Support for listing, creating and dropping roles. Support sending encrypted passwords in a few places that I missed.

8 files changed, 222 insertions, 40 deletions

diff --git a/classes/Misc.php b/classes/Misc.php
index 08aa32d2..9837d65b 100644
--- a/classes/Misc.php
+++ b/classes/Misc.php
@@ -2,7 +2,7 @@
 	/**
 	 * Class to hold various commonly used functions
 	 *
-	 * $Id: Misc.php,v 1.125 2006/01/09 05:43:49 chriskl Exp $
+	 * $Id: Misc.php,v 1.126 2006/04/21 03:31:25 chriskl Exp $
 	 */
 	 
 	class Misc {
@@ -490,36 +490,55 @@
 				case 'server':
 					$server_info = $this->getServerInfo();
 					$hide_users = !$data->isSuperUser($server_info['username']);
-					return array (
+					$tmp = array (
 						'databases' => array (
 							'title' => $lang['strdatabases'],
 							'url'   => 'all_db.php',
 							'urlvars' => array('subject' => 'server'),
 							'help'  => 'pg.database',
 							'icon'  => 'Databases',
-						),
-						'users' => array (
-							'title' => $lang['strusers'],
-							'url'   => 'users.php',
-							'urlvars' => array('subject' => 'server'),
-							'hide'  => $hide_users,
-							'help'  => 'pg.user',
-							'icon'  => 'Users',
-						),
-						'groups' => array (
-							'title' => $lang['strgroups'],
-							'url'   => 'groups.php',
-							'urlvars' => array('subject' => 'server'),
-							'hide'  => $hide_users,
-							'help'  => 'pg.group',
-							'icon'  => 'UserGroups',
-						),
+						)
+					);
+					if ($data->hasRoles()) {
+						$tmp = array_merge($tmp, array(
+							'roles' => array (
+								'title' => $lang['strroles'],
+								'url'   => 'roles.php',
+								'urlvars' => array('subject' => 'server'),
+								'hide'  => $hide_users,
+								'help'  => 'pg.role',
+								'icon'  => 'Roles',
+							)
+						));
+					}
+					else {
+						$tmp = array_merge($tmp, array(
+							'users' => array (
+								'title' => $lang['strusers'],
+								'url'   => 'users.php',
+								'urlvars' => array('subject' => 'server'),
+								'hide'  => $hide_users,
+								'help'  => 'pg.user',
+								'icon'  => 'Users',
+							),
+							'groups' => array (
+								'title' => $lang['strgroups'],
+								'url'   => 'groups.php',
+								'urlvars' => array('subject' => 'server'),
+								'hide'  => $hide_users,
+								'help'  => 'pg.group',
+								'icon'  => 'UserGroups',
+							)
+						));
+					}
+					
+					$tmp = array_merge($tmp, array(							
 						'account' => array (
 							'title' => $lang['straccount'],
-							'url'   => 'users.php',
+							'url'   => $data->hasRoles() ? 'roles.php' : 'users.php',
 							'urlvars' => array('subject' => 'server', 'action' => 'account'),
 							'hide'  => !$hide_users,
-							'help'  => 'pg.user',
+							'help'  => 'pg.role',
 							'icon'  => 'User',
 						),
 						'tablespaces' => array (
@@ -543,9 +562,10 @@
 							'urlvars' => array('subject' => 'server'),
 							'hide' => !$conf['show_reports'],
 							'icon' => 'Reports',
-						),
-					);
-
+						)
+					));
+					return $tmp;
+					break;
 				case 'database':
 					$tabs = array (
 						'schemas' => array (
@@ -1448,7 +1468,7 @@
 				foreach ($columns as $column_id => $column) {
 					switch ($column_id) {
 						case 'actions':
-							echo "<th class=\"data\" colspan=\"", count($actions), "\">{$column['title']}</th>\n";
+							if (sizeof($actions) > 0) echo "<th class=\"data\" colspan=\"", count($actions), "\">{$column['title']}</th>\n";
 							break;
 						default:
 							echo "<th class=\"data\">";
diff --git a/classes/database/Postgres.php b/classes/database/Postgres.php
index d0d2ff31..624d11cf 100755
--- a/classes/database/Postgres.php
+++ b/classes/database/Postgres.php
@@ -4,7 +4,7 @@
  * A class that implements the DB interface for Postgres
  * Note: This class uses ADODB and returns RecordSets.
  *
- * $Id: Postgres.php,v 1.282 2006/03/17 21:14:30 xzilla Exp $
+ * $Id: Postgres.php,v 1.283 2006/04/21 03:31:25 chriskl Exp $
  */
 
 // @@@ THOUGHT: What about inherits? ie. use of ONLY???
@@ -4513,6 +4513,7 @@ class Postgres extends ADODB_base {
 	function hasReadOnlyQueries() { return false; }
 	function hasFuncPrivs() { return false; }
 	function hasServerAdminFuncs() { return false; }
+	function hasRoles() { return false; }
 	function hasAutovacuum() { return false; }
 
 }
diff --git a/classes/database/Postgres72.php b/classes/database/Postgres72.php
index 1db157f5..cf5fc10b 100644
--- a/classes/database/Postgres72.php
+++ b/classes/database/Postgres72.php
@@ -4,7 +4,7 @@
  * A class that implements the DB interface for Postgres
  * Note: This class uses ADODB and returns RecordSets.
  *
- * $Id: Postgres72.php,v 1.85 2005/12/20 01:33:15 chriskl Exp $
+ * $Id: Postgres72.php,v 1.86 2006/04/21 03:31:26 chriskl Exp $
  */
 
 
@@ -65,10 +65,11 @@ class Postgres72 extends Postgres71 {
 	 * @return 0 success
 	 */
 	function changePassword($username, $password) {
+		$enc = $this->_encryptPassword($username, $password);
 		$this->fieldClean($username);
-		$this->clean($password);
+		$this->clean($enc);
 		
-		$sql = "ALTER USER \"{$username}\" WITH ENCRYPTED PASSWORD '" . $this->_encryptPassword($username, $password) . "'";
+		$sql = "ALTER USER \"{$username}\" WITH ENCRYPTED PASSWORD '{$enc}'";
 		
 		return $this->execute($sql);
 	}
@@ -84,13 +85,14 @@ class Postgres72 extends Postgres71 {
 	 * @return 0 success
 	 */
 	function createUser($username, $password, $createdb, $createuser, $expiry, $groups) {
+		$enc = $this->_encryptPassword($username, $password);
 		$this->fieldClean($username);
-		$this->clean($password);
+		$this->clean($end);
 		$this->clean($expiry);
 		$this->fieldArrayClean($groups);		
 
 		$sql = "CREATE USER \"{$username}\"";
-		if ($password != '') $sql .= " WITH ENCRYPTED PASSWORD '" . $this->_encryptPassword($username, $password) . "'";
+		if ($password != '') $sql .= " WITH ENCRYPTED PASSWORD '{$enc}'";
 		$sql .= ($createdb) ? ' CREATEDB' : ' NOCREATEDB';
 		$sql .= ($createuser) ? ' CREATEUSER' : ' NOCREATEUSER';
 		if (is_array($groups) && sizeof($groups) > 0) $sql .= " IN GROUP \"" . join('", "', $groups) . "\"";
@@ -110,12 +112,13 @@ class Postgres72 extends Postgres71 {
 	 * @return 0 success
 	 */
 	function setUser($username, $password, $createdb, $createuser, $expiry) {
+		$enc = $this->_encryptPassword($username, $password);
 		$this->fieldClean($username);
-		$this->clean($password);
+		$this->clean($enc);
 		$this->clean($expiry);
 		
 		$sql = "ALTER USER \"{$username}\"";
-		if ($password != '') $sql .= " WITH ENCRYPTED PASSWORD '" . $this->_encryptPassword($username, $password) . "'";
+		if ($password != '') $sql .= " WITH ENCRYPTED PASSWORD '{$enc}'";
 		$sql .= ($createdb) ? ' CREATEDB' : ' NOCREATEDB';
 		$sql .= ($createuser) ? ' CREATEUSER' : ' NOCREATEUSER';
 		if ($expiry != '') $sql .= " VALID UNTIL '{$expiry}'";
diff --git a/classes/database/Postgres81.php b/classes/database/Postgres81.php
index 4237ee4f..d7d6931d 100644
--- a/classes/database/Postgres81.php
+++ b/classes/database/Postgres81.php
@@ -3,7 +3,7 @@
 /**
  * PostgreSQL 8.1 support
  *
- * $Id: Postgres81.php,v 1.5 2006/03/17 21:14:30 xzilla Exp $
+ * $Id: Postgres81.php,v 1.6 2006/04/21 03:31:26 chriskl Exp $
  */
 
 include_once('./classes/database/Postgres80.php');
@@ -110,6 +110,134 @@ class Postgres81 extends Postgres80 {
 		return $this->selectSet($sql);
 	}
 
+	// Roles
+	
+	/**
+	 * Changes a role's password
+	 * @param $rolename The rolename
+	 * @param $password The new password
+	 * @return 0 success
+	 */
+	function changePassword($rolename, $password) {
+		$enc = $this->_encryptPassword($rolename, $password);
+		$this->fieldClean($rolename);
+		$this->clean($enc);
+		
+		$sql = "ALTER ROLE \"{$rolename}\" WITH ENCRYPTED PASSWORD '{$enc}'";
+		
+		return $this->execute($sql);
+	}
+	
+	/**
+	 * Returns all roles in the database cluster
+	 * @return All roles
+	 */
+	function getRoles() {
+		$sql = "SELECT * FROM pg_catalog.pg_roles ORDER BY rolname";
+		
+		return $this->selectSet($sql);
+	}
+	
+	/**
+	 * Returns information about a single role
+	 * @param $rolename The username of the role to retrieve
+	 * @return The role's data
+	 */
+	function getRole($rolename) {
+		$this->clean($rolename);
+		
+		$sql = "SELECT * FROM pg_catalog.pg_roles WHERE rolname='{$rolename}'";
+		
+		return $this->selectSet($sql);
+	}
+
+	/**
+	 * Creates a new role
+	 * @param $rolename The rolename of the role to create
+	 * @param $password A password for the role
+	 * @param $createdb boolean Whether or not the role can create databases
+	 * @param $createrole boolean Whether or not the role can create other roles
+	 * @param $expiry string Format 'YYYY-MM-DD HH:MM:SS'.  '' means never expire
+	 * @param $group (array) The groups to create the role in
+	 * @return 0 success
+	 */
+	function createRole($rolename, $password, $createdb, $super, $createrole, $inherits, $login, $expiry, $conn, $roles) {
+		$enc = $this->_encryptPassword($rolename, $password);
+		$this->fieldClean($rolename);
+		$this->clean($expiry);
+		$this->clean($conn);
+		$this->fieldArrayClean($roles);
+
+		$sql = "CREATE ROLE \"{$rolename}\"";
+		if ($password != '') $sql .= " WITH ENCRYPTED PASSWORD '{$enc}'";
+		$sql .= ($createdb) ? ' CREATEDB' : ' NOCREATEDB';
+		$sql .= ($createrole) ? ' CREATEROLE' : ' NOCREATEROLE';
+		$sql .= ($super) ? ' SUPERUSER' : ' NOSUPERUSER';
+		$sql .= ($inherits) ? ' INHERIT' : ' NOINHERIT';
+		$sql .= ($login) ? ' LOGIN' : ' NOLOGIN';
+		if ($conn != '') $sql .= " CONNECTION LIMIT {$conn}";
+		if (is_array($roles) && sizeof($roles) > 0) $sql .= " IN ROLE \"" . join('", "', $roles) . "\"";
+		if ($expiry != '') $sql .= " VALID UNTIL '{$expiry}'";
+		
+		return $this->execute($sql);
+	}	
+	
+	/**
+	 * Adjusts a role's info
+	 * @param $rolename The rolename of the role to modify
+	 * @param $password A new password for the role
+	 * @param $createdb boolean Whether or not the role can create databases
+	 * @param $createrole boolean Whether or not the role can create other roles
+	 * @param $inherit Inherits privs from parent role or not.
+	 * @param $login Can login or not
+	 * @param $expiry string Format 'YYYY-MM-DD HH:MM:SS'.  '' means never expire.
+	 * @return 0 success
+	 */
+	function setRole($rolename, $password, $createdb, $createrole, $inherit, $login, $expiry) {
+		$enc = $this->_encryptPassword($rolename, $password);
+		$this->fieldClean($rolename);
+		$this->clean($expiry);
+		
+		$sql = "ALTER ROLE \"{$rolename}\"";
+		if ($password != '') $sql .= " WITH ENCRYPTED PASSWORD '{$enc}'";
+		$sql .= ($createdb) ? ' CREATEDB' : ' NOCREATEDB';
+		$sql .= ($createrole) ? ' CREATEROLE' : ' NOCREATEROLE';
+		$sql .= ($inherit) ? ' INHERIT' : ' NOINHERIT';
+		$sql .= ($login) ? ' LOGIN' : ' NOLOGIN';
+		if ($expiry != '') $sql .= " VALID UNTIL '{$expiry}'";
+		else $sql .= " VALID UNTIL 'infinity'";
+		
+		return $this->execute($sql);
+	}	
+
+	/**
+	 * Removes a role
+	 * @param $rolename The rolename of the role to drop
+	 * @return 0 success
+	 */
+	function dropRole($rolename) {
+		$this->fieldClean($rolename);
+
+		$sql = "DROP ROLE \"{$rolename}\"";
+		
+		return $this->execute($sql);
+	}
+
+	/**
+	 * Renames a user
+	 * @param $username The username of the user to rename
+	 * @param $newname The new name of the user
+	 * @return 0 success
+	 */
+	function renameUser($username, $newname){
+		$this->fieldClean($username);
+		$this->fieldClean($newname);
+
+		$sql = "ALTER USER \"{$username}\" RENAME TO \"{$newname}\"";
+
+		return $this->execute($sql);
+	}
+
 	/**
 	 * Returns all available process information.
 	 * @param $database (optional) Find only connections to specified database
@@ -121,9 +249,10 @@ class Postgres81 extends Postgres80 {
 		
 		return $this->selectSet($sql);
 	}
-
+	
 	// Capabilities
 	function hasServerAdminFuncs() { return true; }
+	function hasRoles() { return true; }
 	function hasAutovacuum() { return true; }
 }
 
diff --git a/help/PostgresDoc81.php b/help/PostgresDoc81.php
index bcd6d65e..8b1fa109 100644
--- a/help/PostgresDoc81.php
+++ b/help/PostgresDoc81.php
@@ -3,11 +3,16 @@
 /**
  * Help links for PostgreSQL 8.1 documentation
  *
- * $Id: PostgresDoc81.php,v 1.1 2005/03/15 02:44:11 chriskl Exp $
+ * $Id: PostgresDoc81.php,v 1.2 2006/04/21 03:31:26 chriskl Exp $
  */
 
 include('./help/PostgresDoc80.php');
 
 $this->help_base = sprintf($GLOBALS['conf']['help_base'], '8.1');
 
+$this->help_page['pg.role'] = 'user-manag.html';
+$this->help_page['pg.role.create'] = array('sql-createrole.html','user-manag.html#DATABASE-ROLES');
+$this->help_page['pg.role.alter'] = array('sql-alterrole.html','user-attributes.html');
+$this->help_page['pg.role.drop'] = array('sql-droprole.html','user-manag.html#DATABASE-ROLES');
+
 ?>
diff --git a/help/PostgresDoc82.php b/help/PostgresDoc82.php
index 44ef6f61..c06bfff2 100644
--- a/help/PostgresDoc82.php
+++ b/help/PostgresDoc82.php
@@ -3,11 +3,11 @@
 /**
  * Help links for PostgreSQL 8.2 documentation
  *
- * $Id: PostgresDoc82.php,v 1.1 2005/11/08 02:24:31 chriskl Exp $
+ * $Id: PostgresDoc82.php,v 1.2 2006/04/21 03:31:26 chriskl Exp $
  */
 
 include('./help/PostgresDoc81.php');
 
-$this->help_base = sprintf($GLOBALS['conf']['help_base'], '8.2');
+$this->help_base = sprintf($GLOBALS['conf']['help_base'], 'current');
 
 ?>
diff --git a/lang/english.php b/lang/english.php
index ea1a6444..4da8cf2d 100755
--- a/lang/english.php
+++ b/lang/english.php
@@ -4,7 +4,7 @@
 	 * English language file for phpPgAdmin.  Use this as a basis
 	 * for new translations.
 	 *
-	 * $Id: english.php,v 1.185 2006/03/17 21:14:31 xzilla Exp $
+	 * $Id: english.php,v 1.186 2006/04/21 03:31:26 chriskl Exp $
 	 */
 
 	// Language and character set
@@ -271,6 +271,18 @@
 	$lang['strmemberdropped'] = 'Member dropped.';
 	$lang['strmemberdroppedbad'] = 'Member drop failed.';
 
+	// Roles
+	$lang['strrole'] = 'Role';
+	$lang['strroles'] = 'Roles';
+	$lang['strinheritsprivs'] = 'Inherits Privileges?';
+	$lang['strcreaterole'] = 'Create Role';
+	$lang['strcatupdate'] = 'Modify Catalogs?';
+	$lang['strcanlogin'] = 'Can Login?';
+	$lang['strmaxconnections'] = 'Max Connections';
+	$lang['strconfdroprole'] = 'Are you sure you want to drop the role "%s"?';
+	$lang['strroledropped'] = 'User dropped.';
+	$lang['strroledroppedbad'] = 'Failed to drop role.';
+	
 	// Privileges
 	$lang['strprivilege'] = 'Privilege';
 	$lang['strprivileges'] = 'Privileges';
diff --git a/lang/recoded/english.php b/lang/recoded/english.php
index ead3b92d..c89da23f 100644
--- a/lang/recoded/english.php
+++ b/lang/recoded/english.php
@@ -4,7 +4,7 @@
 	 * English language file for phpPgAdmin.  Use this as a basis
 	 * for new translations.
 	 *
-	 * $Id: english.php,v 1.138 2006/03/17 21:14:31 xzilla Exp $
+	 * $Id: english.php,v 1.139 2006/04/21 03:31:26 chriskl Exp $
 	 */
 
 	// Language and character set
@@ -271,6 +271,18 @@
 	$lang['strmemberdropped'] = 'Member dropped.';
 	$lang['strmemberdroppedbad'] = 'Member drop failed.';
 
+	// Roles
+	$lang['strrole'] = 'Role';
+	$lang['strroles'] = 'Roles';
+	$lang['strinheritsprivs'] = 'Inherits Privileges?';
+	$lang['strcreaterole'] = 'Create Role';
+	$lang['strcatupdate'] = 'Modify Catalogs?';
+	$lang['strcanlogin'] = 'Can Login?';
+	$lang['strmaxconnections'] = 'Max Connections';
+	$lang['strconfdroprole'] = 'Are you sure you want to drop the role &quot;%s&quot;?';
+	$lang['strroledropped'] = 'User dropped.';
+	$lang['strroledroppedbad'] = 'Failed to drop role.';
+	
 	// Privileges
 	$lang['strprivilege'] = 'Privilege';
 	$lang['strprivileges'] = 'Privileges';