/** * Sets the adapter and the tablename of the resource retroactively. * @param string $database name of the database * @param string $table name of the table */ public function init($database, $table = null) { // get the user adapter $username = Daiquiri_Auth::getInstance()->getCurrentUsername(); // check if this database is the user datasbase if ($database === Daiquiri_Config::getInstance()->getUserDbName($username)) { $adapter = Daiquiri_Config::getInstance()->getUserDbAdapter(); } else { // get the database id and check permission on database $databasesResource = new Data_Model_Resource_Databases(); $result = $databasesResource->checkACL($database, 'select'); if ($result !== true) { throw new Daiquiri_Exception_NotFound(); } // check permission on table access if ($table) { $tablesResource = new Data_Model_Resource_Tables(); $result = $tablesResource->checkACL($database, $table, 'select'); if ($result !== true) { throw new Daiquiri_Exception_NotFound(); } } // if everything went ok get adapter $adapter = Daiquiri_Config::getInstance()->getUserDbAdapter($database); } // set adapter and table $this->setAdapter($adapter); if ($table) { $this->setTablename($table); } }
/** * @brief checkDbTable method - checks whether user has access to a given database * and table * @param $database: database name * @param $table: table name * @param $permission: the desired permission * @return TRUE or FALSE * * Checks whether the user has access to the given database and table with the desired * permission. This uses the Data module for ACLing of the databases and tables. The information * stored in the database meta data store is needed for this. */ public function checkDbTable($database, $table, $permission) { // switch of security for debugging if (Daiquiri_Config::getInstance()->auth->debug === '1') { return true; } // check if this is the users database $userDB = Daiquiri_Config::getInstance()->getUserDbName($this->getCurrentUsername()); if ($database === $userDB) { return true; } // check in the data module first, if metadata exists and handle them // accordingly $databasesResource = new Data_Model_Resource_Databases(); if ($databasesResource->checkACL($database, $permission)) { if ($table === false) { return true; } else { // access to database granted, so let's check for table access $tablesResource = new Data_Model_Resource_Tables(); if ($tablesResource->checkACL($database, $table, $permission)) { return true; } } } // scratch database has read access $scratchDB = Daiquiri_Config::getInstance()->query->scratchdb; if (!empty($scratchDB) && $database === $scratchDB && ($permission === "select" || $permission === "set")) { return true; } return false; }
/** * Inserts one table entry and, optionally, fills the columns with information from * the database or a provided array. * Returns the primary key of the new row. * @param array $data row data * @throws Exception * @return int $id */ public function insertRow(array $data = array()) { if (empty($data)) { throw new Exception('$data not provided in ' . get_class($this) . '::' . __FUNCTION__ . '()'); } if (isset($data['autofill'])) { $autofill = $data['autofill']; unset($data['autofill']); } if (isset($data['tableDescription'])) { $tableDescription = $data['tableDescription']; unset($data['tableDescription']); } // store row in database and get id $this->getAdapter()->insert('Data_Tables', $data); $id = $this->getAdapter()->lastInsertId(); if (isset($autofill) && !empty($autofill)) { // get the additional resources $columnResource = new Data_Model_Resource_Columns(); $databaseResource = new Data_Model_Resource_Databases(); // auto create entries for all columns $row = $databaseResource->fetchRow($data['database_id']); $database = $row['name']; $table = $data['name']; try { if (empty($tableDescription)) { $descResource = new Data_Model_Resource_Description(); $descResource->init($database); $tableDescription = $descResource->describeTable($table); } foreach ($tableDescription['columns'] as $column) { $column['table'] = $table; $column['table_id'] = $id; $column['database'] = $database; $columnResource->insertRow($column); } } catch (Exception $e) { $this->getAdapter()->delete('Data_Tables', array('`id` = ?' => $id)); throw $e; } } return $id; }