deleteUserGroup($userGroup) +{ + $userTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb']) + . "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['users']); + $groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb']) + . "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']); + $sql_query = "DELETE FROM " . $userTable + . " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'"; + PMA_queryAsControlUser($sql_query, true); + $sql_query = "DELETE FROM " . $groupTable + . " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'"; + PMA_queryAsControlUser($sql_query, true); +} + +/** + * Returns HTML for add/edit user group dialog + * + * @param string $userGroup name of the user group in case of editing + * + * @return string HTML for add/edit user group dialog + */ +function PMA_getHtmlToEditUserGroup($userGroup = null) +{ + $html_output = ''; + if ($userGroup == null) { + $html_output .= '<h2>' . __('Add user group') . '</h2>'; + } else { + $html_output .= '<h2>' + . sprintf(__('Edit user group: \'%s\''), htmlspecialchars($userGroup)) + . '</h2>'; + } + + $html_output .= '<form name="userGroupForm" id="userGroupForm"' + . ' action="server_user_groups.php" method="post">'; + $urlParams = array(); + if ($userGroup != null) { + $urlParams['userGroup'] = $userGroup; + $urlParams['editUserGroupSubmit'] = '1'; + } else { + $urlParams['addUserGroupSubmit'] = '1'; + } + $html_output .= PMA_URL_getHiddenInputs($urlParams); + + $html_output .= '<fieldset id="fieldset_user_group_rights">'; + $html_output .= '<legend>' . __('User group menu assignments') + . ' ' + . '<input type="checkbox" class="checkall_box" title="Check All">' + . '<label for="addUsersForm_checkall">' . __('Check All') .'</label>' + . '</legend>'; + + if ($userGroup == null) { + $html_output .= '<label for="userGroup">' . __('Group name:') . '</label>'; + $html_output .= '<input type="text" name="userGroup" ' + . 'autocomplete="off" required="required" />'; + $html_output .= '<div class="clearfloat"></div>'; + } + + $allowedTabs = array( + 'server' => array(), + 'db' => array(), + 'table' => array() + ); + if ($userGroup != null) { + $groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb']) + . "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']); + $sql_query = "SELECT * FROM " . $groupTable + . " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'"; + $result = PMA_queryAsControlUser($sql_query, false); + if ($result) { + while ($row = $GLOBALS['dbi']->fetchAssoc($result)) { + $key = $row['tab']; + $value = $row['allowed']; + if (substr($key, 0, 7) == 'server_' && $value == 'Y') { + $allowedTabs['server'][] = substr($key, 7); + } elseif (substr($key, 0, 3) == 'db_' && $value == 'Y') { + $allowedTabs['db'][] = substr($key, 3); + } elseif (substr($key, 0, 6) == 'table_' && $value == 'Y') { + $allowedTabs['table'][] = substr($key, 6); + } + } + } + $GLOBALS['dbi']->freeResult($result); + } + + $html_output .= _getTabList( + __('Server-level tabs'), 'server', $allowedTabs['server'] + ); + $html_output .= _getTabList( + __('Database-level tabs'), 'db', $allowedTabs['db'] + ); + $html_output .= _getTabList( + __('Table-level tabs'), 'table', $allowedTabs['table'] + ); + + $html_output .= '</fieldset>'; + + $html_output .= '<fieldset id="fieldset_user_group_rights_footer"' + . ' class="tblFooters">'; + $html_output .= '<input type="submit" name="update_privs" value="Go">'; + $html_output .= '</fieldset>'; + + return $html_output; +} + +/** + * Returns HTML for checkbox groups to choose + * tabs of 'server', 'db' or 'table' levels. + * + * @param string $title title of the checkbox group + * @param string $level 'server', 'db' or 'table' + * @param array $selected array of selected allowed tabs + * + * @return string HTML for checkbox groups + */ +function _getTabList($title, $level, $selected) +{ + $tabs = PMA_Util::getMenuTabList($level); + $html_output = '<fieldset>'; + $html_output .= '<legend>' . $title . '</legend>'; + foreach ($tabs as $tab => $tabName) { + $html_output .= '<div class="item">'; + $html_output .= '<input type="checkbox" class="checkall"' + . (in_array($tab, $selected) ? ' checked="checked"' : '') + . ' name="' . $level . '_' . $tab . '" value="Y" />'; + $html_output .= '<label for="' . $level . '_' . $tab . '">' + . '<code>' . $tabName . '</code>' + . '</label>'; + $html_output .= '</div>'; + } + $html_output .= '</fieldset>'; + return $html_output; +} + +/** + * Add/update a user group with allowed menu tabs. + * + * @param string $userGroup user group name + * @param boolean $new whether this is a new user group + * + * @return void + */ +function PMA_editUserGroup($userGroup, $new = false) +{ + $tabs = PMA_Util::getMenuTabList(); + $groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb']) + . "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']); + + if (! $new) { + $sql_query = "DELETE FROM " . $groupTable + . " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "';"; + PMA_queryAsControlUser($sql_query, true); + } + + $sql_query = "INSERT INTO " . $groupTable + . "(`usergroup`, `tab`, `allowed`)" + . " VALUES "; + $first = true; + foreach ($tabs as $tabGroupName => $tabGroup) { + foreach ($tabs[$tabGroupName] as $tab => $tabName) { + if (! $first) { + $sql_query .= ", "; + } + $tabName = $tabGroupName . '_' . $tab; + $allowed = isset($_REQUEST[$tabName]) && $_REQUEST[$tabName] == 'Y'; + $sql_query .= "('" . $userGroup . "', '" . $tabName . "', '" + . ($allowed ? "Y" : "N") . "')"; + $first = false; + } + } + $sql_query .= ";"; + PMA_queryAsControlUser($sql_query, true); +} +?>
\ No newline at end of file |