git.postgresql.org Git - phppgadmin.git/commit

projects / phppgadmin.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 4b91497) | patch

author	Robert Treat <rob@xzilla.net>
	Wed, 28 Oct 2020 05:18:52 +0000 (01:18 -0400)
committer	Robert Treat <xzilla@users.noreply.github.com>
	Wed, 28 Oct 2020 15:02:53 +0000 (11:02 -0400)
commit	076f9f54225079e0117227481fbe22f2dff81687
tree	a25ed10987dfc006e9c41e61f1996e53c22cb28b	tree
parent	4b914974d2a1418aac463f89e89a5b9506838b88	commit \| diff

Consider group membership when testing owned_only

Based on code and suggestions from @cathysax, ultimately I used the internal
pg_has_role function to test whether a user has ownership rights based on
group membership. I actually check for 'USAGE' rights, since that implies the
role has rights without need to `set role`, which users wouldn't be able to do
with a normal PPA login. Loosely tested back to 9.5.
This fixes https://github.com/phppgadmin/phppgadmin/issues/102

classes/database/Postgres.php

diff | blob | blame | history

phpPgAdmin is the premiere web based administration tool for PostgreSQL.