Ejemplo n.º 1
0
 public static function get_permission_sql($db_doc, $node_schema, $node_object, $node_permission, $action = 'grant')
 {
     if (strcasecmp($node_permission->getName(), 'grant') != 0 && strcasecmp($node_permission->getName(), 'revoke') != 0) {
         throw new exception("Cannot extract permission rights from node that is not grant or revoke");
     }
     if (!isset($node_permission['operation']) || strlen($node_permission['operation']) == 0) {
         throw new exception("node_permission operation definition is empty");
     }
     $object_name = '';
     $object_type = strtoupper($node_object->getName());
     $privileges = array_map(function ($p) use($object_type) {
         return mysql5_permission::get_real_privilege($p, $object_type);
     }, static::get_permission_privileges($node_permission));
     $roles = static::get_permission_roles($db_doc, $node_permission);
     $with = static::get_permission_options_sql($node_permission);
     switch ($object_type) {
         case 'SCHEMA':
             // all tables on current database, because no schemas
             $object_name = '*';
             break;
         case 'VIEW':
             return "-- Ignoring permissions on view '{$node_object['name']}' because MySQL uses SQL SECURITY DEFINER semantics\n";
         case 'TABLE':
             $object_name = mysql5::get_fully_qualified_table_name($node_schema['name'], $node_object['name']);
             break;
         case 'FUNCTION':
             $object_name = "FUNCTION " . mysql5::get_fully_qualified_object_name($node_schema['name'], $node_object['name'], 'function');
             break;
         case 'SEQUENCE':
             // sequences exist as rows in a table for mysql
             $object_name = mysql5::get_fully_qualified_table_name($node_schema['name'], mysql5_sequence::TABLE_NAME);
             break;
         default:
             throw new exception("unknown object type encountered: " . $object_type);
     }
     $sql = static::get_sql(strtoupper($action), $object_name, $privileges, array_map('mysql5::get_quoted_object_name', $roles), $with) . "\n";
     return $sql;
 }