/**\r
* Manage views in a database\r
*\r
- * $Id: privileges.php,v 1.1 2002/12/19 22:27:38 xzilla Exp $\r
+ * $Id: privileges.php,v 1.2 2003/01/03 20:49:17 xzilla Exp $\r
*/\r
\r
// Include application functions\r
else\r
doCreate('View creation failed.');\r
}\r
+/*\r
+ $i = 0;\r
+ while ($p = $arrPrivileges[$i]) {\r
+ $cb_priv[$p] = '<input type="checkbox" name="privileges[]" value="'. "$p\"> ". ucfirst($p) ."</input>";\r
+ $i++;\r
+ }\r
+ $Expected = $strYes;\r
+ $Action = "grant";\r
+ $strToFrom = "to";\r
+\r
+ $privileges = get_privilege($table);\r
+ switch ($action) {\r
+ case "revoke":\r
+ $Expected = $strNo;\r
+ $Action = "revoke";\r
+ $strToFrom = "from";\r
+ case "grant":\r
+ $name = rawurldecode($user);\r
+\r
+ $i = 0;\r
+ while ($p = $arrPrivileges[$i]) {\r
+ if ($privileges[$name][$p] == $Expected) {\r
+ unset($cb_priv[$p]); }\r
+ $i++;\r
+ }\r
+ $user = "$cfgQuotes$name$cfgQuotes";\r
+ $user = eregi_replace("${cfgQuotes}group ", "GROUP $cfgQuotes", $user);\r
+ $user = eregi_replace("${cfgQuotes}public$cfgQuotes", "PUBLIC", $user);\r
+ $input_user = '<input type="hidden" name="user" value="'. rawurlencode($user) .'">';\r
+ break;\r
+ case "grantuser":\r
+ $qrUsers = "SELECT 'public'::text AS thename UNION SELECT '$cfgQuotes' || usename || '$cfgQuotes' AS thename FROM pg_user WHERE usename NOT IN ('root', '$cfgSuperUser'";\r
+ @reset($privileges);\r
+ while (list($key) = @each ($privileges))\r
+ if (!ereg("group ", $key))\r
+ $qrUsers .= ", '$key'";\r
+ $qrUsers .= ") ORDER BY thename";\r
+ case "grantgroup":\r
+ if (!isset($qrUsers)) {\r
+ $qrUsers = "SELECT 'group $cfgQuotes' || groname || '$cfgQuotes' AS thename FROM pg_group";\r
+ @reset($privileges);\r
+ while (list($key) = @each($privileges)) \r
+ if (ereg("^group (.+)$", $key, $regs))\r
+ $tmp .=", '".$regs[1]."'";\r
+ if (isset($tmp)) {\r
+ $tmp[0] = '(';\r
+ $qrUsers .= " WHERE groname NOT IN $tmp)";\r
+ }\r
+ $qrUsers .= " ORDER BY thename";\r
+ }\r
+ if (!$res = @pg_exec($link, $qrUsers)) {\r
+ pg_die(pg_errormessage($link), $qrUsers, __FILE__, __LINE__);\r
+ } else {\r
+ $name = '<select name="user">';\r
+ $num_rows = pg_numrows($res);\r
+ for ($i = 0; $i < $num_rows; $i++) {\r
+ $row = pg_fetch_array($res, $i);\r
+ $name .= '<option value="'.rawurlencode($row['thename']) . '">'. $row['thename'] ."</option>";\r
+ }\r
+ $name .= "</select>\n";\r
+ }\r
+ }\r
+ unset($action);\r
+*/\r
+\r
+\r
} \r
\r
+ /**\r
+ * Show the grant menu on the screen\r
+ */\r
+\r
+ function doModify($action) {\r
+ global $data, $localData, $misc, $database;\r
+ global $PHP_SELF, $strPrivileges, $strGrant, $strRevoke, $strCancel; \r
+ global $strUser,$strGroup,$strSelect,$strInsert,$strUpdate,$strDelete,$strRule;\r
+ global $strReferences,$strTrigger,$strAction,$strYes,$strNo;\r
+\r
+ $object = $_REQUEST['object'];\r
+ // $server = $_REQUEST['server'];\r
+ $server = 'deprecated';\r
+ $user = $_REQUEST['user'];\r
+ $db = $_REQUEST['database'];\r
+\r
+ $arrPrivileges = array('select', 'insert', 'update', 'delete', 'rule', 'references', 'trigger');\r
+ $arrAcl = array('r', 'a', 'w', 'd', 'R', 'x', 't'); \r
+\r
+ $i = 0;\r
+ while ($p = $arrPrivileges[$i]) {\r
+ $cb_priv[$p] = '<input type="checkbox" name="privileges[]" value="'. "$p\"> ". ucfirst($p) ."</input>";\r
+ $i++;\r
+ }\r
+\r
+ // $privileges = get_privilege($table);\r
+ $privileges = &$localData->getPrivileges($object);\r
+ \r
+ $GrantRevoke = $strGrant;\r
+ $ToFrom = 'to';\r
+ $Expected = $strYes;\r
+\r
+ switch ($action) {\r
+ case "revoke":\r
+ $GrantRevoke = $strRevoke;\r
+ $ToFrom = 'from';\r
+ $Expected = $strNo;\r
+ case "grant":\r
+\r
+ $name = rawurldecode($user);\r
+\r
+ $i = 0;\r
+ while ($p = $arrPrivileges[$i]) {\r
+ echo $privileges[$name][$p];\r
+ if ($privileges[$name][$p] == $Expected) {\r
+ unset($cb_priv[$p]); }\r
+ $i++;\r
+ }\r
+ $user = "\"$name\"";\r
+ $user = eregi_replace("group", "GROUP", $user);\r
+ $user = eregi_replace("public", "PUBLIC", $user);\r
+ $input_user = '<input type="hidden" name="user" value="'. rawurlencode($user) .'">';\r
+ break;\r
+ case "grantuser":\r
+ $qrUsers = "SELECT 'public'::text AS thename UNION SELECT '$cfgQuotes' || usename || '$cfgQuotes' AS thename FROM pg_user WHERE usename NOT IN ('root', '$cfgSuperUser'";\r
+ @reset($privileges);\r
+ while (list($key) = @each ($privileges))\r
+ if (!ereg("group ", $key))\r
+ $qrUsers .= ", '$key'";\r
+ $qrUsers .= ") ORDER BY thename";\r
+ case "grantgroup":\r
+ if (!isset($qrUsers)) {\r
+ $qrUsers = "SELECT 'group $cfgQuotes' || groname || '$cfgQuotes' AS thename FROM pg_group";\r
+ @reset($privileges);\r
+ while (list($key) = @each($privileges)) \r
+ if (ereg("^group (.+)$", $key, $regs))\r
+ $tmp .=", '".$regs[1]."'";\r
+ if (isset($tmp)) {\r
+ $tmp[0] = '(';\r
+ $qrUsers .= " WHERE groname NOT IN $tmp)";\r
+ }\r
+ $qrUsers .= " ORDER BY thename";\r
+ }\r
+ if (!$res = @pg_exec($link, $qrUsers)) {\r
+ pg_die(pg_errormessage($link), $qrUsers, __FILE__, __LINE__);\r
+ } else {\r
+ $name = '<select name="user">';\r
+ $num_rows = pg_numrows($res);\r
+ for ($i = 0; $i < $num_rows; $i++) {\r
+ $row = pg_fetch_array($res, $i);\r
+ $name .= '<option value="'.rawurlencode($row['thename']) . '">'. $row['thename'] ."</option>";\r
+ }\r
+ $name .= "</select>\n";\r
+ }\r
+ }\r
+ unset($action);\r
+\r
+ echo "<h2>", htmlspecialchars($db), ": $strPrivileges : $object : $GrantRevoke</h2>\n";\r
+\r
+ echo strtoupper($GrantRevoke);\r
+ \r
+ echo '<form method="post" action="$PHP_SELF">';\r
+ \r
+ $i = 0;\r
+ while ($p = $arrPrivileges[$i]) {\r
+ if (isset($cb_priv[$p])) { \r
+ echo $cb_priv[$p], "<br>";\r
+ }\r
+ $i++;\r
+ }\r
+ \r
+ echo "ON $object ". strtoupper($ToFrom) ." $name";\r
+\r
+ echo '<input type="hidden" name="server" value="'. rawurlencode($server) ."\">\n";\r
+ echo '<input type="hidden" name="object" value="'. $object ."\">\n";\r
+ echo '<input type="hidden" name="db" value="'. $db ."\">\n";\r
+ echo $input_user;\r
+ echo '<p>';\r
+ echo '<input type="submit" name="todo" value="'. strtoupper($GrantRevoke) ."\">\n";\r
+ echo '<input type="button" value="'. $strCancel .'" onClick="history.back()">';\r
+ echo '</form>';\r
+\r
+\r
+\r
+/*\r
+ $privs = &$localData->getPrivileges($object);\r
+\r
+ if ($privs->recordCount() == 1) {\r
+\r
+ $i = 0;\r
+ while ($p = $privs[$i]) {\r
+ $cb_priv[$p] = '<input type="checkbox" name="privileges[]" value="'. "$p\"> ". ucfirst($p) ."</input>";\r
+ $i++;\r
+ }\r
+ $Expected = $strYes;\r
+ $strToFrom = "to";\r
+\r
+\r
+ $name = rawurldecode($_REQUEST['user']);\r
+\r
+ $i = 0;\r
+ while ($p = $privs[$i]) {\r
+ if ($privs[$name][$p] == $Expected) {\r
+ unset($cb_priv[$p]); }\r
+ $i++;\r
+ }\r
+ $user = "$name";\r
+ $user = eregi_replace(" ", "GROUP", $user);\r
+ $user = eregi_replace(" ", "PUBLIC", $user);\r
+ $input_user = '<input type="hidden" name="user" value="'. rawurlencode($user) .'">';\r
+ } \r
+\r
+ echo '<form method="post" action="$PHP_SELF">';\r
+ \r
+ $i = 0;\r
+ while ($p = $arrPrivileges[$i]) {\r
+ if (isset($cb_priv[$p])) { \r
+ echo $cb_priv[$p], "<br>";\r
+ }\r
+ $i++;\r
+ }\r
+\r
+*/\r
+ }\r
+\r
+\r
/**\r
* Show default list of views in the database\r
*/\r
function doDefault($msg = '') {\r
- global $data, $localData, $misc, $database, $view;\r
- global $PHP_SELF, $strPrivileges, $strOwner, $strActions, $strNoViews;\r
- global $strUser,$strGroup,$strSelect,$strInsert,$strUpdate,$strDelete,$strRule,$strReferences,$strTrigger,$strAction,$strYes,$strNo;\r
+ global $data, $localData, $misc, $database;\r
+ global $PHP_SELF, $strPrivileges, $strGrant, $strRevoke; \r
+ global $strUser,$strGroup,$strSelect,$strInsert,$strUpdate,$strDelete,$strRule;\r
+ global $strReferences,$strTrigger,$strAction,$strYes,$strNo;\r
\r
- echo "<h2>", htmlspecialchars($_REQUEST['database']), ": $strPrivileges</h2>\n";\r
- $misc->printMsg($msg);\r
-\r
-\r
$object = $_REQUEST['object'];\r
\r
+ echo "<h2>", htmlspecialchars($_REQUEST['database']), ": $strPrivileges : $object</h2>\n";\r
+ $misc->printMsg($msg);\r
+\r
$privs = &$localData->getPrivileges($object);\r
\r
// We must return only one row from the above query\r
\r
if ($privs->recordCount() == 1) {\r
- echo "<table border=0>\n";\r
+ echo "<table border=1>\n";\r
echo "<tr>\n";\r
echo "<th>$strUser/$strGroup</th><th>$strSelect</th><th>$strInsert</th><th>$strUpdate</th><th>$strDelete</th><th>$strRule</th><th>$strReferences</th><th>$strTrigger</th><th colspan=\"2\">$strAction</th>\n";\r
echo "</tr>\n";\r
\r
-\r
$priv = trim(ereg_replace("[\{\"]", "", $privs->f[$data->privFields['privarr']]));\r
\r
$users = explode(",", $priv);\r
$aryUser = explode("=", $users[$iUsers]);\r
$username = $aryUser[0] ? $aryUser[0] : "public";\r
$privilege = $aryUser[1]; \r
- \r
-\r
\r
echo "<tr>\n";\r
echo "<td>$username</td>\n";\r
\r
- $arrAcl = array('a','r','w','d','R','x','t');\r
- $arrAcl = array('r','a','w','d','R','t');\r
- $arrPrivs = array();\r
+ $arrAcl = array('r','a','w','d','R','x','t');\r
for ($i = 0; $i < 7; $i++) {\r
\r
echo '<td>'; \r
echo strchr($privilege, $arrAcl[$i]) ? $strYes : $strNo;\r
echo '</td>';\r
- \r
- // $priv[$username][$arrPrivs[$i]] = strchr($privilege, $arrAcl[$i]) ? $strYes : $strNo;\r
- //echo $aryUser[0], ": ", $arrPrivs[$i], ":", $privilege, "<br>";\r
- // $result[trim($aryUser[0])][$arrPrivs[$i]] = strchr($privilege, $arrAcl[$i]) ? $strYes : $strNo;\r
}\r
\r
+ echo "<td><a href=\"$PHP_SELF?database=", urlencode($_REQUEST['database']), "&object=", urlencode($object), "&action=grant&user=", urlencode($username), "\">$strGrant</a></td>";\r
+\r
+ echo "<td><a href=\"$PHP_SELF?database=", urlencode($_REQUEST['database']), "&object=", urlencode($object), "&action=revoke&user=", urlencode($username), "\">$strRevoke</a></td>";\r
+\r
echo "</tr>\n";\r
\r
}\r
echo "Could Not Retrieve ACL for Object $object";\r
}\r
\r
-\r
-echo <<<EOF\r
- <table border=0>\r
- <tr>\r
- <th>$strUser/$strGroup</th><th>$strSelect</th><th>$strInsert</th><th>$strUpdate</th><th>$strDelete</th><th>$strRule</th><th>$strReferences</th><th>$strTrigger</th><th colspan="2">$strAction</th>\r
- </tr>\r
- \r
- <tr bgcolor="#DDDDDD">\r
- <td>public</td>\r
- <td>No</td>\r
- <td>No</td>\r
- <td>No</td>\r
-\r
- <td>No</td>\r
- <td>No</td>\r
- <td>No</td>\r
- <td>No</td>\r
- <td><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=grant&user=public">Grant</a></td>\r
- <td><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=revoke&user=public">Revoke</a></td>\r
-\r
- </td>\r
- <tr bgcolor="#CCCCCC">\r
- <td>postgres</td>\r
- <td>Yes</td>\r
- <td>Yes</td>\r
- <td>Yes</td>\r
- <td>Yes</td>\r
-\r
- <td>Yes</td>\r
- <td>Yes</td>\r
- <td>Yes</td>\r
- <td><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=grant&user=postgres">Grant</a></td>\r
- <td><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=revoke&user=postgres">Revoke</a></td>\r
- </td>\r
-\r
- <tr bgcolor="#CCCCCC">\r
- <td>rms</td>\r
- <td>Yes</td>\r
- <td>Yes</td>\r
- <td>Yes</td>\r
- <td>Yes</td>\r
-\r
- <td>No</td>\r
- <td>No</td>\r
- <td>No</td>\r
- <td><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=grant&user=rms">Grant</a></td>\r
- <td><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=revoke&user=rms">Revoke</a></td>\r
- </td>\r
-\r
-</table> <br>\r
- <li><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=grantuser">Add User</a>\r
- <li><a href="tbl_privilege.php?server=2&db=1.01&table=region_entity_counts_view&goto=tbl_privilege.php&action=grantgroup">Add Group</a>\r
- </td>\r
- </tr>\r
-</table>\r
-\r
-EOF;\r
-\r
- \r
- $views = &$localData->getViews();\r
- \r
- if ($views->recordCount() > 0) {\r
- echo "<table>\n";\r
- echo "<tr><th class=data>{$strView}</th><th class=data>{$strOwner}</th><th colspan=4 class=data>{$strActions}</th>\n";\r
- $i = 0;\r
- while (!$views->EOF) {\r
- $id = (($i % 2) == 0 ? '1' : '2');\r
- echo "<tr><td class=data{$id}>", htmlspecialchars($views->f[$data->vwFields['vwname']]), "</td>\n";\r
- echo "<td class=data{$id}>", htmlspecialchars($views->f[$data->vwFields['vwowner']]), "</td>\n";\r
- echo "<td class=opbutton{$id}><a href=\"$PHP_SELF?action=browse&offset=0&limit=30&database=", \r
- htmlspecialchars($_REQUEST['database']), "&view=", urlencode($views->f[$data->vwFields['vwname']]), "\">Browse</a></td>\n";\r
- echo "<td class=opbutton{$id}>Select</td>\n";\r
- echo "<td class=opbutton{$id}><a href=\"$PHP_SELF?action=properties&database=", \r
- htmlspecialchars($_REQUEST['database']), "&view=", urlencode($views->f[$data->vwFields['vwname']]), "\">Properties</a></td>\n";\r
- echo "<td class=opbutton{$id}><a href=\"$PHP_SELF?action=confirm_drop&database=", \r
- htmlspecialchars($_REQUEST['database']), "&view=", urlencode($views->f[$data->vwFields['vwname']]), "\">Drop</a></td>\n";\r
- echo "</tr>\n";\r
- $views->moveNext();\r
- $i++;\r
- }\r
- echo "</table>\n";\r
- }\r
- else {\r
- echo "<p>{$strNoViews}</p>\n";\r
- }\r
- \r
- echo "<p><a class=navlink href=\"$PHP_SELF?action=create&database=", urlencode($_REQUEST['database']), "\">Create View</a></p>\n";\r
-\r
-\r
}\r
\r
echo "<html>\n";\r
case 'properties':\r
doProperties();\r
break;\r
- case 'browse':\r
- // @@ Not yet implemented\r
+ case 'grant':\r
+ doModify('grant');\r
+ break;\r
+ case 'revoke':\r
+ doModify('revoke');\r
+ break;\r
default:\r
doDefault();\r
break;\r
projects / phppgadmin.git / commitdiff