mercredi 11 septembre 2019

Problem of link between 2 checkbox, Insert data when it shouldn't

Ok so, I have a problem. Let me explain it.

I need to list to all the schemas in some inputs (checkbox) then we can choose wich one(s) we want to manipulate, to give priviliges to a specific user.

Anyway, I got this, as you can see :

<div id="list-schemas">
    <?php
        foreach ($schemas as $elt) {
        echo '<input type="checkbox" name="schemas[]" value="' . $elt->getSchema() . '"/>' . $elt->getSchema() . '<br />';
        }
    ?>
</div>

Then, I need also to put some checkbox with the privileges, I did that :

<div id="div-privileges">
    <?php
        foreach ($schemas as $elt) {
            echo '<div class="list">';
            echo '<label for="list">' . $elt->getSchema() . ' :</label><br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="REVOKE"/> REVOKE ? <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="ALL"/> ALL PRIVILEGES ? <br />';
            echo '<hr>';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="SELECT"/> SELECT ? <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="INSERT"/> INSERT ? <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="UPDATE"/> UPDATE ?  <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="DELETE"/> DELETE ?  <br />';
            echo '<hr>';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="CREATE"/>CREATE ?  <br />';
            echo '</div>';
        }
    ?>
</div>

It looks like that : https://image.noelshack.com/fichiers/2019/37/3/1568191628-capture2.png

So, that's being said, here's my function update in my UserManager.class.php :

public static function update(User $newPerso){

    $db = DbConnect::getDb();
    $newLogin= pg_escape_string($newPerso->getLogin());
    $arraySchemas=$newPerso->getSchemas();
    $arrayPrivileges=$newPerso->getPrivileges();

    if (isset($arraySchemas)){

        foreach($arrayPrivileges as $schema => $privileges){

            if (isset($arrayPrivileges)){

                foreach($privileges as $privilege){

                    if($privilege=="REVOKE"){
                        pg_query("{$privilege} ALL ON ALL TABLES IN SCHEMA {$schema} FROM {$newLogin};");
                    }

                    else if($privilege=="CREATE"){
                        pg_query("GRANT {$privilege} ON SCHEMA {$schema} TO {$newLogin};");
                    }

                    else if($privilege=="ALL" || $privilege=="INSERT" || $privilege=="SELECT" || $privilege=="UPDATE" || $privilege=="DELETE"){
                        pg_query("GRANT {$privilege} ON ALL TABLES IN SCHEMA {$schema} TO {$newLogin};");
                    }
                }
            }
        }
    }
}

The fact is that, it works, BUT,

When I do that : https://image.noelshack.com/fichiers/2019/37/3/1568186255-capture.png

My User will have (in that example) :

ALL PRIVILEGES in both of these schemas...

It's normal that it works for "public" but how can I prevent for the "schematest"..?




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)