Current File : //usr/share/webmin/postgresql/delete_grants.cgi |
#!/usr/bin/perl
# Reset privilege grants on some table/view/index
require './postgresql-lib.pl';
&ReadParse();
&error_setup($text{'dgrant_err'});
$access{'users'} || &error($text{'grant_ecannot'});
@d = split(/\0/, $in{'d'});
@d || &error($text{'dgrant_enone'});
foreach $d (@d) {
($db, $table, $ns, $type) = split(/\//, $d, -1);
$ss = &supports_schemas($db);
# Get old privileges
if ($ss) {
$s = &execute_sql($db, 'select relname, relacl, nspname from pg_class, pg_namespace where relnamespace = pg_namespace.oid and (relkind = \'r\' OR relkind = \'S\') and relname !~ \'^pg_\' order by relname');
$ss = 1;
}
else {
$s = &execute_sql($db, 'select relname, relacl, \'public\' from pg_class where (relkind = \'r\' OR relkind = \'S\') and relname !~ \'^pg_\' order by relname');
$ss = 0;
}
foreach $g (@{$s->{'data'}}) {
if ($g->[0] eq $table &&
$g->[2] eq $ns) {
$g->[1] =~ s/^\{//; $g->[1] =~ s/\}$//;
@grant = map { /^"(.*)=(.*)"$/ || /^(.*)=(.*)$/; [ $1, $2 ] }
split(/,/, $g->[1]);
}
}
# Revoke them
$qt = $ss ? "e_table($ns.".".$table)
: "e_table($table);
foreach $g (@grant) {
next if (!$g->[1]);
if ($g->[0] eq '') {
$who = "public";
}
elsif ($g->[0] =~ /group\s+(\S+)/) {
$who = "group \"$1\"";
}
else {
$who = "\"$g->[0]\"";
}
&execute_sql_logged($db, "revoke all on $qt from $who");
}
}
&webmin_log("degrant", undef, scalar(@d));
&redirect("list_grants.cgi?search=".&urlize($in{'search'}));