355 lines
12 KiB
PHP
355 lines
12 KiB
PHP
|
<?php
|
||
|
/* vim: set expandtab sw=4 ts=4 sts=4: */
|
||
|
/**
|
||
|
* set of functions for user group handling
|
||
|
*
|
||
|
* @package PhpMyAdmin
|
||
|
*/
|
||
|
|
||
|
if (! defined('PHPMYADMIN')) {
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Return HTML to list the users belonging to a given user group
|
||
|
*
|
||
|
* @param string $userGroup user group name
|
||
|
*
|
||
|
* @return string HTML to list the users belonging to a given user group
|
||
|
*/
|
||
|
function PMA_getHtmlForListingUsersofAGroup($userGroup)
|
||
|
{
|
||
|
$html_output = '<h2>'
|
||
|
. sprintf(__('Users of \'%s\' user group'), htmlspecialchars($userGroup))
|
||
|
. '</h2>';
|
||
|
|
||
|
$usersTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb'])
|
||
|
. "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['users']);
|
||
|
$sql_query = "SELECT `username` FROM " . $usersTable
|
||
|
. " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'";
|
||
|
$result = PMA_queryAsControlUser($sql_query, false);
|
||
|
if ($result) {
|
||
|
if ($GLOBALS['dbi']->numRows($result) == 0) {
|
||
|
$html_output .= '<p>'
|
||
|
. __('No users were found belonging to this user group.')
|
||
|
. '</p>';
|
||
|
} else {
|
||
|
$html_output .= '<table>'
|
||
|
. '<thead><tr><th>#</th><th>' . __('User') . '</th></tr></thead>'
|
||
|
. '<tbody>';
|
||
|
$i = 0;
|
||
|
while ($row = $GLOBALS['dbi']->fetchRow($result)) {
|
||
|
$i++;
|
||
|
$html_output .= '<tr>'
|
||
|
. '<td>' . $i . ' </td>'
|
||
|
. '<td>' . htmlspecialchars($row[0]) . '</td>'
|
||
|
. '</tr>';
|
||
|
}
|
||
|
$html_output .= '</tbody>'
|
||
|
. '</table>';
|
||
|
}
|
||
|
}
|
||
|
$GLOBALS['dbi']->freeResult($result);
|
||
|
return $html_output;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Returns HTML for the 'user groups' table
|
||
|
*
|
||
|
* @return string HTML for the 'user groups' table
|
||
|
*/
|
||
|
function PMA_getHtmlForUserGroupsTable()
|
||
|
{
|
||
|
$tabs = PMA_Util::getMenuTabList();
|
||
|
|
||
|
$html_output = '<h2>' . __('User groups') . '</h2>';
|
||
|
$groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb'])
|
||
|
. "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']);
|
||
|
$sql_query = "SELECT * FROM " . $groupTable . " ORDER BY `usergroup` ASC";
|
||
|
$result = PMA_queryAsControlUser($sql_query, false);
|
||
|
|
||
|
if ($result && $GLOBALS['dbi']->numRows($result)) {
|
||
|
$html_output .= '<form name="userGroupsForm" id="userGroupsForm"'
|
||
|
. ' action="server_privileges.php" method="post">';
|
||
|
$html_output .= PMA_URL_getHiddenInputs();
|
||
|
$html_output .= '<table id="userGroupsTable">';
|
||
|
$html_output .= '<thead><tr>';
|
||
|
$html_output .= '<th style="white-space: nowrap">'
|
||
|
. __('User group') . '</th>';
|
||
|
$html_output .= '<th>' . __('Server level tabs') . '</th>';
|
||
|
$html_output .= '<th>' . __('Database level tabs') . '</th>';
|
||
|
$html_output .= '<th>' . __('Table level tabs') . '</th>';
|
||
|
$html_output .= '<th>' . __('Action') . '</th>';
|
||
|
$html_output .= '</tr></thead>';
|
||
|
$html_output .= '<tbody>';
|
||
|
|
||
|
$odd = true;
|
||
|
$userGroups = array();
|
||
|
while ($row = $GLOBALS['dbi']->fetchAssoc($result)) {
|
||
|
$groupName = $row['usergroup'];
|
||
|
if (! isset($userGroups[$groupName])) {
|
||
|
$userGroups[$groupName] = array();
|
||
|
}
|
||
|
$userGroups[$groupName][$row['tab']] = $row['allowed'];
|
||
|
}
|
||
|
foreach ($userGroups as $groupName => $tabs) {
|
||
|
$html_output .= '<tr class="' . ($odd ? 'odd' : 'even') . '">';
|
||
|
$html_output .= '<td>' . htmlspecialchars($groupName) . '</td>';
|
||
|
$html_output .= '<td>' . _getAllowedTabNames($tabs, 'server') . '</td>';
|
||
|
$html_output .= '<td>' . _getAllowedTabNames($tabs, 'db') . '</td>';
|
||
|
$html_output .= '<td>' . _getAllowedTabNames($tabs, 'table') . '</td>';
|
||
|
|
||
|
$html_output .= '<td>';
|
||
|
$html_output .= '<a class="" href="server_user_groups.php'
|
||
|
. PMA_URL_getCommon(
|
||
|
array(
|
||
|
'viewUsers' => 1, 'userGroup' => $groupName
|
||
|
)
|
||
|
)
|
||
|
. '">'
|
||
|
. PMA_Util::getIcon('b_usrlist.png', __('View users')) . '</a>';
|
||
|
$html_output .= ' ';
|
||
|
$html_output .= '<a class="" href="server_user_groups.php'
|
||
|
. PMA_URL_getCommon(
|
||
|
array(
|
||
|
'editUserGroup' => 1, 'userGroup' => $groupName
|
||
|
)
|
||
|
)
|
||
|
. '">'
|
||
|
. PMA_Util::getIcon('b_edit.png', __('Edit')) . '</a>';
|
||
|
$html_output .= ' ';
|
||
|
$html_output .= '<a class="deleteUserGroup ajax"'
|
||
|
. ' href="server_user_groups.php'
|
||
|
. PMA_URL_getCommon(
|
||
|
array(
|
||
|
'deleteUserGroup' => 1, 'userGroup' => $groupName
|
||
|
)
|
||
|
)
|
||
|
. '">'
|
||
|
. PMA_Util::getIcon('b_drop.png', __('Delete')) . '</a>';
|
||
|
$html_output .= '</td>';
|
||
|
|
||
|
$html_output .= '</tr>';
|
||
|
|
||
|
$odd = ! $odd;
|
||
|
}
|
||
|
|
||
|
$html_output .= '</tbody>';
|
||
|
$html_output .= '</table>';
|
||
|
$html_output .= '</form>';
|
||
|
}
|
||
|
$GLOBALS['dbi']->freeResult($result);
|
||
|
|
||
|
$html_output .= '<fieldset id="fieldset_add_user_group">';
|
||
|
$html_output .= '<a href="server_user_groups.php'
|
||
|
. PMA_URL_getCommon(array('addUserGroup' => 1)) . '">'
|
||
|
. PMA_Util::getIcon('b_usradd.png')
|
||
|
. __('Add user group') . '</a>';
|
||
|
$html_output .= '</fieldset>';
|
||
|
|
||
|
return $html_output;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Returns the list of allowed menu tab names
|
||
|
* based on a data row from usergroup table.
|
||
|
*
|
||
|
* @param array $row row of usergroup table
|
||
|
* @param string $level 'server', 'db' or 'table'
|
||
|
*
|
||
|
* @return string comma seperated list of allowed menu tab names
|
||
|
*/
|
||
|
function _getAllowedTabNames($row, $level)
|
||
|
{
|
||
|
$tabNames = array();
|
||
|
$tabs = PMA_Util::getMenuTabList($level);
|
||
|
foreach ($tabs as $tab => $tabName) {
|
||
|
if (! isset($row[$level . '_' . $tab])
|
||
|
|| $row[$level . '_' . $tab] == 'Y'
|
||
|
) {
|
||
|
$tabNames[] = $tabName;
|
||
|
}
|
||
|
}
|
||
|
return implode(', ', $tabNames);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Deletes a user group
|
||
|
*
|
||
|
* @param string $userGroup user group name
|
||
|
*
|
||
|
* @return void
|
||
|
*/
|
||
|
function PMA_deleteUserGroup($userGroup)
|
||
|
{
|
||
|
$userTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb'])
|
||
|
. "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['users']);
|
||
|
$groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb'])
|
||
|
. "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']);
|
||
|
$sql_query = "DELETE FROM " . $userTable
|
||
|
. " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'";
|
||
|
PMA_queryAsControlUser($sql_query, true);
|
||
|
$sql_query = "DELETE FROM " . $groupTable
|
||
|
. " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'";
|
||
|
PMA_queryAsControlUser($sql_query, true);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Returns HTML for add/edit user group dialog
|
||
|
*
|
||
|
* @param string $userGroup name of the user group in case of editing
|
||
|
*
|
||
|
* @return string HTML for add/edit user group dialog
|
||
|
*/
|
||
|
function PMA_getHtmlToEditUserGroup($userGroup = null)
|
||
|
{
|
||
|
$html_output = '';
|
||
|
if ($userGroup == null) {
|
||
|
$html_output .= '<h2>' . __('Add user group') . '</h2>';
|
||
|
} else {
|
||
|
$html_output .= '<h2>'
|
||
|
. sprintf(__('Edit user group: \'%s\''), htmlspecialchars($userGroup))
|
||
|
. '</h2>';
|
||
|
}
|
||
|
|
||
|
$html_output .= '<form name="userGroupForm" id="userGroupForm"'
|
||
|
. ' action="server_user_groups.php" method="post">';
|
||
|
$urlParams = array();
|
||
|
if ($userGroup != null) {
|
||
|
$urlParams['userGroup'] = $userGroup;
|
||
|
$urlParams['editUserGroupSubmit'] = '1';
|
||
|
} else {
|
||
|
$urlParams['addUserGroupSubmit'] = '1';
|
||
|
}
|
||
|
$html_output .= PMA_URL_getHiddenInputs($urlParams);
|
||
|
|
||
|
$html_output .= '<fieldset id="fieldset_user_group_rights">';
|
||
|
$html_output .= '<legend>' . __('User group menu assignments')
|
||
|
. ' '
|
||
|
. '<input type="checkbox" class="checkall_box" title="Check All">'
|
||
|
. '<label for="addUsersForm_checkall">' . __('Check All') .'</label>'
|
||
|
. '</legend>';
|
||
|
|
||
|
if ($userGroup == null) {
|
||
|
$html_output .= '<label for="userGroup">' . __('Group name:') . '</label>';
|
||
|
$html_output .= '<input type="text" name="userGroup" '
|
||
|
. 'autocomplete="off" required="required" />';
|
||
|
$html_output .= '<div class="clearfloat"></div>';
|
||
|
}
|
||
|
|
||
|
$allowedTabs = array(
|
||
|
'server' => array(),
|
||
|
'db' => array(),
|
||
|
'table' => array()
|
||
|
);
|
||
|
if ($userGroup != null) {
|
||
|
$groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb'])
|
||
|
. "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']);
|
||
|
$sql_query = "SELECT * FROM " . $groupTable
|
||
|
. " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "'";
|
||
|
$result = PMA_queryAsControlUser($sql_query, false);
|
||
|
if ($result) {
|
||
|
while ($row = $GLOBALS['dbi']->fetchAssoc($result)) {
|
||
|
$key = $row['tab'];
|
||
|
$value = $row['allowed'];
|
||
|
if (substr($key, 0, 7) == 'server_' && $value == 'Y') {
|
||
|
$allowedTabs['server'][] = substr($key, 7);
|
||
|
} elseif (substr($key, 0, 3) == 'db_' && $value == 'Y') {
|
||
|
$allowedTabs['db'][] = substr($key, 3);
|
||
|
} elseif (substr($key, 0, 6) == 'table_' && $value == 'Y') {
|
||
|
$allowedTabs['table'][] = substr($key, 6);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
$GLOBALS['dbi']->freeResult($result);
|
||
|
}
|
||
|
|
||
|
$html_output .= _getTabList(
|
||
|
__('Server-level tabs'), 'server', $allowedTabs['server']
|
||
|
);
|
||
|
$html_output .= _getTabList(
|
||
|
__('Database-level tabs'), 'db', $allowedTabs['db']
|
||
|
);
|
||
|
$html_output .= _getTabList(
|
||
|
__('Table-level tabs'), 'table', $allowedTabs['table']
|
||
|
);
|
||
|
|
||
|
$html_output .= '</fieldset>';
|
||
|
|
||
|
$html_output .= '<fieldset id="fieldset_user_group_rights_footer"'
|
||
|
. ' class="tblFooters">';
|
||
|
$html_output .= '<input type="submit" name="update_privs" value="Go">';
|
||
|
$html_output .= '</fieldset>';
|
||
|
|
||
|
return $html_output;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Returns HTML for checkbox groups to choose
|
||
|
* tabs of 'server', 'db' or 'table' levels.
|
||
|
*
|
||
|
* @param string $title title of the checkbox group
|
||
|
* @param string $level 'server', 'db' or 'table'
|
||
|
* @param array $selected array of selected allowed tabs
|
||
|
*
|
||
|
* @return string HTML for checkbox groups
|
||
|
*/
|
||
|
function _getTabList($title, $level, $selected)
|
||
|
{
|
||
|
$tabs = PMA_Util::getMenuTabList($level);
|
||
|
$html_output = '<fieldset>';
|
||
|
$html_output .= '<legend>' . $title . '</legend>';
|
||
|
foreach ($tabs as $tab => $tabName) {
|
||
|
$html_output .= '<div class="item">';
|
||
|
$html_output .= '<input type="checkbox" class="checkall"'
|
||
|
. (in_array($tab, $selected) ? ' checked="checked"' : '')
|
||
|
. ' name="' . $level . '_' . $tab . '" value="Y" />';
|
||
|
$html_output .= '<label for="' . $level . '_' . $tab . '">'
|
||
|
. '<code>' . $tabName . '</code>'
|
||
|
. '</label>';
|
||
|
$html_output .= '</div>';
|
||
|
}
|
||
|
$html_output .= '</fieldset>';
|
||
|
return $html_output;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Add/update a user group with allowed menu tabs.
|
||
|
*
|
||
|
* @param string $userGroup user group name
|
||
|
* @param boolean $new whether this is a new user group
|
||
|
*
|
||
|
* @return void
|
||
|
*/
|
||
|
function PMA_editUserGroup($userGroup, $new = false)
|
||
|
{
|
||
|
$tabs = PMA_Util::getMenuTabList();
|
||
|
$groupTable = PMA_Util::backquote($GLOBALS['cfg']['Server']['pmadb'])
|
||
|
. "." . PMA_Util::backquote($GLOBALS['cfg']['Server']['usergroups']);
|
||
|
|
||
|
if (! $new) {
|
||
|
$sql_query = "DELETE FROM " . $groupTable
|
||
|
. " WHERE `usergroup`='" . PMA_Util::sqlAddSlashes($userGroup) . "';";
|
||
|
PMA_queryAsControlUser($sql_query, true);
|
||
|
}
|
||
|
|
||
|
$sql_query = "INSERT INTO " . $groupTable
|
||
|
. "(`usergroup`, `tab`, `allowed`)"
|
||
|
. " VALUES ";
|
||
|
$first = true;
|
||
|
foreach ($tabs as $tabGroupName => $tabGroup) {
|
||
|
foreach ($tabs[$tabGroupName] as $tab => $tabName) {
|
||
|
if (! $first) {
|
||
|
$sql_query .= ", ";
|
||
|
}
|
||
|
$tabName = $tabGroupName . '_' . $tab;
|
||
|
$allowed = isset($_REQUEST[$tabName]) && $_REQUEST[$tabName] == 'Y';
|
||
|
$sql_query .= "('" . $userGroup . "', '" . $tabName . "', '"
|
||
|
. ($allowed ? "Y" : "N") . "')";
|
||
|
$first = false;
|
||
|
}
|
||
|
}
|
||
|
$sql_query .= ";";
|
||
|
PMA_queryAsControlUser($sql_query, true);
|
||
|
}
|
||
|
?>
|