libraries/check_user_privileges.lib.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Get user's global privileges and some db-specific privileges
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 if (! defined('PHPMYADMIN')) {
   9     exit;
  10 }
  11
  12 /**
  13  *
  14  */
  15 $GLOBALS['is_superuser'] = $GLOBALS['dbi']->isSuperuser();
  16
  17 /**
  18  * sets privilege information extracted from SHOW GRANTS result
  19  *
  20  * Detection for some CREATE privilege.
  21  *
  22  * Since MySQL 4.1.2, we can easily detect current user's grants using $userlink
  23  * (no control user needed) and we don't have to try any other method for
  24  * detection
  25  *
  26  * @todo fix to get really all privileges, not only explicitly defined for this user
  27  * from MySQL manual: (http://dev.mysql.com/doc/refman/5.0/en/show-grants.html)
  28  * SHOW GRANTS displays only the privileges granted explicitly to the named
  29  * account. Other privileges might be available to the account, but they are not
  30  * displayed. For example, if an anonymous account exists, the named account
  31  * might be able to use its privileges, but SHOW GRANTS will not display them.
  32  *
  33  * @return void
  34  */
  35 function PMA_analyseShowGrant()
  36 {
  37     if (PMA_Util::cacheExists('is_create_db_priv')) {
  38         $GLOBALS['is_create_db_priv'] = PMA_Util::cacheGet(
  39             'is_create_db_priv'
  40         );
  41         $GLOBALS['is_process_priv'] = PMA_Util::cacheGet(
  42             'is_process_priv'
  43         );
  44         $GLOBALS['is_reload_priv'] = PMA_Util::cacheGet(
  45             'is_reload_priv'
  46         );
  47         $GLOBALS['db_to_create'] = PMA_Util::cacheGet(
  48             'db_to_create'
  49         );
  50         $GLOBALS['dbs_where_create_table_allowed'] = PMA_Util::cacheGet(
  51             'dbs_where_create_table_allowed'
  52         );
  53         $GLOBALS['dbs_to_test'] = PMA_Util::cacheGet(
  54             'dbs_to_test'
  55         );
  56         return;
  57     }
  58
  59     // defaults
  60     $GLOBALS['is_create_db_priv']  = false;
  61     $GLOBALS['is_process_priv']    = true;
  62     $GLOBALS['is_reload_priv']     = false;
  63     $GLOBALS['db_to_create']       = '';
  64     $GLOBALS['dbs_where_create_table_allowed'] = array();
  65     $GLOBALS['dbs_to_test']        = $GLOBALS['dbi']->getSystemSchemas();
  66
  67     $rs_usr = $GLOBALS['dbi']->tryQuery('SHOW GRANTS');
  68
  69     if (! $rs_usr) {
  70         return;
  71     }
  72
  73     $re0 = '(^|(\\\\\\\\)+|[^\\\\])'; // non-escaped wildcards
  74     $re1 = '(^|[^\\\\])(\\\)+'; // escaped wildcards
  75
  76     while ($row = $GLOBALS['dbi']->fetchRow($rs_usr)) {
  77         // extract db from GRANT ... ON *.* or GRANT ... ON db.*
  78         $db_name_offset = /*overload*/mb_strpos($row[0], ' ON ') + 4;
  79         $show_grants_dbname = /*overload*/mb_substr(
  80             $row[0], $db_name_offset,
  81             /*overload*/mb_strpos($row[0], '.', $db_name_offset) - $db_name_offset
  82         );
  83         $show_grants_dbname = PMA_Util::unQuote($show_grants_dbname, '`');
  84
  85         $show_grants_str    = /*overload*/mb_substr(
  86             $row[0],
  87             6,
  88             (/*overload*/mb_strpos($row[0], ' ON ') - 6)
  89         );
  90
  91         if ($show_grants_dbname == '*') {
  92             if ($show_grants_str != 'USAGE') {
  93                 $GLOBALS['dbs_to_test'] = false;
  94             }
  95         } elseif ($GLOBALS['dbs_to_test'] !== false) {
  96             $GLOBALS['dbs_to_test'][] = $show_grants_dbname;
  97         }
  98
  99         if ($show_grants_str == 'RELOAD') {
 100             $GLOBALS['is_reload_priv'] = true;
 101         }
 102
 103         /**
 104          * @todo if we find CREATE VIEW but not CREATE, do not offer
 105          * the create database dialog box
 106          */
 107         if ($show_grants_str == 'ALL'
 108             || $show_grants_str == 'ALL PRIVILEGES'
 109             || $show_grants_str == 'CREATE'
 110             || strpos($show_grants_str, 'CREATE,') !== false
 111         ) {
 112             if ($show_grants_dbname == '*') {
 113                 // a global CREATE privilege
 114                 $GLOBALS['is_create_db_priv'] = true;
 115                 $GLOBALS['is_reload_priv'] = true;
 116                 $GLOBALS['db_to_create']   = '';
 117                 $GLOBALS['dbs_where_create_table_allowed'][] = '*';
 118                 // @todo we should not break here, cause GRANT ALL *.*
 119                 // could be revoked by a later rule like GRANT SELECT ON db.*
 120                 break;
 121             } else {
 122                 // this array may contain wildcards
 123                 $GLOBALS['dbs_where_create_table_allowed'][] = $show_grants_dbname;
 124
 125                 $dbname_to_test = PMA_Util::backquote($show_grants_dbname);
 126
 127                 if ($GLOBALS['is_create_db_priv']) {
 128                     // no need for any more tests if we already know this
 129                     continue;
 130                 }
 131
 132                 // does this db exist?
 133                 if ((preg_match('/' . $re0 . '%|_/', $show_grants_dbname)
 134                     && ! preg_match('/\\\\%|\\\\_/', $show_grants_dbname))
 135                     || (! $GLOBALS['dbi']->tryQuery(
 136                         'USE ' .  preg_replace(
 137                             '/' . $re1 . '(%|_)/', '\\1\\3', $dbname_to_test
 138                         )
 139                     )
 140                     && /*overload*/mb_substr($GLOBALS['dbi']->getError(), 1, 4) != 1044)
 141                 ) {
 142                     /**
 143                      * Do not handle the underscore wildcard
 144                      * (this case must be rare anyway)
 145                      */
 146                     $GLOBALS['db_to_create'] = preg_replace(
 147                         '/' . $re0 . '%/',     '\\1',
 148                         $show_grants_dbname
 149                     );
 150                     $GLOBALS['db_to_create'] = preg_replace(
 151                         '/' . $re1 . '(%|_)/', '\\1\\3',
 152                         $GLOBALS['db_to_create']
 153                     );
 154                     $GLOBALS['is_create_db_priv'] = true;
 155
 156                     /**
 157                      * @todo collect $GLOBALS['db_to_create'] into an array,
 158                      * to display a drop-down in the "Create database" dialog
 159                      */
 160                      // we don't break, we want all possible databases
 161                      //break;
 162                 } // end if
 163             } // end elseif
 164         } // end if
 165     } // end while
 166
 167     $GLOBALS['dbi']->freeResult($rs_usr);
 168
 169     // must also cacheUnset() them in
 170     // libraries/plugins/auth/AuthenticationCookie.class.php
 171     PMA_Util::cacheSet('is_create_db_priv', $GLOBALS['is_create_db_priv']);
 172     PMA_Util::cacheSet('is_process_priv', $GLOBALS['is_process_priv']);
 173     PMA_Util::cacheSet('is_reload_priv', $GLOBALS['is_reload_priv']);
 174     PMA_Util::cacheSet('db_to_create', $GLOBALS['db_to_create']);
 175     PMA_Util::cacheSet(
 176         'dbs_where_create_table_allowed',
 177         $GLOBALS['dbs_where_create_table_allowed']
 178     );
 179     PMA_Util::cacheSet('dbs_to_test', $GLOBALS['dbs_to_test']);
 180 } // end function
 181
 182 if (!PMA_DRIZZLE) {
 183     PMA_analyseShowGrant();
 184 } else {
 185     // todo: for simple_user_policy only database with user's login can be created
 186     // (unless logged in as root)
 187     $GLOBALS['is_create_db_priv'] = $GLOBALS['is_superuser'];
 188     $GLOBALS['is_process_priv']   = false;
 189     $GLOBALS['is_reload_priv']    = false;
 190     $GLOBALS['db_to_create']      = '';
 191     $GLOBALS['dbs_where_create_table_allowed'] = array('*');
 192     $GLOBALS['dbs_to_test']       = false;
 193 }
 194
 195 ?>