public static function get_permission_sql($db_doc, $node_schema, $node_object, $node_permission, $action = 'grant') { if (strcasecmp($node_permission->getName(), 'grant') != 0 && strcasecmp($node_permission->getName(), 'revoke') != 0) { throw new exception("Cannot extract permission rights from node that is not grant or revoke"); } if (!isset($node_permission['operation']) || strlen($node_permission['operation']) == 0) { throw new exception("node_permission operation definition is empty"); } $object_name = ''; $object_type = strtoupper($node_object->getName()); $privileges = array_map(function ($p) use($object_type) { return mysql5_permission::get_real_privilege($p, $object_type); }, static::get_permission_privileges($node_permission)); $roles = static::get_permission_roles($db_doc, $node_permission); $with = static::get_permission_options_sql($node_permission); switch ($object_type) { case 'SCHEMA': // all tables on current database, because no schemas $object_name = '*'; break; case 'VIEW': return "-- Ignoring permissions on view '{$node_object['name']}' because MySQL uses SQL SECURITY DEFINER semantics\n"; case 'TABLE': $object_name = mysql5::get_fully_qualified_table_name($node_schema['name'], $node_object['name']); break; case 'FUNCTION': $object_name = "FUNCTION " . mysql5::get_fully_qualified_object_name($node_schema['name'], $node_object['name'], 'function'); break; case 'SEQUENCE': // sequences exist as rows in a table for mysql $object_name = mysql5::get_fully_qualified_table_name($node_schema['name'], mysql5_sequence::TABLE_NAME); break; default: throw new exception("unknown object type encountered: " . $object_type); } $sql = static::get_sql(strtoupper($action), $object_name, $privileges, array_map('mysql5::get_quoted_object_name', $roles), $with) . "\n"; return $sql; }
public static function get_declaration($node_schema, $node_function) { return mysql5::get_fully_qualified_object_name($node_schema['name'], $node_function['name'], 'function'); }