* A class that implements the DB interface for Postgres
* Note: This class uses ADODB and returns RecordSets.
*
- * $Id: Postgres.php,v 1.132 2003/08/05 01:54:10 chriskl Exp $
+ * $Id: Postgres.php,v 1.133 2003/08/05 08:54:20 chriskl Exp $
*/
// @@@ THOUGHT: What about inherits? ie. use of ONLY???
else return $this->_parseACL($acl);
}
- /**
- * Grabs an array of privileges that a user has
- * @param $username The user who we are checking
- * @return Privileges array
- */
- function getUserPrivileges($username) {
- $this->clean($username);
-
- $sql = "
- SELECT
- CASE WHEN relkind='r' THEN 'TABLE' WHEN relkind='v' THEN 'VIEW' WHEN relkind='S' THEN 'SEQUENCE' END AS type,
- CAST('public' AS TEXT) AS schemaname,
- CAST(NULL AS TEXT) AS relname,
- relname AS name,
- relacl
- FROM
- pg_class
- WHERE
- relkind IN ('r', 'v', 'S')
- AND (relacl IS NOT NULL OR relowner=(SELECT usesysid FROM pg_user WHERE usename='{$username}'))
- ORDER BY
- 1, 2, 3, 4";
-
- // Fetch the ACL for object
- $acls = $this->selectSet($sql);
- if (!is_object($acls)) return array();
-
- // RETURN FORMAT:
- // ARRAY(type, schemaname, relname, name, ARRAY(privs), grantor, ARRAY(grantoptions))
-
- // Loop over the results and check to see if any of the ACLs apply to the user
- $temp = array();
- while (!$acls->EOF) {
- // If they own the table, then do an 'all privileges simulation'
- if ($acls->f['relacl'] == null) {
- $temp[] = array($acls->f['type'], $acls->f['schemaname'], $acls->f['relname'], $acls->f['name'],
- array(), $username, array());
- }
- else {
- $privs = $this->_parseACL($acls->f['relacl']);
-
- // Loop over all privs to see if we're in there
- foreach ($privs as $v) {
- // Skip non-user ACEs
- if ($v[0] != 'user') continue;
- // Skip entities that aren't us
- if ($v[1] != $username) continue;
- echo "<pre>", var_dump($v), "</pre>";
- // OK, so it's for us...
- $temp[] = array($acls->f['type'], $acls->f['schemaname'], $acls->f['relname'], $acls->f['name'],
- $v[2], $v[3], $v[4]);
- }
- }
-
- $acls->moveNext();
- }
-echo "<pre>", var_dump($temp), "</pre>";
- return $temp;
- }
-
/**
* Grants a privilege to a user, group or public
* @param $mode 'GRANT' or 'REVOKE';
/**
* Manage users in a database cluster
*
- * $Id: users.php,v 1.15 2003/07/31 08:39:03 chriskl Exp $
+ * $Id: users.php,v 1.16 2003/08/05 08:54:20 chriskl Exp $
*/
// Include application functions
$action = (isset($_REQUEST['action'])) ? $_REQUEST['action'] : '';
if (!isset($msg)) $msg = '';
$PHP_SELF = $_SERVER['PHP_SELF'];
-
- /**
- * Show access privileges that a user posesses
- */
- function doPrivileges($msg = '') {
- global $data, $misc;
- global $PHP_SELF, $lang;
-
- echo "<h2>{$lang['strusers']}: ", $misc->printVal($_REQUEST['username']), ": {$lang['strprivileges']}</h2>\n";
- $misc->printMsg($msg);
-
- $userdata = &$data->getUserPrivileges($_REQUEST['username']);
-
- if ($userdata->recordCount() > 0) {
- $userdata->f[$data->uFields['usuper']] = $data->phpBool($userdata->f[$data->uFields['usuper']]);
- $userdata->f[$data->uFields['ucreatedb']] = $data->phpBool($userdata->f[$data->uFields['ucreatedb']]);
- echo "<table>\n";
- echo "<tr><th class=\"data\">{$lang['strusername']}</th><th class=\"data\">{$lang['strsuper']}</th><th class=\"data\">{$lang['strcreatedb']}</th><th class=\"data\">{$lang['strexpires']}</th></tr>\n";
- echo "<tr><td class=\"data1\">", $misc->printVal($userdata->f[$data->uFields['uname']]), "</td>\n";
- echo "<td class=\"data1\">", (($userdata->f[$data->uFields['usuper']]) ? $lang['stryes'] : $lang['strno']), "</td>\n";
- echo "<td class=\"data1\">", (($userdata->f[$data->uFields['ucreatedb']]) ? $lang['stryes'] : $lang['strno']), "</td>\n";
- echo "<td class=\"data1\">", $misc->printVal($userdata->f[$data->uFields['uexpires']]), "</td></tr>\n";
- echo "</table>\n";
- }
- else echo "<p>{$lang['strnodata']}</p>\n";
-
- echo "<p><a class=\"navlink\" href=\"$PHP_SELF\">{$lang['strshowallusers']}</a> |\n";
- echo "<a class=\"navlink\" href=\"$PHP_SELF?action=edit&username=",
- urlencode($_REQUEST['username']), "\">{$lang['stredit']}</a></p>\n";
- }
/**
* If a user is not a superuser, then we have an 'account management' page
projects / phppgadmin.git / commitdiff