* A class that implements the DB interface for Postgres
* Note: This class uses ADODB and returns RecordSets.
*
- * $Id: Postgres.php,v 1.113 2003/05/20 03:54:04 chriskl Exp $
+ * $Id: Postgres.php,v 1.114 2003/05/21 09:06:23 chriskl Exp $
*/
// @@@ THOUGHT: What about inherits? ie. use of ONLY???
/**
* Grants a privilege to a user, group or public
+ * @param $mode 'GRANT' or 'REVOKE';
* @param $type The type of object
* @param $object The name of the object
- * @param $entity The type of entity (eg. USER, GROUP or PUBLIC)
- * @param $name The username or groupname to grant privs to. Ignored for PUBLIC.
- * @param $privilege The privilege to grant (eg. SELECT, ALL PRIVILEGES, etc.)
+ * @param $public True to grant to public, false otherwise
+ * @param $usernames The array of usernames to grant privs to.
+ * @param $groupnames The array of group names to grant privs to.
+ * @param $privileges The array of privileges to grant (eg. ('SELECT', 'ALL PRIVILEGES', etc.) )
* @return 0 success
* @return -1 invalid type
* @return -2 invalid entity
+ * @return -3 invalid privileges
+ * @return -4 not granting to anything
+ * @return -4 invalid mode
*/
- function grantPrivileges($type, $object, $entity, $name, $privilege) {
+ function setPrivileges($mode, $type, $object, $public, $usernames, $groupnames, $privileges) {
$this->fieldClean($object);
- $this->fieldClean($name);
+ $this->fieldArrayClean($usernames);
+ $this->fieldArrayClean($groupnames);
+
+ // Input checking
+ if (!is_array($privileges) || sizeof($privileges) == 0) return -3;
+ if (!is_array($usernames) || !is_array($groupnames) ||
+ (!$public && sizeof($usernames) == 0 && sizeof($groupnames) == 0)) return -4;
+ if ($mode != 'GRANT' && $mode != 'REVOKE') return -5;
- $sql = "GRANT {$privilege} ON";
+ if (in_array('ALL PRIVILEGES', $privileges))
+ $sql = "{$mode} ALL PRIVILEGES ON";
+ else
+ $sql = "{$mode} " . join(', ', $privileges) . " ON";
// @@ WE NEED SCHEMA SUPPORT BELOW
switch ($type) {
case 'table':
return -1;
}
- switch ($entity) {
- case 'USER':
- $sql .= " TO \"{$name}\"";
- break;
- case 'GROUP':
- $sql .= " TO GROUP \"{$name}\"";
- break;
- case 'PUBLIC':
- $sql .= " TO PUBLIC";
- break;
- default:
- return -2;
+ // Dump PUBLIC
+ $first = true;
+ $sql .= ($mode == 'GRANT') ? ' TO ' : ' FROM ';
+ if ($public) {
+ $sql .= 'PUBLIC';
+ $first = false;
}
-
+ // Dump users
+ foreach ($usernames as $v) {
+ if ($first) {
+ $sql .= "\"{$v}\"";
+ $first = false;
+ }
+ else {
+ $sql .= ", \"{$v}\"";
+ }
+ }
+ // Dump groups
+ foreach ($groupnames as $v) {
+ if ($first) {
+ $sql .= "GROUP \"{$v}\"";
+ $first = false;
+ }
+ else {
+ $sql .= ", GROUP \"{$v}\"";
+ }
+ }
+
return $this->execute($sql);
}
/**
* Manage privileges in a database
*
- * $Id: privileges.php,v 1.11 2003/05/21 07:02:12 chriskl Exp $
+ * $Id: privileges.php,v 1.12 2003/05/21 09:06:23 chriskl Exp $
*/
// Include application functions
* @peram $confirm To show entry screen
* @param $msg (optional) A message to show
*/
- function doGrantUser($confirm, $msg = '') {
+ function doAlter($confirm, $msg = '') {
global $data, $localData, $misc;
global $PHP_SELF, $lang;
- if (!isset($_REQUEST['username'])) $_REQUEST['username'] = '';
- if (!isset($_REQUEST['privilege'])) $_REQUEST['privilege'] = '';
+ if (!isset($_REQUEST['username'])) $_REQUEST['username'] = array();
+ if (!isset($_REQUEST['groupname'])) $_REQUEST['groupname'] = array();
+ if (!isset($_REQUEST['privilege'])) $_REQUEST['privilege'] = array();
// Set name
switch ($_REQUEST['type']) {
if ($confirm) {
// Get users from the database
$users = &$localData->getUsers();
+ // Get groups from the database
+ $groups = &$localData->getGroups();
- echo "<h2>{$lang['strprivileges']}: ", $misc->printVal($name), ": {$lang['strgrant']}</h2>\n";
+ echo "<h2>{$lang['strprivileges']}: ", $misc->printVal($name), ": {$lang['stralterprivs']}</h2>\n";
$misc->printMsg($msg);
echo "<form action=\"$PHP_SELF\" method=\"post\">\n";
echo "<table>\n";
- echo "<tr><th class=\"data\">{$lang['struser']}</th>\n";
- echo "<td class=\"data1\"><select name=\"username\">\n";
- // Automatically prepend PUBLIC to the list of users
- echo "<option value=\"PUBLIC\"",
- ('PUBLIC' == $_REQUEST['username']) ? ' selected="selected"' : '', ">PUBLIC</option>\n";
+ echo "<tr><th class=\"data\">{$lang['strusers']}</th>\n";
+ echo "<td class=\"data1\"><select name=\"username[]\" multiple=\"multiple\" size=\"6\">\n";
while (!$users->EOF) {
$uname = htmlspecialchars($users->f[$data->uFields['uname']]);
echo "<option value=\"{$uname}\"",
$users->moveNext();
}
echo "</select></td></tr>\n";
- echo "<tr><th class=\"data\">{$lang['strprivilege']}</th>\n";
- echo "<td class=\"data1\"><select name=\"privilege\">\n";
- foreach ($data->privlist[$_REQUEST['type']] as $v) {
- $v = htmlspecialchars($v);
- echo "<option value=\"{$v}\"",
- ($v == $_REQUEST['privilege']) ? ' selected="selected"' : '', ">{$v}</option>\n";
- }
- echo "</select></td></tr>\n";
- echo "</table>\n";
-
- echo "<input type=\"hidden\" name=\"action\" value=\"savegrantuser\" />\n";
- echo "<input type=\"hidden\" name=\"type\" value=\"", htmlspecialchars($_REQUEST['type']), "\" />\n";
- echo "<input type=\"hidden\" name=\"object\" value=\"", htmlspecialchars($_REQUEST['object']), "\" />\n";
- switch ($_REQUEST['type']) {
- case 'table':
- echo "<input type=\"hidden\" name=\"table\" value=\"", htmlspecialchars($_REQUEST['table']), "\" />\n";
- break;
- case 'function':
- echo "<input type=\"hidden\" name=\"function\" value=\"", htmlspecialchars($_REQUEST['function']), "\" />\n";
- break;
- default:
- }
- echo $misc->form;
- echo "<p><input type=\"submit\" name=\"confirm\" value=\"{$lang['strgrant']}\" />\n";
- echo "<input type=\"submit\" name=\"cancel\" value=\"{$lang['strcancel']}\" /></p>\n";
- echo "</form>\n";
- }
- else {
- $status = $localData->grantPrivileges($_REQUEST['type'], $name,
- ($_REQUEST['username'] == 'PUBLIC') ? 'PUBLIC' : 'USER',
- $_REQUEST['username'], $_REQUEST['privilege']);
- if ($status == 0)
- doDefault($lang['strgranted']);
- else
- doDefault($lang['strgrantfailed']);
- }
- }
-
- /**
- * Grant permissions on an object to a group
- * @peram $confirm To show entry screen
- * @param $msg (optional) A message to show
- */
- function doGrantGroup($confirm, $msg = '') {
- global $data, $localData, $misc;
- global $PHP_SELF, $lang;
-
- if (!isset($_REQUEST['groupname'])) $_REQUEST['groupname'] = '';
- if (!isset($_REQUEST['privilege'])) $_REQUEST['privilege'] = '';
-
- // Set name
- switch ($_REQUEST['type']) {
- case 'function':
- $name = $_REQUEST['function'];
- break;
- default:
- $name = $_REQUEST['object'];
- }
-
- if ($confirm) {
- // Get groups from the database
- $groups = &$localData->getGroups();
-
- echo "<h2>{$lang['strprivileges']}: ", $misc->printVal($name), ": {$lang['strgrant']}</h2>\n";
- $misc->printMsg($msg);
-
- echo "<form action=\"$PHP_SELF\" method=\"post\">\n";
- echo "<table>\n";
- echo "<tr><th class=\"data\">{$lang['strgroup']}</th>\n";
- echo "<td class=\"data1\"><select name=\"groupname\">\n";
- // Automatically prepend PUBLIC to the list of groups
- echo "<option value=\"PUBLIC\"",
- ('PUBLIC' == $_REQUEST['groupname']) ? ' selected="selected"' : '', ">PUBLIC</option>\n";
+ echo "<tr><th class=\"data\">{$lang['strgroups']}</th>\n";
+ echo "<td class=\"data1\">\n";
+ echo "<input type=\"checkbox\" name=\"public\"", (isset($_REQUEST['public']) ? ' selected="selected"' : ''), " />PUBLIC<br />\n";
+ echo "<select name=\"groupname[]\" multiple=\"multiple\" size=\"6\">\n";
while (!$groups->EOF) {
$gname = htmlspecialchars($groups->f[$data->grpFields['groname']]);
echo "<option value=\"{$gname}\"",
$groups->moveNext();
}
echo "</select></td></tr>\n";
- echo "<tr><th class=\"data\">{$lang['strprivilege']}</th>\n";
- echo "<td class=\"data1\"><select name=\"privilege\">\n";
+ echo "<tr><th class=\"data\">{$lang['strprivileges']}</th>\n";
+ echo "<td class=\"data1\">\n";
foreach ($data->privlist[$_REQUEST['type']] as $v) {
$v = htmlspecialchars($v);
- echo "<option value=\"{$v}\"",
- ($v == $_REQUEST['privilege']) ? ' selected="selected"' : '', ">{$v}</option>\n";
+ echo "<input type=\"checkbox\" name=\"privilege[$v]\"",
+ isset($_REQUEST['privilege'][$v]) ? ' selected="selected"' : '', ">{$v}<br />\n";
}
- echo "</select></td></tr>\n";
+ echo "</td></tr>\n";
echo "</table>\n";
- echo "<input type=\"hidden\" name=\"action\" value=\"savegrantgroup\" />\n";
+ echo "<input type=\"hidden\" name=\"action\" value=\"save\" />\n";
echo "<input type=\"hidden\" name=\"type\" value=\"", htmlspecialchars($_REQUEST['type']), "\" />\n";
echo "<input type=\"hidden\" name=\"object\" value=\"", htmlspecialchars($_REQUEST['object']), "\" />\n";
switch ($_REQUEST['type']) {
default:
}
echo $misc->form;
- echo "<p><input type=\"submit\" name=\"confirm\" value=\"{$lang['strgrant']}\" />\n";
+ echo "<p><input type=\"submit\" name=\"grant\" value=\"{$lang['strgrant']}\" />\n";
+ echo "<input type=\"submit\" name=\"revoke\" value=\"{$lang['strrevoke']}\" />\n";
echo "<input type=\"submit\" name=\"cancel\" value=\"{$lang['strcancel']}\" /></p>\n";
echo "</form>\n";
}
else {
- $status = $localData->grantPrivileges($_REQUEST['type'], $name,
- ($_REQUEST['groupname'] == 'PUBLIC') ? 'PUBLIC' : 'GROUP',
- $_REQUEST['groupname'], $_REQUEST['privilege']);
+ $status = $localData->setPrivileges(isset($_REQUEST['grant']) ? 'GRANT' : 'REVOKE', $_REQUEST['type'], $name,
+ isset($_REQUEST['public']), $_REQUEST['username'], $_REQUEST['groupname'], array_keys($_REQUEST['privilege']));
if ($status == 0)
doDefault($lang['strgranted']);
+ elseif ($status == -3 || $status == -4)
+ doAlter(true, $lang['strgrantbad']);
else
- doDefault($lang['strgrantfailed']);
+ doAlter(true, $lang['strgrantfailed']);
}
}
// Links for granting to a user or group
switch ($_REQUEST['type']) {
case 'table':
- echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=grantuser&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "&table=", urlencode($_REQUEST['table']), "\">{$lang['strgrantuser']}</a> |\n";
- echo "<a class=\"navlink\" href=\"{$PHP_SELF}?action=grantgroup&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "&table=", urlencode($_REQUEST['table']), "\">{$lang['strgrantgroup']}</a>\n";
+ echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=alter&{$misc->href}&type={$_REQUEST['type']}&object=",
+ urlencode($_REQUEST['object']), "&table=", urlencode($_REQUEST['table']), "\">{$lang['stralterprivs']}</a></p>\n";
break;
case 'view':
- echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=grantuser&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantuser']}</a> |\n";
- echo "<a class=\"navlink\" href=\"{$PHP_SELF}?action=grantgroup&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantgroup']}</a>\n";
+ echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=alter&{$misc->href}&type={$_REQUEST['type']}&object=",
+ urlencode($_REQUEST['object']), "\">{$lang['stralterprivs']}</a> |\n";
echo "| <a class=\"navlink\" href=\"views.php?{$misc->href}\">{$lang['strshowallviews']}</a></p>\n";
break;
case 'sequence':
- echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=grantuser&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantuser']}</a> |\n";
- echo "<a class=\"navlink\" href=\"{$PHP_SELF}?action=grantgroup&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantgroup']}</a>\n";
+ echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=alter&{$misc->href}&type={$_REQUEST['type']}&object=",
+ urlencode($_REQUEST['object']), "\">{$lang['stralterprivs']}</a> |\n";
echo "| <a class=\"navlink\" href=\"sequences.php?{$misc->href}\">{$lang['strshowallsequences']}</a></p>\n";
break;
case 'database':
- echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=grantuser&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantuser']}</a> |\n";
- echo "<a class=\"navlink\" href=\"{$PHP_SELF}?action=grantgroup&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantgroup']}</a>\n";
+ echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=alter&{$misc->href}&type={$_REQUEST['type']}&object=",
+ urlencode($_REQUEST['object']), "\">{$lang['stralterprivs']}</a></p>\n";
break;
case 'function':
- echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=grantuser&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "&function=", urlencode($_REQUEST['function']), "\">{$lang['strgrantuser']}</a> |\n";
- echo "<a class=\"navlink\" href=\"{$PHP_SELF}?action=grantgroup&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "&function=", urlencode($_REQUEST['function']), "\">{$lang['strgrantgroup']}</a>\n";
+ echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=alter&{$misc->href}&type={$_REQUEST['type']}&object=",
+ urlencode($_REQUEST['object']), "&function=", urlencode($_REQUEST['function']), "\">{$lang['stralterprivs']}</a> |\n";
echo "| <a class=\"navlink\" href=\"functions.php?{$misc->href}\">{$lang['strshowallfunctions']}</a></p>\n";
break;
case 'schema':
- echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=grantuser&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantuser']}</a> |\n";
- echo "<a class=\"navlink\" href=\"{$PHP_SELF}?action=grantgroup&{$misc->href}&type={$_REQUEST['type']}&object=",
- urlencode($_REQUEST['object']), "\">{$lang['strgrantgroup']}</a>\n";
+ echo "<p><a class=\"navlink\" href=\"{$PHP_SELF}?action=alter&{$misc->href}&type={$_REQUEST['type']}&object=",
+ urlencode($_REQUEST['object']), "\">{$lang['stralterprivs']}</a> |\n";
echo "| <a class=\"navlink\" href=\"database.php?database=", urlencode($_REQUEST['database']),
"\">{$lang['strshowallschemas']}</a></p>\n";
break;
$misc->printBody();
switch ($action) {
- case 'savegrantgroup':
- if (isset($_REQUEST['cancel'])) doDefault();
- else doGrantGroup(false);
- break;
- case 'grantgroup':
- doGrantGroup(true);
- break;
- case 'savegrantuser':
+ case 'save':
if (isset($_REQUEST['cancel'])) doDefault();
- else doGrantUser(false);
+ else doAlter(false);
break;
- case 'grantuser':
- doGrantUser(true);
+ case 'alter':
+ doAlter(true);
break;
default:
doDefault();
projects / phppgadmin.git / commitdiff