Пример #1
0
 /**
  * Sets the adapter and the tablename of the resource retroactively.
  * @param string $database name of the database
  * @param string $table name of the table
  */
 public function init($database, $table = null)
 {
     // get the user adapter
     $username = Daiquiri_Auth::getInstance()->getCurrentUsername();
     // check if this database is the user datasbase
     if ($database === Daiquiri_Config::getInstance()->getUserDbName($username)) {
         $adapter = Daiquiri_Config::getInstance()->getUserDbAdapter();
     } else {
         // get the database id and check permission on database
         $databasesResource = new Data_Model_Resource_Databases();
         $result = $databasesResource->checkACL($database, 'select');
         if ($result !== true) {
             throw new Daiquiri_Exception_NotFound();
         }
         // check permission on table access
         if ($table) {
             $tablesResource = new Data_Model_Resource_Tables();
             $result = $tablesResource->checkACL($database, $table, 'select');
             if ($result !== true) {
                 throw new Daiquiri_Exception_NotFound();
             }
         }
         // if everything went ok get adapter
         $adapter = Daiquiri_Config::getInstance()->getUserDbAdapter($database);
     }
     // set adapter and table
     $this->setAdapter($adapter);
     if ($table) {
         $this->setTablename($table);
     }
 }
Пример #2
0
 /**
  * @brief   checkDbTable method - checks whether user has access to a given database
  *                                and table
  * @param   $database: database name
  * @param   $table: table name
  * @param   $permission: the desired permission
  * @return  TRUE or FALSE
  * 
  * Checks whether the user has access to the given database and table with the desired
  * permission. This uses the Data module for ACLing of the databases and tables. The information
  * stored in the database meta data store is needed for this. 
  */
 public function checkDbTable($database, $table, $permission)
 {
     // switch of security for debugging
     if (Daiquiri_Config::getInstance()->auth->debug === '1') {
         return true;
     }
     // check if this is the users database
     $userDB = Daiquiri_Config::getInstance()->getUserDbName($this->getCurrentUsername());
     if ($database === $userDB) {
         return true;
     }
     // check in the data module first, if metadata exists and handle them
     // accordingly
     $databasesResource = new Data_Model_Resource_Databases();
     if ($databasesResource->checkACL($database, $permission)) {
         if ($table === false) {
             return true;
         } else {
             // access to database granted, so let's check for table access
             $tablesResource = new Data_Model_Resource_Tables();
             if ($tablesResource->checkACL($database, $table, $permission)) {
                 return true;
             }
         }
     }
     // scratch database has read access
     $scratchDB = Daiquiri_Config::getInstance()->query->scratchdb;
     if (!empty($scratchDB) && $database === $scratchDB && ($permission === "select" || $permission === "set")) {
         return true;
     }
     return false;
 }