mirror of
https://github.com/vrana/adminer.git
synced 2025-08-07 15:16:44 +02:00
Add support for "where" field privilege
In Elasticsearch, only indexed fields are searchable.
This commit is contained in:
Peter Knut
Jakub Vrana
@@ -181,6 +181,7 @@ if (isset($_GET["mongo"])) {
|
|||||||
"insert" => 1,
|
"insert" => 1,
|
||||||
"select" => 1,
|
"select" => 1,
|
||||||
"update" => 1,
|
"update" => 1,
|
||||||
|
"where" => 1,
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -380,7 +380,7 @@ WHERE c.object_id = " . q($table_id)) as $row
|
|||||||
"null" => $row["is_nullable"],
|
"null" => $row["is_nullable"],
|
||||||
"auto_increment" => $row["is_identity"],
|
"auto_increment" => $row["is_identity"],
|
||||||
"collation" => $row["collation_name"],
|
"collation" => $row["collation_name"],
|
||||||
"privileges" => array("insert" => 1, "select" => 1, "update" => 1),
|
"privileges" => array("insert" => 1, "select" => 1, "update" => 1, "where" => 1),
|
||||||
"primary" => $row["is_primary_key"],
|
"primary" => $row["is_primary_key"],
|
||||||
"comment" => $comments[$row["name"]],
|
"comment" => $comments[$row["name"]],
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -613,7 +613,7 @@ if (!defined('Adminer\DRIVER')) {
|
|||||||
"auto_increment" => ($extra == "auto_increment"),
|
"auto_increment" => ($extra == "auto_increment"),
|
||||||
"on_update" => (preg_match('~\bon update (\w+)~i', $extra, $match) ? $match[1] : ""), //! available since MySQL 5.1.23
|
"on_update" => (preg_match('~\bon update (\w+)~i', $extra, $match) ? $match[1] : ""), //! available since MySQL 5.1.23
|
||||||
"collation" => $row["COLLATION_NAME"],
|
"collation" => $row["COLLATION_NAME"],
|
||||||
"privileges" => array_flip(explode(",", $row["PRIVILEGES"])),
|
"privileges" => array_flip(explode(",", "$row[PRIVILEGES],where")),
|
||||||
"comment" => $row["COLUMN_COMMENT"],
|
"comment" => $row["COLUMN_COMMENT"],
|
||||||
"primary" => ($row["COLUMN_KEY"] == "PRI"),
|
"primary" => ($row["COLUMN_KEY"] == "PRI"),
|
||||||
"generated" => ($generated[1] == "PERSISTENT" ? "STORED" : $generated[1]),
|
"generated" => ($generated[1] == "PERSISTENT" ? "STORED" : $generated[1]),
|
||||||
|
|||||||
@@ -334,7 +334,7 @@ ORDER BY 1") as $row
|
|||||||
"null" => ($row["NULLABLE"] == "Y"),
|
"null" => ($row["NULLABLE"] == "Y"),
|
||||||
//! "auto_increment" => false,
|
//! "auto_increment" => false,
|
||||||
//! "collation" => $row["CHARACTER_SET_NAME"],
|
//! "collation" => $row["CHARACTER_SET_NAME"],
|
||||||
"privileges" => array("insert" => 1, "select" => 1, "update" => 1),
|
"privileges" => array("insert" => 1, "select" => 1, "update" => 1, "where" => 1),
|
||||||
//! "comment" => $row["Comment"],
|
//! "comment" => $row["Comment"],
|
||||||
//! "primary" => ($row["Key"] == "PRI"),
|
//! "primary" => ($row["Key"] == "PRI"),
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -266,7 +266,7 @@ if (isset($_GET["sqlite"])) {
|
|||||||
"full_type" => $type,
|
"full_type" => $type,
|
||||||
"default" => (preg_match("~^'(.*)'$~", $default, $match) ? str_replace("''", "'", $match[1]) : ($default == "NULL" ? null : $default)),
|
"default" => (preg_match("~^'(.*)'$~", $default, $match) ? str_replace("''", "'", $match[1]) : ($default == "NULL" ? null : $default)),
|
||||||
"null" => !$row["notnull"],
|
"null" => !$row["notnull"],
|
||||||
"privileges" => array("select" => 1, "insert" => 1, "update" => 1),
|
"privileges" => array("select" => 1, "insert" => 1, "update" => 1, "where" => 1),
|
||||||
"primary" => $row["pk"],
|
"primary" => $row["pk"],
|
||||||
);
|
);
|
||||||
if ($row["pk"]) {
|
if ($row["pk"]) {
|
||||||
|
|||||||
@@ -571,7 +571,8 @@ class Adminer {
|
|||||||
$cols = array();
|
$cols = array();
|
||||||
foreach ($fields as $name => $field) {
|
foreach ($fields as $name => $field) {
|
||||||
if (
|
if (
|
||||||
(preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
|
isset($field["privileges"]["where"])
|
||||||
|
&& (preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
|
||||||
&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
|
&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
|
||||||
&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
|
&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
|
||||||
) {
|
) {
|
||||||
|
|||||||
@@ -1069,7 +1069,7 @@ function fields_from_edit() {
|
|||||||
$name = bracket_escape($key, 1); // 1 - back
|
$name = bracket_escape($key, 1); // 1 - back
|
||||||
$return[$name] = array(
|
$return[$name] = array(
|
||||||
"field" => $name,
|
"field" => $name,
|
||||||
"privileges" => array("insert" => 1, "update" => 1),
|
"privileges" => array("insert" => 1, "update" => 1, "where" => 1),
|
||||||
"null" => 1,
|
"null" => 1,
|
||||||
"auto_increment" => ($key == $driver->primary),
|
"auto_increment" => ($key == $driver->primary),
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ parse_str($_COOKIE["adminer_import"], $adminer_import);
|
|||||||
|
|
||||||
$rights = array(); // privilege => 0
|
$rights = array(); // privilege => 0
|
||||||
$columns = array(); // selectable columns
|
$columns = array(); // selectable columns
|
||||||
|
$search_columns = array(); // searchable columns
|
||||||
$text_length = null;
|
$text_length = null;
|
||||||
foreach ($fields as $key => $field) {
|
foreach ($fields as $key => $field) {
|
||||||
$name = $adminer->fieldName($field);
|
$name = $adminer->fieldName($field);
|
||||||
@@ -20,6 +21,9 @@ foreach ($fields as $key => $field) {
|
|||||||
$text_length = $adminer->selectLengthProcess();
|
$text_length = $adminer->selectLengthProcess();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (isset($field["privileges"]["where"]) && $name != "") {
|
||||||
|
$search_columns[$key] = html_entity_decode(strip_tags($name), ENT_QUOTES);
|
||||||
|
}
|
||||||
$rights += $field["privileges"];
|
$rights += $field["privileges"];
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -252,7 +256,7 @@ if (!$columns && support("table")) {
|
|||||||
echo '<input type="hidden" name="select" value="' . h($TABLE) . '">';
|
echo '<input type="hidden" name="select" value="' . h($TABLE) . '">';
|
||||||
echo "</div>\n";
|
echo "</div>\n";
|
||||||
$adminer->selectColumnsPrint($select, $columns);
|
$adminer->selectColumnsPrint($select, $columns);
|
||||||
$adminer->selectSearchPrint($where, $columns, $indexes);
|
$adminer->selectSearchPrint($where, $search_columns, $indexes);
|
||||||
$adminer->selectOrderPrint($order, $columns, $indexes);
|
$adminer->selectOrderPrint($order, $columns, $indexes);
|
||||||
$adminer->selectLimitPrint($limit);
|
$adminer->selectLimitPrint($limit);
|
||||||
$adminer->selectLengthPrint($text_length);
|
$adminer->selectLengthPrint($text_length);
|
||||||
@@ -343,7 +347,7 @@ if (!$columns && support("table")) {
|
|||||||
echo apply_sql_function($val["fun"], $name) . "</a>"; //! columns looking like functions
|
echo apply_sql_function($val["fun"], $name) . "</a>"; //! columns looking like functions
|
||||||
echo "<span class='column hidden'>";
|
echo "<span class='column hidden'>";
|
||||||
echo "<a href='" . h($href . $desc) . "' title='" . lang('descending') . "' class='text'> ↓</a>";
|
echo "<a href='" . h($href . $desc) . "' title='" . lang('descending') . "' class='text'> ↓</a>";
|
||||||
if (!$val["fun"]) {
|
if (!$val["fun"] && isset($field["privileges"]["where"])) {
|
||||||
echo '<a href="#fieldset-search" title="' . lang('Search') . '" class="text jsonly"> =</a>';
|
echo '<a href="#fieldset-search" title="' . lang('Search') . '" class="text jsonly"> =</a>';
|
||||||
echo script("qsl('a').onclick = partial(selectSearch, '" . js_escape($key) . "');");
|
echo script("qsl('a').onclick = partial(selectSearch, '" . js_escape($key) . "');");
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,12 +1,14 @@
|
|||||||
Adminer dev:
|
Adminer dev:
|
||||||
PostgreSQL: Fix setting NULL and original value on enum (bug #884)
|
PostgreSQL: Fix setting NULL and original value on enum (bug #884)
|
||||||
CockroachDB: Add support via PostgreSQL driver
|
CockroachDB: Add support via PostgreSQL driver
|
||||||
|
Elasticsearch: Add support for "where" field privilege
|
||||||
|
|
||||||
Adminer 5.0.1 (released 2025-03-07):
|
Adminer 5.0.1 (released 2025-03-07):
|
||||||
Fix bulk operations with tables (regression from 5.0.0)
|
Fix bulk operations with tables (regression from 5.0.0)
|
||||||
Remove duplicate columns from select (bug #670)
|
Remove duplicate columns from select (bug #670)
|
||||||
MariaDB: Fix link to status variable doc (bug #658)
|
MariaDB: Fix link to status variable doc (bug #658)
|
||||||
PostgreSQL: Support indexes on materialized views (PR #467)
|
PostgreSQL: Support indexes on materialized views (PR #467)
|
||||||
|
Elasticsearch: Drop support for version < 7
|
||||||
|
|
||||||
Adminer 5.0.0 (released 2025-03-07):
|
Adminer 5.0.0 (released 2025-03-07):
|
||||||
Speed up with disabled output buffering
|
Speed up with disabled output buffering
|
||||||
|
|||||||
@@ -340,7 +340,7 @@ if (isset($_GET["clickhouse"])) {
|
|||||||
"default" => trim($row['default_expression']),
|
"default" => trim($row['default_expression']),
|
||||||
"null" => $nullable,
|
"null" => $nullable,
|
||||||
"auto_increment" => '0',
|
"auto_increment" => '0',
|
||||||
"privileges" => array("insert" => 1, "select" => 1, "update" => 0),
|
"privileges" => array("insert" => 1, "select" => 1, "update" => 0, "where" => 1),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -471,11 +471,6 @@ if (isset($_GET["elastic"])) {
|
|||||||
);
|
);
|
||||||
|
|
||||||
foreach ($mappings as $name => $field) {
|
foreach ($mappings as $name => $field) {
|
||||||
$has_index = !isset($field["index"]) || $field["index"];
|
|
||||||
|
|
||||||
// TODO: privileges: where => $has_index
|
|
||||||
// TODO: privileges: sort => $field["type"] != "text"
|
|
||||||
|
|
||||||
$result[$name] = array(
|
$result[$name] = array(
|
||||||
"field" => $name,
|
"field" => $name,
|
||||||
"full_type" => $field["type"],
|
"full_type" => $field["type"],
|
||||||
|
|||||||
@@ -254,7 +254,7 @@ ORDER BY r.RDB$FIELD_POSITION';
|
|||||||
"null" => (trim($row["FIELD_NOT_NULL_CONSTRAINT"]) == "YES"),
|
"null" => (trim($row["FIELD_NOT_NULL_CONSTRAINT"]) == "YES"),
|
||||||
"auto_increment" => '0',
|
"auto_increment" => '0',
|
||||||
"collation" => trim($row["FIELD_COLLATION"]),
|
"collation" => trim($row["FIELD_COLLATION"]),
|
||||||
"privileges" => array("insert" => 1, "select" => 1, "update" => 1),
|
"privileges" => array("insert" => 1, "select" => 1, "update" => 1, "where" => 1),
|
||||||
"comment" => trim($row["FIELD_DESCRIPTION"]),
|
"comment" => trim($row["FIELD_DESCRIPTION"]),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
1
todo.txt
1
todo.txt
@@ -15,7 +15,6 @@ Skinnable plus.gif and other images - http://typo3.org/extensions/repository/vie
|
|||||||
|
|
||||||
https://github.com/vrana/adminer/compare/master...adminneo-org:adminneo:main
|
https://github.com/vrana/adminer/compare/master...adminneo-org:adminneo:main
|
||||||
Add drag-n-drop moving of rows in table editing
|
Add drag-n-drop moving of rows in table editing
|
||||||
Elasticsearch: Add support for "where" field privilege
|
|
||||||
Elasticsearch: Add support for "order" field privilege
|
Elasticsearch: Add support for "order" field privilege
|
||||||
Elasticsearch: New condition operators as the combination of query type and match type
|
Elasticsearch: New condition operators as the combination of query type and match type
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user