From b6b4a365d373de46d9ed81e7afb21b7ec974623b Mon Sep 17 00:00:00 2001 From: "Guillaume (ioguix) de Rorthais" Date: Wed, 20 May 2009 14:47:26 -0400 Subject: [PATCH] Add CLP support --- classes/Misc.php | 25 +++++++++++++++++----- classes/database/Postgres.php | 40 +++++++++++++++++++++++++++++------ colproperties.php | 4 ++-- privileges.php | 33 +++++++++++++++++++++++------ tblproperties.php | 5 +++++ 5 files changed, 87 insertions(+), 20 deletions(-) diff --git a/classes/Misc.php b/classes/Misc.php index 44b79b7a..ab6d2701 100644 --- a/classes/Misc.php +++ b/classes/Misc.php @@ -1002,10 +1002,10 @@ 'title' => $lang['strrepsets'], 'url' => 'plugin_slony.php', 'urlvars' => array( - 'subject' => 'slony_cluster', - 'action' => 'sets_properties', - 'slony_cluster' => field('slony_cluster') - ), + 'subject' => 'slony_cluster', + 'action' => 'sets_properties', + 'slony_cluster' => field('slony_cluster') + ), 'branch' => 'sets', 'help' => '', 'icon' => 'ReplicationSets', @@ -1017,8 +1017,23 @@ 'properties' => array ( 'title' => $lang['strcolprop'], 'url' => 'colproperties.php', - 'urlvars' => array('subject' => 'column', 'table' => field('table'), 'column' => field('column')), + 'urlvars' => array( + 'subject' => 'column', + 'table' => field('table'), + 'column' => field('column') + ), 'icon' => 'Column' + ), + 'privileges' => array ( + 'title' => $lang['strprivileges'], + 'url' => 'privileges.php', + 'urlvars' => array( + 'subject' => 'column', + 'table' => field('table'), + 'column' => field('column') + ), + 'help' => 'pg.privilege', + 'icon' => 'Privileges', ) ); diff --git a/classes/database/Postgres.php b/classes/database/Postgres.php index 735ae037..f17d9de2 100755 --- a/classes/database/Postgres.php +++ b/classes/database/Postgres.php @@ -6294,7 +6294,10 @@ class Postgres extends ADODB_base { // Figure out type of ACE (public, user or group) if (strpos($v, '=') === 0) $atype = 'public'; - elseif (strpos($v, 'group ') === 0) { + else if ($this->hasRoles()) { + $atype = 'role'; + } + else if (strpos($v, 'group ') === 0) { $atype = 'group'; // Tear off 'group' prefix $v = substr($v, 6); @@ -6375,15 +6378,27 @@ class Postgres extends ADODB_base { * given its type. * @param $object The name of the object whose privileges are to be retrieved * @param $type The type of the object (eg. database, schema, relation, function or language) + * @param $table Optional, column's table if type = column * @return Privileges array * @return -1 invalid type * @return -2 object not found * @return -3 unknown privilege type */ - function getPrivileges($object, $type) { + function getPrivileges($object, $type, $table = null) { $this->clean($object); switch ($type) { + case 'column': + $this->clean($table); + $sql = " + SELECT E'{' || pg_catalog.array_to_string(attacl, E',') || E'}' as acl + FROM pg_catalog.pg_attribute a + LEFT JOIN pg_catalog.pg_class c ON (a.attrelid = c.oid) + LEFT JOIN pg_catalog.pg_namespace n ON (c.relnamespace=n.oid) + WHERE n.nspname='{$this->_schema}' + AND c.relname='{$table}' + AND a.attname='{$object}'"; + break; case 'table': case 'view': case 'sequence': @@ -6432,6 +6447,7 @@ class Postgres extends ADODB_base { * @param $privileges The array of privileges to grant (eg. ('SELECT', 'ALL PRIVILEGES', etc.) ) * @param $grantoption True if has grant option, false otherwise * @param $cascade True for cascade revoke, false otherwise + * @param $table the column's table if type=column * @return 0 success * @return -1 invalid type * @return -2 invalid entity @@ -6439,7 +6455,9 @@ class Postgres extends ADODB_base { * @return -4 not granting to anything * @return -4 invalid mode */ - function setPrivileges($mode, $type, $object, $public, $usernames, $groupnames, $privileges, $grantoption, $cascade) { + function setPrivileges($mode, $type, $object, $public, $usernames, $groupnames, + $privileges, $grantoption, $cascade, $table + ) { $this->fieldArrayClean($usernames); $this->fieldArrayClean($groupnames); @@ -6457,10 +6475,20 @@ class Postgres extends ADODB_base { } if (in_array('ALL PRIVILEGES', $privileges)) - $sql .= " ALL PRIVILEGES ON"; - else - $sql .= " " . join(', ', $privileges) . " ON"; + $sql .= ' ALL PRIVILEGES ON'; + else { + if ($type='column') { + $this->fieldClean($object); + $sql .= ' ' . join(" (\"{$object}\"), ", $privileges) . " (\"{$object}\") ON"; + $object = $table; + } + else { + $sql .= ' ' . join(', ', $privileges) . ' ON'; + } + } + switch ($type) { + case 'column': case 'table': case 'view': case 'sequence': diff --git a/colproperties.php b/colproperties.php index 0ab126e9..7cf04144 100644 --- a/colproperties.php +++ b/colproperties.php @@ -187,8 +187,8 @@ $msg.= "
{$lang['strnoobjects']}"; $misc->printTrail('column'); - $misc->printTitle($lang['strcolprop']); - #$misc->printTabs('column','properties'); + //$misc->printTitle($lang['strcolprop']); + $misc->printTabs('column','properties'); $misc->printMsg($msg); if (! empty($_REQUEST['column'])) { diff --git a/privileges.php b/privileges.php index c11bb59e..cd4c8585 100644 --- a/privileges.php +++ b/privileges.php @@ -103,7 +103,10 @@ echo "\n"; echo "\n"; + "\" value=\"", htmlspecialchars($_REQUEST[$_REQUEST['subject']]), "\" />\n"; + if ($_REQUEST['subject'] == 'column') + echo "\n"; echo $misc->form; if ($mode == 'grant') echo "\n"; @@ -113,16 +116,18 @@ echo "\n"; } else { - // Determine whether object should be ref'd by name or oid. if (isset($_REQUEST[$_REQUEST['subject'].'_oid'])) $object = $_REQUEST[$_REQUEST['subject'].'_oid']; else $object = $_REQUEST[$_REQUEST['subject']]; + if (isset($_REQUEST['table'])) $table = $_REQUEST['table']; + else $table = null; $status = $data->setPrivileges(($mode == 'grant') ? 'GRANT' : 'REVOKE', $_REQUEST['subject'], $object, isset($_REQUEST['public']), $_REQUEST['username'], $_REQUEST['groupname'], array_keys($_REQUEST['privilege']), - isset($_REQUEST['grantoption']), isset($_REQUEST['cascade'])); + isset($_REQUEST['grantoption']), isset($_REQUEST['cascade']), $table); + if ($status == 0) doDefault($lang['strgranted']); elseif ($status == -3 || $status == -4) @@ -149,6 +154,7 @@ case 'database': case 'schema': case 'table': + case 'column': case 'view': $misc->printTabs($_REQUEST['subject'], 'privileges'); break; @@ -164,11 +170,18 @@ $object = $_REQUEST[$_REQUEST['subject']]; // Get the privileges on the object, given its type - $privileges = $data->getPrivileges($object, $_REQUEST['subject']); + if ($_REQUEST['subject'] == 'column') + $privileges = $data->getPrivileges($object, 'column', $_REQUEST['table']); + else + $privileges = $data->getPrivileges($object, $_REQUEST['subject']); if (sizeof($privileges) > 0) { echo "\n"; - echo ""; + if ($data->hasRoles()) + echo ""; + else + echo ""; + foreach ($data->privlist[$_REQUEST['subject']] as $v2) { // Skip over ALL PRIVILEGES if ($v2 == 'ALL PRIVILEGES') continue; @@ -184,7 +197,8 @@ foreach ($privileges as $v) { $id = (($i % 2) == 0 ? '1' : '2'); echo "\n"; - echo "\n"; + if (!$data->hasRoles()) + echo "\n"; echo "\n"; foreach ($data->privlist[$_REQUEST['subject']] as $v2) { // Skip over ALL PRIVILEGES @@ -237,7 +251,12 @@ if ($_REQUEST['subject'] == 'function') { $objectoid = $_REQUEST[$_REQUEST['subject'].'_oid']; $alterurl = "privileges.php?action=alter&{$misc->href}&{$subject}={$object}&{$subject}_oid=$objectoid&subject={$subject}&mode="; - } else { + } + else if ($_REQUEST['subject'] == 'column') { + $alterurl = "privileges.php?action=alter&{$misc->href}&{$subject}={$object}" + ."&subject={$subject}&table=". urlencode($_REQUEST['table']) ."&mode="; + } + else { $alterurl = "privileges.php?action=alter&{$misc->href}&{$subject}={$object}&subject={$subject}&mode="; } diff --git a/tblproperties.php b/tblproperties.php index 28547cbd..69113691 100644 --- a/tblproperties.php +++ b/tblproperties.php @@ -558,6 +558,11 @@ 'url' => "colproperties.php?action=properties&{$misc->href}&table=".urlencode($_REQUEST['table'])."&", 'vars' => array('column' => 'attname'), ), + 'privileges' => array( + 'title' => $lang['strprivileges'], + 'url' => "privileges.php?subject=column&{$misc->href}&table=".urlencode($_REQUEST['table'])."&", + 'vars' => array('column' => 'attname'), + ), 'drop' => array( 'title' => $lang['strdrop'], 'url' => "tblproperties.php?action=confirm_drop&{$misc->href}&table=".urlencode($_REQUEST['table'])."&", -- 2.39.5
{$lang['strtype']}{$lang['struser']}/{$lang['strgroup']}
{$lang['strrole']}
{$lang['strtype']}{$lang['struser']}/{$lang['strgroup']}
", $misc->printVal($v[0]), "", $misc->printVal($v[0]), "", $misc->printVal($v[1]), "