gl-website-deployer/admin/phpMyAdmin/libraries/classes/ConfigStorage/UserGroups.php
2024-11-19 08:02:04 +01:00

351 lines
12 KiB
PHP

<?php
/**
* set of functions for user group handling
*/
declare(strict_types=1);
namespace PhpMyAdmin\ConfigStorage;
use PhpMyAdmin\ConfigStorage\Features\ConfigurableMenusFeature;
use PhpMyAdmin\Html\Generator;
use PhpMyAdmin\Template;
use PhpMyAdmin\Url;
use PhpMyAdmin\Util;
use function __;
use function array_keys;
use function htmlspecialchars;
use function implode;
use function in_array;
use function mb_substr;
use function substr;
/**
* PhpMyAdmin\Server\UserGroups class
*/
class UserGroups
{
/**
* Return HTML to list the users belonging to a given user group
*
* @param string $userGroup user group name
*
* @return string HTML to list the users belonging to a given user group
*/
public static function getHtmlForListingUsersofAGroup(
ConfigurableMenusFeature $configurableMenusFeature,
string $userGroup
): string {
global $dbi;
$users = [];
$numRows = 0;
$userGroupSpecialChars = htmlspecialchars($userGroup);
$usersTable = Util::backquote($configurableMenusFeature->database)
. '.' . Util::backquote($configurableMenusFeature->users);
$sql_query = 'SELECT `username` FROM ' . $usersTable
. " WHERE `usergroup`='" . $dbi->escapeString($userGroup)
. "'";
$result = $dbi->tryQueryAsControlUser($sql_query);
if ($result) {
$i = 0;
while ($row = $result->fetchRow()) {
$users[] = [
'count' => ++$i,
'user' => $row[0],
];
}
}
$template = new Template();
return $template->render('server/user_groups/user_listings', [
'user_group_special_chars' => $userGroupSpecialChars,
'num_rows' => $numRows,
'users' => $users,
]);
}
/**
* Returns HTML for the 'user groups' table
*
* @return string HTML for the 'user groups' table
*/
public static function getHtmlForUserGroupsTable(ConfigurableMenusFeature $configurableMenusFeature): string
{
global $dbi;
$groupTable = Util::backquote($configurableMenusFeature->database)
. '.' . Util::backquote($configurableMenusFeature->userGroups);
$sql_query = 'SELECT * FROM ' . $groupTable . ' ORDER BY `usergroup` ASC';
$result = $dbi->tryQueryAsControlUser($sql_query);
$userGroups = [];
$userGroupsValues = [];
$action = Url::getFromRoute('/server/privileges');
$hidden_inputs = null;
if ($result && $result->numRows()) {
$hidden_inputs = Url::getHiddenInputs();
foreach ($result as $row) {
$groupName = $row['usergroup'];
if (! isset($userGroups[$groupName])) {
$userGroups[$groupName] = [];
}
$userGroups[$groupName][$row['tab']] = $row['allowed'];
}
foreach ($userGroups as $groupName => $tabs) {
$userGroupVal = [];
$userGroupVal['name'] = htmlspecialchars((string) $groupName);
$userGroupVal['serverTab'] = self::getAllowedTabNames($tabs, 'server');
$userGroupVal['dbTab'] = self::getAllowedTabNames($tabs, 'db');
$userGroupVal['tableTab'] = self::getAllowedTabNames($tabs, 'table');
$userGroupVal['userGroupUrl'] = Url::getFromRoute('/server/user-groups');
$userGroupVal['viewUsersUrl'] = Url::getCommon(
[
'viewUsers' => 1,
'userGroup' => $groupName,
],
'',
false
);
$userGroupVal['viewUsersIcon'] = Generator::getIcon('b_usrlist', __('View users'));
$userGroupVal['editUsersUrl'] = Url::getCommon(
[
'editUserGroup' => 1,
'userGroup' => $groupName,
],
'',
false
);
$userGroupVal['editUsersIcon'] = Generator::getIcon('b_edit', __('Edit'));
$userGroupsValues[] = $userGroupVal;
}
}
$addUserUrl = Url::getFromRoute('/server/user-groups', ['addUserGroup' => 1]);
$addUserIcon = Generator::getIcon('b_usradd');
$template = new Template();
return $template->render('server/user_groups/user_groups', [
'action' => $action,
'hidden_inputs' => $hidden_inputs ?? '',
'has_rows' => $userGroups !== [],
'user_groups_values' => $userGroupsValues,
'add_user_url' => $addUserUrl,
'add_user_icon' => $addUserIcon,
]);
}
/**
* Returns the list of allowed menu tab names
* based on a data row from usergroup table.
*
* @param array $row row of usergroup table
* @param string $level 'server', 'db' or 'table'
*
* @return string comma separated list of allowed menu tab names
*/
public static function getAllowedTabNames(array $row, string $level): string
{
$tabNames = [];
$tabs = Util::getMenuTabList($level);
foreach ($tabs as $tab => $tabName) {
if (isset($row[$level . '_' . $tab]) && $row[$level . '_' . $tab] !== 'Y') {
continue;
}
$tabNames[] = $tabName;
}
return implode(', ', $tabNames);
}
/**
* Deletes a user group
*
* @param string $userGroup user group name
*/
public static function delete(ConfigurableMenusFeature $configurableMenusFeature, string $userGroup): void
{
global $dbi;
$userTable = Util::backquote($configurableMenusFeature->database)
. '.' . Util::backquote($configurableMenusFeature->users);
$groupTable = Util::backquote($configurableMenusFeature->database)
. '.' . Util::backquote($configurableMenusFeature->userGroups);
$sql_query = 'DELETE FROM ' . $userTable
. " WHERE `usergroup`='" . $dbi->escapeString($userGroup)
. "'";
$dbi->queryAsControlUser($sql_query);
$sql_query = 'DELETE FROM ' . $groupTable
. " WHERE `usergroup`='" . $dbi->escapeString($userGroup)
. "'";
$dbi->queryAsControlUser($sql_query);
}
/**
* Returns HTML for add/edit user group dialog
*
* @param string|null $userGroup name of the user group in case of editing
*
* @return string HTML for add/edit user group dialog
*/
public static function getHtmlToEditUserGroup(
ConfigurableMenusFeature $configurableMenusFeature,
?string $userGroup = null
): string {
global $dbi;
$urlParams = [];
$editUserGroupSpecialChars = '';
if ($userGroup !== null) {
$editUserGroupSpecialChars = htmlspecialchars($userGroup);
}
if ($userGroup !== null) {
$urlParams['userGroup'] = $userGroup;
$urlParams['editUserGroupSubmit'] = '1';
} else {
$urlParams['addUserGroupSubmit'] = '1';
}
$allowedTabs = [
'server' => [],
'db' => [],
'table' => [],
];
if ($userGroup !== null) {
$groupTable = Util::backquote($configurableMenusFeature->database)
. '.' . Util::backquote($configurableMenusFeature->userGroups);
$sql_query = 'SELECT * FROM ' . $groupTable
. " WHERE `usergroup`='" . $dbi->escapeString($userGroup)
. "'";
$result = $dbi->tryQueryAsControlUser($sql_query);
if ($result) {
foreach ($result as $row) {
$key = $row['tab'];
$value = $row['allowed'];
if (substr($key, 0, 7) === 'server_' && $value === 'Y') {
$allowedTabs['server'][] = mb_substr($key, 7);
} elseif (substr($key, 0, 3) === 'db_' && $value === 'Y') {
$allowedTabs['db'][] = mb_substr($key, 3);
} elseif (substr($key, 0, 6) === 'table_' && $value === 'Y') {
$allowedTabs['table'][] = mb_substr($key, 6);
}
}
}
unset($result);
}
$tabList = self::getTabList(
__('Server-level tabs'),
'server',
$allowedTabs['server']
);
$tabList .= self::getTabList(
__('Database-level tabs'),
'db',
$allowedTabs['db']
);
$tabList .= self::getTabList(
__('Table-level tabs'),
'table',
$allowedTabs['table']
);
$template = new Template();
return $template->render('server/user_groups/edit_user_groups', [
'user_group' => $userGroup,
'edit_user_group_special_chars' => $editUserGroupSpecialChars,
'user_group_url' => Url::getFromRoute('/server/user-groups'),
'hidden_inputs' => Url::getHiddenInputs($urlParams),
'tab_list' => $tabList,
]);
}
/**
* Returns HTML for checkbox groups to choose
* tabs of 'server', 'db' or 'table' levels.
*
* @param string $title title of the checkbox group
* @param string $level 'server', 'db' or 'table'
* @param array $selected array of selected allowed tabs
*
* @return string HTML for checkbox groups
*/
public static function getTabList(string $title, string $level, array $selected): string
{
$tabs = Util::getMenuTabList($level);
$tabDetails = [];
foreach ($tabs as $tab => $tabName) {
$tabDetail = [];
$tabDetail['in_array'] = (in_array($tab, $selected) ? ' checked="checked"' : '');
$tabDetail['tab'] = $tab;
$tabDetail['tab_name'] = $tabName;
$tabDetails[] = $tabDetail;
}
$template = new Template();
return $template->render('server/user_groups/tab_list', [
'title' => $title,
'level' => $level,
'tab_details' => $tabDetails,
]);
}
/**
* Add/update a user group with allowed menu tabs.
*
* @param string $userGroup user group name
* @param bool $new whether this is a new user group
*/
public static function edit(
ConfigurableMenusFeature $configurableMenusFeature,
string $userGroup,
bool $new = false
): void {
global $dbi;
$tabs = Util::getMenuTabList();
$groupTable = Util::backquote($configurableMenusFeature->database)
. '.' . Util::backquote($configurableMenusFeature->userGroups);
if (! $new) {
$sql_query = 'DELETE FROM ' . $groupTable
. " WHERE `usergroup`='" . $dbi->escapeString($userGroup)
. "';";
$dbi->queryAsControlUser($sql_query);
}
$sql_query = 'INSERT INTO ' . $groupTable
. '(`usergroup`, `tab`, `allowed`)'
. ' VALUES ';
$first = true;
/** @var array<string, string> $tabGroup */
foreach ($tabs as $tabGroupName => $tabGroup) {
foreach (array_keys($tabGroup) as $tab) {
if (! $first) {
$sql_query .= ', ';
}
$tabName = $tabGroupName . '_' . $tab;
$allowed = isset($_POST[$tabName]) && $_POST[$tabName] === 'Y';
$sql_query .= "('" . $dbi->escapeString($userGroup) . "', '" . $tabName . "', '"
. ($allowed ? 'Y' : 'N') . "')";
$first = false;
}
}
$sql_query .= ';';
$dbi->queryAsControlUser($sql_query);
}
}