105 lines
3.3 KiB
PHP
105 lines
3.3 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace PhpMyAdmin\Controllers\Server;
|
|
|
|
use PhpMyAdmin\CheckUserPrivileges;
|
|
use PhpMyAdmin\ConfigStorage\Features\ConfigurableMenusFeature;
|
|
use PhpMyAdmin\ConfigStorage\Relation;
|
|
use PhpMyAdmin\Controllers\AbstractController;
|
|
use PhpMyAdmin\DatabaseInterface;
|
|
use PhpMyAdmin\ResponseRenderer;
|
|
use PhpMyAdmin\Template;
|
|
use PhpMyAdmin\Util;
|
|
|
|
use function __;
|
|
use function sprintf;
|
|
use function strlen;
|
|
|
|
final class UserGroupsFormController extends AbstractController
|
|
{
|
|
/** @var Relation */
|
|
private $relation;
|
|
|
|
/** @var DatabaseInterface */
|
|
private $dbi;
|
|
|
|
public function __construct(
|
|
ResponseRenderer $response,
|
|
Template $template,
|
|
Relation $relation,
|
|
DatabaseInterface $dbi
|
|
) {
|
|
parent::__construct($response, $template);
|
|
$this->relation = $relation;
|
|
$this->dbi = $dbi;
|
|
}
|
|
|
|
public function __invoke(): void
|
|
{
|
|
$this->response->setAjax(true);
|
|
|
|
if (! isset($_GET['username']) || strlen((string) $_GET['username']) === 0) {
|
|
$this->response->setRequestStatus(false);
|
|
$this->response->setHttpResponseCode(400);
|
|
$this->response->addJSON('message', __('Missing parameter:') . ' username');
|
|
|
|
return;
|
|
}
|
|
|
|
$username = $_GET['username'];
|
|
|
|
$checkUserPrivileges = new CheckUserPrivileges($this->dbi);
|
|
$checkUserPrivileges->getPrivileges();
|
|
|
|
$configurableMenusFeature = $this->relation->getRelationParameters()->configurableMenusFeature;
|
|
if ($configurableMenusFeature === null) {
|
|
$this->response->setRequestStatus(false);
|
|
$this->response->setHttpResponseCode(400);
|
|
$this->response->addJSON('message', __('User groups management is not enabled.'));
|
|
|
|
return;
|
|
}
|
|
|
|
$form = $this->getHtmlToChooseUserGroup($username, $configurableMenusFeature);
|
|
|
|
$this->response->addJSON('message', $form);
|
|
}
|
|
|
|
/**
|
|
* Displays a dropdown to select the user group with menu items configured to each of them.
|
|
*/
|
|
private function getHtmlToChooseUserGroup(
|
|
string $username,
|
|
ConfigurableMenusFeature $configurableMenusFeature
|
|
): string {
|
|
$groupTable = Util::backquote($configurableMenusFeature->database)
|
|
. '.' . Util::backquote($configurableMenusFeature->userGroups);
|
|
$userTable = Util::backquote($configurableMenusFeature->database)
|
|
. '.' . Util::backquote($configurableMenusFeature->users);
|
|
|
|
$sqlQuery = sprintf(
|
|
'SELECT `usergroup` FROM %s WHERE `username` = \'%s\'',
|
|
$userTable,
|
|
$this->dbi->escapeString($username)
|
|
);
|
|
$userGroup = $this->dbi->fetchValue($sqlQuery, 0, DatabaseInterface::CONNECT_CONTROL);
|
|
|
|
$allUserGroups = [];
|
|
$sqlQuery = 'SELECT DISTINCT `usergroup` FROM ' . $groupTable;
|
|
$result = $this->dbi->tryQueryAsControlUser($sqlQuery);
|
|
if ($result) {
|
|
while ($row = $result->fetchRow()) {
|
|
$allUserGroups[$row[0]] = $row[0];
|
|
}
|
|
}
|
|
|
|
return $this->template->render('server/privileges/choose_user_group', [
|
|
'all_user_groups' => $allUserGroups,
|
|
'user_group' => $userGroup,
|
|
'params' => ['username' => $username],
|
|
]);
|
|
}
|
|
}
|