'title' => $lang['strrepsets'],
'url' => 'plugin_slony.php',
'urlvars' => array(
- 'subject' => 'slony_cluster',
- 'action' => 'sets_properties',
- 'slony_cluster' => field('slony_cluster')
- ),
+ 'subject' => 'slony_cluster',
+ 'action' => 'sets_properties',
+ 'slony_cluster' => field('slony_cluster')
+ ),
'branch' => 'sets',
'help' => '',
'icon' => 'ReplicationSets',
'properties' => array (
'title' => $lang['strcolprop'],
'url' => 'colproperties.php',
- 'urlvars' => array('subject' => 'column', 'table' => field('table'), 'column' => field('column')),
+ 'urlvars' => array(
+ 'subject' => 'column',
+ 'table' => field('table'),
+ 'column' => field('column')
+ ),
'icon' => 'Column'
+ ),
+ 'privileges' => array (
+ 'title' => $lang['strprivileges'],
+ 'url' => 'privileges.php',
+ 'urlvars' => array(
+ 'subject' => 'column',
+ 'table' => field('table'),
+ 'column' => field('column')
+ ),
+ 'help' => 'pg.privilege',
+ 'icon' => 'Privileges',
)
);
// Figure out type of ACE (public, user or group)
if (strpos($v, '=') === 0)
$atype = 'public';
- elseif (strpos($v, 'group ') === 0) {
+ else if ($this->hasRoles()) {
+ $atype = 'role';
+ }
+ else if (strpos($v, 'group ') === 0) {
$atype = 'group';
// Tear off 'group' prefix
$v = substr($v, 6);
* given its type.
* @param $object The name of the object whose privileges are to be retrieved
* @param $type The type of the object (eg. database, schema, relation, function or language)
+ * @param $table Optional, column's table if type = column
* @return Privileges array
* @return -1 invalid type
* @return -2 object not found
* @return -3 unknown privilege type
*/
- function getPrivileges($object, $type) {
+ function getPrivileges($object, $type, $table = null) {
$this->clean($object);
switch ($type) {
+ case 'column':
+ $this->clean($table);
+ $sql = "
+ SELECT E'{' || pg_catalog.array_to_string(attacl, E',') || E'}' as acl
+ FROM pg_catalog.pg_attribute a
+ LEFT JOIN pg_catalog.pg_class c ON (a.attrelid = c.oid)
+ LEFT JOIN pg_catalog.pg_namespace n ON (c.relnamespace=n.oid)
+ WHERE n.nspname='{$this->_schema}'
+ AND c.relname='{$table}'
+ AND a.attname='{$object}'";
+ break;
case 'table':
case 'view':
case 'sequence':
* @param $privileges The array of privileges to grant (eg. ('SELECT', 'ALL PRIVILEGES', etc.) )
* @param $grantoption True if has grant option, false otherwise
* @param $cascade True for cascade revoke, false otherwise
+ * @param $table the column's table if type=column
* @return 0 success
* @return -1 invalid type
* @return -2 invalid entity
* @return -4 not granting to anything
* @return -4 invalid mode
*/
- function setPrivileges($mode, $type, $object, $public, $usernames, $groupnames, $privileges, $grantoption, $cascade) {
+ function setPrivileges($mode, $type, $object, $public, $usernames, $groupnames,
+ $privileges, $grantoption, $cascade, $table
+ ) {
$this->fieldArrayClean($usernames);
$this->fieldArrayClean($groupnames);
}
if (in_array('ALL PRIVILEGES', $privileges))
- $sql .= " ALL PRIVILEGES ON";
- else
- $sql .= " " . join(', ', $privileges) . " ON";
+ $sql .= ' ALL PRIVILEGES ON';
+ else {
+ if ($type='column') {
+ $this->fieldClean($object);
+ $sql .= ' ' . join(" (\"{$object}\"), ", $privileges) . " (\"{$object}\") ON";
+ $object = $table;
+ }
+ else {
+ $sql .= ' ' . join(', ', $privileges) . ' ON';
+ }
+ }
+
switch ($type) {
+ case 'column':
case 'table':
case 'view':
case 'sequence':
$msg.= "<br/>{$lang['strnoobjects']}";
$misc->printTrail('column');
- $misc->printTitle($lang['strcolprop']);
- #$misc->printTabs('column','properties');
+ //$misc->printTitle($lang['strcolprop']);
+ $misc->printTabs('column','properties');
$misc->printMsg($msg);
if (! empty($_REQUEST['column'])) {
echo "<input type=\"hidden\" name=\"", htmlspecialchars($_REQUEST['subject'].'_oid'),
"\" value=\"", htmlspecialchars($_REQUEST[$_REQUEST['subject'].'_oid']), "\" />\n";
echo "<input type=\"hidden\" name=\"", htmlspecialchars($_REQUEST['subject']),
- "\" value=\"", htmlspecialchars($_REQUEST[$_REQUEST['subject']]), "\" />\n";
+ "\" value=\"", htmlspecialchars($_REQUEST[$_REQUEST['subject']]), "\" />\n";
+ if ($_REQUEST['subject'] == 'column')
+ echo "<input type=\"hidden\" name=\"table\" value=\"",
+ htmlspecialchars($_REQUEST['table']), "\" />\n";
echo $misc->form;
if ($mode == 'grant')
echo "<input type=\"submit\" name=\"grant\" value=\"{$lang['strgrant']}\" />\n";
echo "</form>\n";
}
else {
-
// Determine whether object should be ref'd by name or oid.
if (isset($_REQUEST[$_REQUEST['subject'].'_oid']))
$object = $_REQUEST[$_REQUEST['subject'].'_oid'];
else
$object = $_REQUEST[$_REQUEST['subject']];
+ if (isset($_REQUEST['table'])) $table = $_REQUEST['table'];
+ else $table = null;
$status = $data->setPrivileges(($mode == 'grant') ? 'GRANT' : 'REVOKE', $_REQUEST['subject'], $object,
isset($_REQUEST['public']), $_REQUEST['username'], $_REQUEST['groupname'], array_keys($_REQUEST['privilege']),
- isset($_REQUEST['grantoption']), isset($_REQUEST['cascade']));
+ isset($_REQUEST['grantoption']), isset($_REQUEST['cascade']), $table);
+
if ($status == 0)
doDefault($lang['strgranted']);
elseif ($status == -3 || $status == -4)
case 'database':
case 'schema':
case 'table':
+ case 'column':
case 'view':
$misc->printTabs($_REQUEST['subject'], 'privileges');
break;
$object = $_REQUEST[$_REQUEST['subject']];
// Get the privileges on the object, given its type
- $privileges = $data->getPrivileges($object, $_REQUEST['subject']);
+ if ($_REQUEST['subject'] == 'column')
+ $privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']);
+ else
+ $privileges = $data->getPrivileges($object, $_REQUEST['subject']);
if (sizeof($privileges) > 0) {
echo "<table>\n";
- echo "<tr><th class=\"data\">{$lang['strtype']}</th><th class=\"data\">{$lang['struser']}/{$lang['strgroup']}</th>";
+ if ($data->hasRoles())
+ echo "<tr><th class=\"data\">{$lang['strrole']}</th>";
+ else
+ echo "<tr><th class=\"data\">{$lang['strtype']}</th><th class=\"data\">{$lang['struser']}/{$lang['strgroup']}</th>";
+
foreach ($data->privlist[$_REQUEST['subject']] as $v2) {
// Skip over ALL PRIVILEGES
if ($v2 == 'ALL PRIVILEGES') continue;
foreach ($privileges as $v) {
$id = (($i % 2) == 0 ? '1' : '2');
echo "<tr>\n";
- echo "<td class=\"data{$id}\">", $misc->printVal($v[0]), "</td>\n";
+ if (!$data->hasRoles())
+ echo "<td class=\"data{$id}\">", $misc->printVal($v[0]), "</td>\n";
echo "<td class=\"data{$id}\">", $misc->printVal($v[1]), "</td>\n";
foreach ($data->privlist[$_REQUEST['subject']] as $v2) {
// Skip over ALL PRIVILEGES
if ($_REQUEST['subject'] == 'function') {
$objectoid = $_REQUEST[$_REQUEST['subject'].'_oid'];
$alterurl = "privileges.php?action=alter&{$misc->href}&{$subject}={$object}&{$subject}_oid=$objectoid&subject={$subject}&mode=";
- } else {
+ }
+ else if ($_REQUEST['subject'] == 'column') {
+ $alterurl = "privileges.php?action=alter&{$misc->href}&{$subject}={$object}"
+ ."&subject={$subject}&table=". urlencode($_REQUEST['table']) ."&mode=";
+ }
+ else {
$alterurl = "privileges.php?action=alter&{$misc->href}&{$subject}={$object}&subject={$subject}&mode=";
}
'url' => "colproperties.php?action=properties&{$misc->href}&table=".urlencode($_REQUEST['table'])."&",
'vars' => array('column' => 'attname'),
),
+ 'privileges' => array(
+ 'title' => $lang['strprivileges'],
+ 'url' => "privileges.php?subject=column&{$misc->href}&table=".urlencode($_REQUEST['table'])."&",
+ 'vars' => array('column' => 'attname'),
+ ),
'drop' => array(
'title' => $lang['strdrop'],
'url' => "tblproperties.php?action=confirm_drop&{$misc->href}&table=".urlencode($_REQUEST['table'])."&",
projects / phppgadmin.git / commitdiff