3
* TOra - An Oracle Toolkit for DBA's and developers
4
* Copyright (C) 2003-2005 Quest Software, Inc
5
* Portions Copyright (C) 2005 Other Contributors
7
* This program is free software; you can redistribute it and/or
8
* modify it under the terms of the GNU General Public License
9
* as published by the Free Software Foundation; only version 2 of
10
* the License is valid for this program.
12
* This program is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
* GNU General Public License for more details.
17
* You should have received a copy of the GNU General Public License
18
* along with this program; if not, write to the Free Software
19
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
21
* As a special exception, you have permission to link this program
22
* with the Oracle Client libraries and distribute executables, as long
23
* as you follow the requirements of the GNU GPL in regard to all of the
24
* software in the executable aside from Oracle client libraries.
26
* Specifically you are not permitted to link this program with the
27
* Qt/UNIX, Qt/Windows or Qt Non Commercial products of TrollTech.
28
* And you are not permitted to distribute binaries compiled against
29
* these libraries without written consent from Quest Software, Inc.
30
* Observe that this does not disallow linking to the Qt Free Edition.
32
* You may link this product with any GPL'd Qt library such as Qt/Free
34
* All trademarks belong to their respective owners.
40
#include "tochangeconnection.h"
42
#include "toconnection.h"
43
#include "tofilesize.h"
45
#include "tomemoeditor.h"
46
#include "toresultview.h"
47
#include "tosecurity.h"
52
# include <kmenubar.h>
55
#include <qcheckbox.h>
56
#include <qcombobox.h>
58
#include <qlineedit.h>
60
#include <qmessagebox.h>
61
#include <qpopupmenu.h>
62
#include <qradiobutton.h>
63
#include <qsplitter.h>
64
#include <qstringlist.h>
65
#include <qtabwidget.h>
67
#include <qtoolbutton.h>
68
#include <qvalidator.h>
69
#include <qworkspace.h>
71
#include "tosecurity.moc"
72
#include "tosecurityquotaui.moc"
73
#include "tosecurityroleui.moc"
74
#include "tosecurityuserui.moc"
76
#include "icons/addrole.xpm"
77
#include "icons/adduser.xpm"
78
#include "icons/commit.xpm"
79
#include "icons/copyuser.xpm"
80
#include "icons/refresh.xpm"
81
#include "icons/sql.xpm"
82
#include "icons/tosecurity.xpm"
83
#include "icons/trash.xpm"
85
static toSQL SQLUserInfo("toSecurity:UserInfo",
86
"SELECT Account_Status,\n"
90
" Default_Tablespace,\n"
91
" Temporary_Tablespace\n"
92
" FROM sys.DBA_Users\n"
93
" WHERE UserName = :f1<char[100]>",
94
"Get information about a user, must have same columns and same binds.");
96
static toSQL SQLUserInfo7("toSecurity:UserInfo",
101
" Default_Tablespace,\n"
102
" Temporary_Tablespace\n"
103
" FROM sys.DBA_Users\n"
104
" WHERE UserName = :f1<char[100]>",
108
static toSQL SQLRoleInfo("toSecurity:RoleInfo",
109
"SELECT Role,Password_required FROM sys.DBA_Roles WHERE Role = :f1<char[101]>",
110
"Get information about a role, must have same columns and same binds.");
112
static toSQL SQLProfiles("toSecurity:Profiles",
113
"SELECT DISTINCT Profile FROM sys.DBA_Profiles ORDER BY Profile",
114
"Get profiles available.");
116
static toSQL SQLTablespace("toSecurity:Tablespaces",
117
"SELECT DISTINCT Tablespace_Name FROM sys.DBA_Tablespaces"
118
" ORDER BY Tablespace_Name",
119
"Get tablespaces available.");
121
static toSQL SQLRoles("toSecurity:Roles",
122
"SELECT Role FROM sys.Dba_Roles ORDER BY Role",
123
"Get roles available in DB, should return one entry");
125
static toSQL SQLListSystem("toSecurity:ListSystemPrivs",
127
" FROM system_privilege_map a,\n"
128
" v$enabledprivs b\n"
129
" WHERE b.priv_number = a.privilege\n"
131
"Get name of available system privileges");
133
static toSQL SQLQuota("toSecurity:Quota",
134
"SELECT Tablespace_name,\n"
137
" FROM sys.DBA_TS_Quotas\n"
138
" WHERE Username = :f1<char[200]>\n"
139
" ORDER BY Tablespace_name",
140
"Get information about what quotas the user has, "
141
"must have same columns and same binds.");
143
static toSQL SQLSystemGrant("toSecurity:SystemGrant",
144
"SELECT privilege, NVL(admin_option,'NO') FROM sys.dba_sys_privs WHERE grantee = :f1<char[100]>",
145
"Get information about the system privileges a user has, should have same bindings and columns");
147
static toSQL SQLObjectPrivs("toSecurity:ObjectPrivs",
148
"SELECT DECODE(:type<char[100]>,'FUNCTION','EXECUTE',\n"
149
" 'LIBRARY','EXECUTE',\n"
150
" 'PACKAGE','EXECUTE',\n"
151
" 'PROCEDURE','EXECUTE',\n"
152
" 'SEQUENCE','ALTER,SELECT',\n"
153
" 'TABLE','ALTER,DELETE,INDEX,INSERT,REFERENCES,SELECT,UPDATE',\n"
154
" 'TYPE','EXECUTE',\n"
155
" 'VIEW','DELETE,SELECT,INSERT,UPDATE',\n"
156
" 'OPERATOR','EXECUTE',\n"
157
" 'DIRECTORY','READ',\n"
158
" NULL) FROM sys.DUAL",
159
"Takes a type as parameter and return ',' separated list of privileges");
161
static toSQL SQLObjectGrant("toSecurity:ObjectGrant",
166
" FROM sys.dba_tab_privs\n"
167
" WHERE grantee = :f1<char[100]>",
168
"Get the privilege on objects for a user or role, "
169
"must have same columns and binds");
171
static toSQL SQLRoleGrant("toSecurity:RoleGrant",
172
"SELECT granted_role,\n"
175
" FROM sys.dba_role_privs\n"
176
" WHERE grantee = :f1<char[100]>",
177
"Get the roles granted to a user or role, "
178
"must have same columns and binds");
180
class toSecurityTool : public toTool
183
virtual const char **pictureXPM(void)
185
return const_cast<const char**>(tosecurity_xpm);
189
: toTool(40, "Security Manager")
191
virtual const char *menuItem()
193
return "Security Manager";
195
virtual QWidget *toolWindow(QWidget *parent, toConnection &connection)
197
return new toSecurity(parent, connection);
201
static toSecurityTool SecurityTool;
203
class toSecurityQuota : public toSecurityQuotaUI
205
QListViewItem *CurrentItem;
206
void clearItem(QListViewItem *item);
207
virtual void changeTablespace(void);
208
virtual void changeSize(void);
210
toSecurityQuota(QWidget *parent);
211
void changeUser(const QString &);
217
void toSecurityQuota::changeSize(void)
221
if (Value->isChecked())
224
siz.sprintf("%.0f KB", double(Size->value()));
225
CurrentItem->setText(1, siz);
227
else if (None->isChecked())
229
CurrentItem->setText(1, qApp->translate("toSecurityQuota", "None"));
231
else if (Unlimited->isChecked())
233
CurrentItem->setText(1, qApp->translate("toSecurityQuota", "Unlimited"));
237
SizeGroup->setEnabled(false);
240
toSecurityQuota::toSecurityQuota(QWidget *parent)
241
: toSecurityQuotaUI(parent)
247
void toSecurityQuota::update(void)
249
Tablespaces->clear();
252
toQuery tablespaces(toCurrentConnection(this), SQLTablespace);
253
QListViewItem *item = NULL;
254
while (!tablespaces.eof())
256
item = new toResultViewItem(Tablespaces, item, tablespaces.readValue());
257
item->setText(1, qApp->translate("toSecurityQuota", "None"));
258
item->setText(3, qApp->translate("toSecurityQuota", "None"));
264
void toSecurityQuota::clearItem(QListViewItem *item)
266
item->setText(1, qApp->translate("toSecurityQuota", "None"));
267
item->setText(2, QString::null);
268
item->setText(3, qApp->translate("toSecurityQuota", "None"));
271
void toSecurityQuota::clear(void)
273
for (QListViewItem *item = Tablespaces->firstChild();item;item = item->nextSibling())
274
item->setText(3, qApp->translate("toSecurityQuota", "None"));
277
void toSecurityQuota::changeUser(const QString &user)
281
Disabled->hide(); // Do we really have to bother about this?
283
Tablespaces->clearSelection();
284
QListViewItem *item = Tablespaces->firstChild();
289
toQuery quota(toCurrentConnection(this), SQLQuota, user);
294
QString tbl(quota.readValue());
295
while (item && item->text(0) != tbl)
298
item = item->nextSibling();
300
usedQuota = quota.readValue().toDouble();
301
maxQuota = quota.readValue().toDouble();
306
usedStr.sprintf("%.0f KB", usedQuota / 1024);
308
maxStr = qApp->translate("toSecurityQuota", "Unlimited");
309
else if (maxQuota == 0)
310
maxStr = qApp->translate("toSecurityQuota", "None");
313
maxStr.sprintf("%.0f KB", maxQuota / 1024);
315
item->setText(1, maxStr);
316
item->setText(2, usedStr);
317
item->setText(3, maxStr);
318
item = item->nextSibling();
327
item = item->nextSibling();
329
SizeGroup->setEnabled(false);
333
void toSecurityQuota::changeTablespace(void)
335
CurrentItem = Tablespaces->selectedItem();
338
QString siz = CurrentItem->text(1);
339
if (siz == qApp->translate("toSecurityQuota", "None"))
340
None->setChecked(true);
341
else if (siz == qApp->translate("toSecurityQuota", "Unlimited"))
342
Unlimited->setChecked(true);
345
Value->setChecked(true);
346
Size->setValue(siz.toInt());
349
SizeGroup->setEnabled(true);
352
QString toSecurityQuota::sql(void)
355
for (QListViewItem *item = Tablespaces->firstChild();item;item = item->nextSibling())
357
if (item->text(1) != item->text(3))
359
QString siz = item->text(1);
360
if (siz.right(2) == QString::fromLatin1("KB"))
361
siz.truncate(siz.length() - 1);
362
else if (siz == qApp->translate("toSecurityQuota", "None"))
363
siz = QString::fromLatin1("0 K");
364
else if (siz == qApp->translate("toSecurityQuota", "Unlimited"))
365
siz = QString::fromLatin1("UNLIMITED");
366
ret += QString::fromLatin1(" QUOTA ");
368
ret += QString::fromLatin1(" ON ");
369
ret += item->text(0);
375
class toSecurityUpper : public QValidator
378
toSecurityUpper(QWidget *parent)
381
virtual State validate(QString &str, int &) const
388
class toSecurityUser : public toSecurityUserUI
390
toConnection &Connection;
392
toSecurityQuota *Quota;
407
toSecurityUser(toSecurityQuota *quota, toConnection &conn, QWidget *parent);
408
void clear(bool all = true);
409
void changeUser(const QString &);
417
QString toSecurityUser::sql(void)
420
if (Authentication->currentPage() == PasswordTab)
422
if (Password->text() != Password2->text())
424
switch (TOMessageBox::warning(this,
425
qApp->translate("toSecurityUser", "Passwords don't match"),
426
qApp->translate("toSecurityUser", "The two versions of the password doesn't match"),
427
qApp->translate("toSecurityUser", "Don't save"),
428
qApp->translate("toSecurityUser", "Cancel")))
431
return QString::null;
433
throw qApp->translate("toSecurityUser", "Passwords don't match");
436
if (Password->text() != OrgPassword)
438
extra = QString::fromLatin1(" IDENTIFIED BY \"");
439
extra += Password->text();
440
extra += QString::fromLatin1("\"");
442
if (OrgExpired != ExpirePassword->isChecked())
444
if (ExpirePassword->isChecked())
445
extra += QString::fromLatin1(" PASSWORD EXPIRE");
448
else if (Authentication->currentPage() == GlobalTab)
450
if (OrgGlobal != GlobalName->text())
452
extra = QString::fromLatin1(" IDENTIFIED GLOBALLY AS '");
453
extra += GlobalName->text();
454
extra += QString::fromLatin1("'");
457
else if ((AuthType != external) && (Authentication->currentPage() == ExternalTab))
458
extra = QString::fromLatin1(" IDENTIFIED EXTERNALLY");
460
if (OrgProfile != Profile->currentText())
462
extra += QString::fromLatin1(" PROFILE \"");
463
extra += Profile->currentText();
464
extra += QString::fromLatin1("\"");
466
if (OrgDefault != DefaultSpace->currentText())
468
extra += QString::fromLatin1(" DEFAULT TABLESPACE \"");
469
extra += DefaultSpace->currentText();
470
extra += QString::fromLatin1("\"");
472
if (OrgTemp != TempSpace->currentText())
474
extra += QString::fromLatin1(" TEMPORARY TABLESPACE \"");
475
extra += TempSpace->currentText();
476
extra += QString::fromLatin1("\"");
478
if (OrgLocked != Locked->isChecked())
480
extra += QString::fromLatin1(" ACCOUNT ");
481
if (Locked->isChecked())
482
extra += QString::fromLatin1("LOCK");
484
extra += QString::fromLatin1("UNLOCK");
486
extra += Quota->sql();
489
if (Name->isEnabled())
491
if (Name->text().isEmpty())
492
return QString::null;
493
sql = QString::fromLatin1("CREATE ");
498
return QString::null;
499
sql = QString::fromLatin1("ALTER ");
501
sql += QString::fromLatin1("USER \"");
503
sql += QString::fromLatin1("\"");
508
toSecurityUser::toSecurityUser(toSecurityQuota *quota, toConnection &conn, QWidget *parent)
509
: toSecurityUserUI(parent), Connection(conn), Quota(quota)
511
Name->setValidator(new toSecurityUpper(Name));
515
toQuery profiles(Connection, SQLProfiles);
516
while (!profiles.eof())
517
Profile->insertItem(profiles.readValue());
519
toQuery tablespaces(Connection,
521
while (!tablespaces.eof())
523
QString buf = tablespaces.readValue();
524
DefaultSpace->insertItem(buf);
525
TempSpace->insertItem(buf);
531
void toSecurityUser::clear(bool all)
533
Name->setText(QString::null);
534
Password->setText(QString::null);
535
Password2->setText(QString::null);
536
GlobalName->setText(QString::null);
539
Profile->setCurrentItem(0);
540
Authentication->showPage(PasswordTab);
541
ExpirePassword->setChecked(false);
542
ExpirePassword->setEnabled(true);
543
TempSpace->setCurrentItem(0);
544
DefaultSpace->setCurrentItem(0);
545
Locked->setChecked(false);
548
OrgProfile = OrgDefault = OrgTemp = OrgGlobal = QString::null;
550
Name->setEnabled(true);
551
OrgLocked = OrgExpired = false;
554
void toSecurityUser::changeUser(const QString &user)
559
toQuery query(Connection, SQLUserInfo, user);
562
Name->setEnabled(false);
565
QString str(query.readValue());
566
if (str.startsWith(QString::fromLatin1("EXPIRED")))
568
ExpirePassword->setChecked(true);
569
ExpirePassword->setEnabled(false);
572
else if (str.startsWith(QString::fromLatin1("LOCKED")))
574
Locked->setChecked(true);
578
OrgPassword = query.readValue();
579
QString pass = query.readValue();
580
if (OrgPassword == QString::fromLatin1("GLOBAL"))
582
OrgPassword = QString::null;
583
Authentication->showPage(GlobalTab);
585
GlobalName->setText(OrgGlobal);
588
else if (OrgPassword == QString::fromLatin1("EXTERNAL"))
590
OrgPassword = QString::null;
591
Authentication->showPage(ExternalTab);
596
Password->setText(OrgPassword);
597
Password2->setText(OrgPassword);
602
str = query.readValue();
603
for (int i = 0;i < Profile->count();i++)
605
if (Profile->text(i) == str)
607
Profile->setCurrentItem(i);
615
str = query.readValue();
616
for (int i = 0;i < DefaultSpace->count();i++)
618
if (DefaultSpace->text(i) == str)
620
DefaultSpace->setCurrentItem(i);
628
str = query.readValue();
629
for (int i = 0;i < TempSpace->count();i++)
631
if (TempSpace->text(i) == str)
633
TempSpace->setCurrentItem(i);
644
class toSecurityRole : public toSecurityRoleUI
646
toConnection &Connection;
647
toSecurityQuota *Quota;
655
toSecurityRole(toSecurityQuota *quota, toConnection &conn, QWidget *parent)
656
: toSecurityRoleUI(parent), Connection(conn), Quota(quota)
658
Name->setValidator(new toSecurityUpper(Name));
662
void changeRole(const QString &);
670
QString toSecurityRole::sql(void)
673
if (Authentication->currentPage() == PasswordTab)
675
if (Password->text() != Password2->text())
677
switch (TOMessageBox::warning(this,
678
qApp->translate("toSecurityRole", "Passwords don't match"),
679
qApp->translate("toSecurityRole", "The two versions of the password doesn't match"),
680
qApp->translate("toSecurityRole", "Don't save"),
681
qApp->translate("toSecurityRole", "Cancel")))
684
return QString::null;
686
throw qApp->translate("toSecurityRole", "Passwords don't match");
689
if (Password->text().length() > 0)
691
extra = QString::fromLatin1(" IDENTIFIED BY \"");
692
extra += Password->text();
693
extra += QString::fromLatin1("\"");
696
else if ((AuthType != global) && (Authentication->currentPage() == GlobalTab))
697
extra = QString::fromLatin1(" IDENTIFIED GLOBALLY");
698
else if ((AuthType != external) && (Authentication->currentPage() == ExternalTab))
699
extra = QString::fromLatin1(" IDENTIFIED EXTERNALLY");
700
else if ((AuthType != none) && (Authentication->currentPage() == NoneTab))
701
extra = QString::fromLatin1(" NOT IDENTIFIED");
702
extra += Quota->sql();
704
if (Name->isEnabled())
706
if (Name->text().isEmpty())
707
return QString::null;
708
sql = QString::fromLatin1("CREATE ");
713
return QString::null;
714
sql = QString::fromLatin1("ALTER ");
716
sql += QString::fromLatin1("ROLE \"");
718
sql += QString::fromLatin1("\"");
723
void toSecurityRole::clear(void)
725
Name->setText(QString::null);
726
Name->setEnabled(true);
729
void toSecurityRole::changeRole(const QString &role)
733
toQuery query(Connection, SQLRoleInfo, role);
734
Password->setText(QString::null);
735
Password2->setText(QString::null);
739
Name->setEnabled(false);
741
QString str(query.readValue());
742
if (str == QString::fromLatin1("YES"))
745
Authentication->showPage(PasswordTab);
747
else if (str == QString::fromLatin1("GLOBAL"))
750
Authentication->showPage(GlobalTab);
752
else if (str == QString::fromLatin1("EXTERNAL"))
755
Authentication->showPage(ExternalTab);
760
Authentication->showPage(NoneTab);
765
Name->setText(QString::null);
766
Name->setEnabled(true);
768
Authentication->showPage(NoneTab);
774
class toSecurityPage : public QVBox
776
toSecurityRole *Role;
777
toSecurityUser *User;
779
toSecurityPage(toSecurityQuota *quota, toConnection &conn, QWidget *parent)
782
Role = new toSecurityRole(quota, conn, this);
784
User = new toSecurityUser(quota, conn, this);
787
void changePage(const QString &nam, bool user)
793
User->changeUser(nam);
800
Role->changeRole(nam);
806
if (User->isHidden())
813
if (User->isHidden())
820
if (User->isHidden())
826
if (User->isHidden())
833
toSecurityObject::toSecurityObject(QWidget *parent)
836
addColumn(tr("Object"));
837
setRootIsDecorated(true);
840
connect(this, SIGNAL(clicked(QListViewItem *)), this, SLOT(changed(QListViewItem *)));
844
void toSecurityObject::update(void)
852
std::list<toConnection::objectName> &objectList = toCurrentConnection(this).objects(true);
853
std::map<QString, QStringList> TypeOptions;
854
toQuery typelst(toCurrentConnection(this));
855
QListViewItem *typeItem = NULL;
856
QListViewItem *ownerItem = NULL;
857
QListViewItem *nameItem = NULL;
859
for (std::list<toConnection::objectName>::iterator i = objectList.begin();i != objectList.end();i++)
861
QString type = (*i).Type;
862
QString owner = (*i).Owner;
863
QString name = (*i).Name;
866
oType = oName = QString::null;
867
typeItem = nameItem = NULL;
869
ownerItem = new toResultViewItem(this, ownerItem, owner);
873
oName = QString::null;
876
if (TypeOptions.find(type) == TypeOptions.end())
879
toPush(args, toQValue(type));
880
typelst.execute(SQLObjectPrivs, args);
881
Options = QStringList::split(QString::fromLatin1(","), typelst.readValue());
882
TypeOptions[type] = Options;
885
Options = TypeOptions[type];
887
if (Options.count() > 0)
889
for (typeItem = ownerItem->firstChild();typeItem;typeItem = typeItem->nextSibling())
891
if (typeItem->text(0) == type)
895
typeItem = new toResultViewItem(ownerItem, typeItem, type);
898
if (Options.count() > 0)
900
nameItem = new toResultViewItem(typeItem, nameItem, name);
901
for (QStringList::Iterator i = Options.begin();i != Options.end();i++)
903
QListViewItem *item = new toResultViewCheck(nameItem, *i, QCheckListItem::CheckBox);
904
item->setText(2, name);
905
item->setText(3, owner);
906
new toResultViewCheck(item, tr("Admin"), QCheckListItem::CheckBox);
914
void toSecurityObject::eraseUser(bool all)
916
QListViewItem *next = NULL;
917
for (QListViewItem *item = firstChild();item;item = next)
919
toResultViewCheck * chk = dynamic_cast<toResultViewCheck *>(item);
924
chk->setText(1, QString::null);
927
item->setOpen(false);
928
if (item->firstChild())
929
next = item->firstChild();
930
else if (item->nextSibling())
931
next = item->nextSibling();
937
next = next->parent();
939
while (next && !next->nextSibling());
941
next = next->nextSibling();
946
void toSecurityObject::changeUser(const QString &user)
952
std::map<QString, std::map<QString, std::map<QString, QString> > > privs;
953
toQuery grant(toCurrentConnection(this), SQLObjectGrant, user);
955
QString admstr = "ADMIN";
956
QString normalstr = "normal";
959
QString owner(grant.readValue());
960
QString object(grant.readValue());
961
QString priv(grant.readValue());
962
QString admin(grant.readValue());
964
((privs[owner])[object])[priv] = (admin == yes ? admstr : normalstr);
967
for (QListViewItem *ownerItem = firstChild();ownerItem;ownerItem = ownerItem->nextSibling())
969
for (QListViewItem * tmpitem = ownerItem->firstChild();tmpitem;tmpitem = tmpitem->nextSibling())
971
for (QListViewItem * object = tmpitem->firstChild();object;object = object->nextSibling())
973
for (QListViewItem * type = object->firstChild();type;type = type->nextSibling())
975
QString t = ((privs[ownerItem->text(0)])[object->text(0)])[type->text(0)];
978
toResultViewCheck *chk = dynamic_cast<toResultViewCheck *>(type);
981
chk->setText(1, tr("ON"));
985
toResultViewCheck *chld = dynamic_cast<toResultViewCheck *>(type->firstChild());
988
chld->setText(1, tr("ON"));
996
for (QListViewItem *par = chk->parent();par;par = par->parent())
1007
void toSecurityObject::sql(const QString &user, std::list<QString> &sqlLst)
1009
QListViewItem *next = NULL;
1010
for (QListViewItem *item = firstChild();item;item = next)
1012
toResultViewCheck * check = dynamic_cast<toResultViewCheck *>(item);
1013
toResultViewCheck *chld = dynamic_cast<toResultViewCheck *>(item->firstChild());
1017
QString what = item->text(0);
1018
what += QString::fromLatin1(" ON \"");
1019
what += item->text(3);
1020
what += QString::fromLatin1("\".\"");
1021
what += item->text(2);
1022
what += QString::fromLatin1("\" ");
1023
if (chld && chld->isOn() && chld->text(1).isEmpty())
1025
sql = QString::fromLatin1("GRANT ");
1027
sql += QString::fromLatin1("TO \"");
1029
sql += QString::fromLatin1("\" WITH GRANT OPTION");
1030
sqlLst.insert(sqlLst.end(), sql);
1032
else if (check->isOn() && !item->text(1).isEmpty())
1034
if (chld && !chld->isOn() && !chld->text(1).isEmpty())
1036
sql = QString::fromLatin1("REVOKE ");
1038
sql += QString::fromLatin1("FROM \"");
1040
sql += QString::fromLatin1("\"");
1041
sqlLst.insert(sqlLst.end(), sql);
1043
sql = QString::fromLatin1("GRANT ");
1045
sql += QString::fromLatin1("TO \"");
1047
sql += QString::fromLatin1("\"");
1048
sqlLst.insert(sqlLst.end(), sql);
1051
else if (check->isOn() && item->text(1).isEmpty())
1053
sql = QString::fromLatin1("GRANT ");
1055
sql += QString::fromLatin1("TO \"");
1057
sql += QString::fromLatin1("\"");
1058
sqlLst.insert(sqlLst.end(), sql);
1060
else if (!check->isOn() && !item->text(1).isEmpty())
1062
sql = QString::fromLatin1("REVOKE ");
1064
sql += QString::fromLatin1("FROM \"");
1066
sql += QString::fromLatin1("\"");
1067
sqlLst.insert(sqlLst.end(), sql);
1070
if (!check && item->firstChild())
1071
next = item->firstChild();
1072
else if (item->nextSibling())
1073
next = item->nextSibling();
1079
next = next->parent();
1081
while (next && !next->nextSibling());
1083
next = next->nextSibling();
1088
void toSecurityObject::changed(QListViewItem *org)
1090
toResultViewCheck *item = dynamic_cast<toResultViewCheck *>(org);
1095
item = dynamic_cast<toResultViewCheck *>(item->parent());
1101
item = dynamic_cast<toResultViewCheck *>(item->firstChild());
1108
toSecuritySystem::toSecuritySystem(QWidget *parent)
1109
: toListView(parent)
1111
addColumn(tr("Privilege name"));
1112
setRootIsDecorated(true);
1115
connect(this, SIGNAL(clicked(QListViewItem *)), this, SLOT(changed(QListViewItem *)));
1118
void toSecuritySystem::update(void)
1123
toQuery priv(toCurrentConnection(this), SQLListSystem);
1126
toResultViewCheck *item = new toResultViewCheck(this, priv.readValue(),
1127
QCheckListItem::CheckBox);
1128
new toResultViewCheck(item, tr("Admin"), QCheckListItem::CheckBox);
1134
void toSecuritySystem::sql(const QString &user, std::list<QString> &sqlLst)
1136
for (QListViewItem *item = firstChild();item;item = item->nextSibling())
1139
toResultViewCheck *check = dynamic_cast<toResultViewCheck *>(item);
1140
toResultViewCheck *chld = dynamic_cast<toResultViewCheck *>(item->firstChild());
1141
if (chld && chld->isOn() && chld->text(1).isEmpty())
1143
sql = QString::fromLatin1("GRANT ");
1144
sql += item->text(0);
1145
sql += QString::fromLatin1(" TO \"");
1147
sql += QString::fromLatin1("\" WITH ADMIN OPTION");
1148
sqlLst.insert(sqlLst.end(), sql);
1150
else if (check->isOn() && !item->text(1).isEmpty())
1152
if (chld && !chld->isOn() && !chld->text(1).isEmpty())
1154
sql = QString::fromLatin1("REVOKE ");
1155
sql += item->text(0);
1156
sql += QString::fromLatin1(" FROM \"");
1158
sql += QString::fromLatin1("\"");
1159
sqlLst.insert(sqlLst.end(), sql);
1161
sql = QString::fromLatin1("GRANT ");
1162
sql += item->text(0);
1163
sql += QString::fromLatin1(" TO \"");
1165
sql += QString::fromLatin1("\"");
1166
sqlLst.insert(sqlLst.end(), sql);
1169
else if (check->isOn() && item->text(1).isEmpty())
1171
sql = QString::fromLatin1("GRANT ");
1172
sql += item->text(0);
1173
sql += QString::fromLatin1(" TO \"");
1175
sql += QString::fromLatin1("\"");
1176
sqlLst.insert(sqlLst.end(), sql);
1178
else if (!check->isOn() && !item->text(1).isEmpty())
1180
sql = QString::fromLatin1("REVOKE ");
1181
sql += item->text(0);
1182
sql += QString::fromLatin1(" FROM \"");
1184
sql += QString::fromLatin1("\"");
1185
sqlLst.insert(sqlLst.end(), sql);
1190
void toSecuritySystem::changed(QListViewItem *org)
1192
toResultViewCheck *item = dynamic_cast<toResultViewCheck *>(org);
1197
item = dynamic_cast<toResultViewCheck *>(item->parent());
1203
item = dynamic_cast<toResultViewCheck *>(item->firstChild());
1210
void toSecuritySystem::eraseUser(bool all)
1212
for (QListViewItem *item = firstChild();item;item = item->nextSibling())
1214
toResultViewCheck * chk = dynamic_cast<toResultViewCheck *>(item);
1217
item->setText(1, QString::null);
1218
for (QListViewItem *chld = item->firstChild();chld;chld = chld->nextSibling())
1220
chld->setText(1, QString::null);
1221
toResultViewCheck *chk = dynamic_cast<toResultViewCheck *>(chld);
1228
void toSecuritySystem::changeUser(const QString &user)
1233
toQuery query(toCurrentConnection(this), SQLSystemGrant, user);
1234
while (!query.eof())
1236
QString str = query.readValue();
1237
QString admin = query.readValue();
1238
for (QListViewItem *item = firstChild();item;item = item->nextSibling())
1240
if (item->text(0) == str)
1242
toResultViewCheck * chk = dynamic_cast<toResultViewCheck *>(item);
1245
item->setText(1, tr("ON"));
1246
if (admin != tr("NO") && item->firstChild())
1248
chk = dynamic_cast<toResultViewCheck *>(item->firstChild());
1252
chk->parent()->setOpen(true);
1253
item->firstChild()->setText(1, tr("ON"));
1263
toSecurityRoleGrant::toSecurityRoleGrant(QWidget *parent)
1264
: toListView(parent)
1266
addColumn(tr("Role name"));
1267
setRootIsDecorated(true);
1270
connect(this, SIGNAL(clicked(QListViewItem *)), this, SLOT(changed(QListViewItem *)));
1273
void toSecurityRoleGrant::update(void)
1278
toQuery priv(toCurrentConnection(this), SQLRoles);
1281
toResultViewCheck *item = new toResultViewCheck(this, priv.readValue(), QCheckListItem::CheckBox);
1282
new toResultViewCheck(item, tr("Admin"), QCheckListItem::CheckBox);
1283
new toResultViewCheck(item, tr("Default"), QCheckListItem::CheckBox);
1289
QCheckListItem *toSecurityRoleGrant::findChild(QListViewItem *parent, const QString &name)
1291
for (QListViewItem *item = parent->firstChild();item;item = item->nextSibling())
1293
if (item->text(0) == name)
1295
toResultViewCheck * ret = dynamic_cast<toResultViewCheck *>(item);
1296
if (ret->isEnabled())
1305
void toSecurityRoleGrant::sql(const QString &user, std::list<QString> &sqlLst)
1311
for (QListViewItem *item = firstChild();item;item = item->nextSibling())
1313
toResultViewCheck * check = dynamic_cast<toResultViewCheck *>(item);
1314
QCheckListItem *chld = findChild(item, tr("Admin"));
1315
QCheckListItem *def = findChild(item, tr("Default"));
1318
if (!def->isOn() && check->isOn())
1320
if (!except.isEmpty())
1321
except += QString::fromLatin1(",\"");
1323
except += QString::fromLatin1(" EXCEPT \"");
1324
except += item->text(0);
1325
except += QString::fromLatin1("\"");
1327
else if (check->isOn() && def->isOn())
1329
if (def->isOn() == def->text(1).isEmpty())
1332
if (chld && chld->isOn() && chld->text(1).isEmpty())
1334
if (check->isOn() && !item->text(1).isEmpty())
1336
sql = QString::fromLatin1("REVOKE \"");
1337
sql += item->text(0);
1338
sql += QString::fromLatin1("\" FROM \"");
1340
sql += QString::fromLatin1("\"");
1341
sqlLst.insert(sqlLst.end(), sql);
1343
sql = QString::fromLatin1("GRANT \"");
1344
sql += item->text(0);
1345
sql += QString::fromLatin1("\" TO \"");
1347
sql += QString::fromLatin1("\" WITH ADMIN OPTION");
1348
sqlLst.insert(sqlLst.end(), sql);
1351
else if (check->isOn() && !item->text(1).isEmpty())
1353
if (chld && !chld->isOn() && !chld->text(1).isEmpty())
1355
sql = QString::fromLatin1("REVOKE \"");
1356
sql += item->text(0);
1357
sql += QString::fromLatin1("\" FROM \"");
1359
sql += QString::fromLatin1("\"");
1360
sqlLst.insert(sqlLst.end(), sql);
1362
sql = QString::fromLatin1("GRANT \"");
1363
sql += item->text(0);
1364
sql += QString::fromLatin1("\" TO \"");
1366
sql += QString::fromLatin1("\"");
1367
sqlLst.insert(sqlLst.end(), sql);
1371
else if (check->isOn() && item->text(1).isEmpty())
1373
sql = QString::fromLatin1("GRANT \"");
1374
sql += item->text(0);
1375
sql += QString::fromLatin1("\" TO \"");
1377
sql += QString::fromLatin1("\"");
1378
sqlLst.insert(sqlLst.end(), sql);
1381
else if (!check->isOn() && !item->text(1).isEmpty())
1383
sql = QString::fromLatin1("REVOKE \"");
1384
sql += item->text(0);
1385
sql += QString::fromLatin1("\" FROM \"");
1387
sql += QString::fromLatin1("\"");
1388
sqlLst.insert(sqlLst.end(), sql);
1394
sql = QString::fromLatin1("ALTER USER \"");
1396
sql += QString::fromLatin1("\" DEFAULT ROLE ");
1399
sql += QString::fromLatin1("ALL");
1403
sql += QString::fromLatin1("NONE");
1404
sqlLst.insert(sqlLst.end(), sql);
1408
void toSecurityRoleGrant::changed(QListViewItem *org)
1410
toResultViewCheck *item = dynamic_cast<toResultViewCheck *>(org);
1415
QCheckListItem *chld = findChild(item, tr("Default"));
1418
item = dynamic_cast<toResultViewCheck *>(item->parent());
1424
for (QListViewItem *item = firstChild();item;item = item->nextSibling())
1426
toResultViewCheck * chk = dynamic_cast<toResultViewCheck *>(item->firstChild());
1434
void toSecurityRoleGrant::eraseUser(bool user, bool all)
1436
for (QListViewItem *item = firstChild();item;item = item->nextSibling())
1438
toResultViewCheck * chk = dynamic_cast<toResultViewCheck *>(item);
1441
item->setText(1, QString::null);
1442
for (QListViewItem *chld = item->firstChild();chld;chld = chld->nextSibling())
1444
chld->setText(1, QString::null);
1445
toResultViewCheck *chk = dynamic_cast<toResultViewCheck *>(chld);
1451
if (chk->text(0) == tr("Default"))
1452
chk->setEnabled(user);
1459
void toSecurityRoleGrant::changeUser(bool user, const QString &username)
1464
toQuery query(toCurrentConnection(this), SQLRoleGrant, username);
1465
while (!query.eof())
1467
QString str = query.readValue();
1468
QString admin = query.readValue();
1469
QString def = query.readValue();
1470
for (QListViewItem *item = firstChild();item;item = item->nextSibling())
1472
if (item->text(0) == str)
1474
QCheckListItem * chk = dynamic_cast<toResultViewCheck *>(item);
1477
item->setText(1, tr("ON"));
1478
chk = findChild(item, tr("Admin"));
1479
if (admin == tr("YES") && chk)
1482
chk->setText(1, tr("ON"));
1484
chk->parent()->setOpen(true);
1486
chk = findChild(item, tr("Default"));
1487
if (def == tr("YES") && chk)
1490
chk->setText(1, tr("ON"));
1492
chk->parent()->setOpen(true);
1502
toSecurity::toSecurity(QWidget *main, toConnection &connection)
1503
: toToolWidget(SecurityTool, "security.html", main, connection)
1507
QToolBar *toolbar = toAllocBar(this, tr("Security manager"));
1508
toolbar->setSizePolicy(QSizePolicy(QSizePolicy::Expanding, QSizePolicy::Fixed));
1510
new QToolButton(QPixmap(const_cast<const char**>(refresh_xpm)),
1511
tr("Update user and role list"),
1512
tr("Update user and role list"),
1513
this, SLOT(refresh(void)),
1515
toolbar->addSeparator();
1516
new QToolButton(QPixmap(const_cast<const char**>(commit_xpm)),
1519
this, SLOT(saveChanges(void)),
1521
DropButton = new QToolButton(QPixmap(const_cast<const char**>(trash_xpm)),
1522
tr("Remove user/role"),
1523
tr("Remove user/role"),
1524
this, SLOT(drop(void)),
1526
DropButton->setEnabled(false);
1527
toolbar->addSeparator();
1528
new QToolButton(QPixmap(const_cast<const char**>(adduser_xpm)),
1531
this, SLOT(addUser(void)),
1533
new QToolButton(QPixmap(const_cast<const char**>(addrole_xpm)),
1536
this, SLOT(addRole(void)),
1538
CopyButton = new QToolButton(QPixmap(const_cast<const char**>(copyuser_xpm)),
1539
tr("Copy current user or role"),
1540
tr("Copy current user or role"),
1541
this, SLOT(copy(void)),
1543
CopyButton->setEnabled(false);
1544
toolbar->addSeparator();
1545
new QToolButton(QPixmap(const_cast<const char**>(sql_xpm)),
1546
tr("Display SQL needed to make current changes"),
1547
tr("Display SQL needed to make current changes"),
1548
this, SLOT(displaySQL(void)),
1550
toolbar->setStretchableWidget(new QLabel(toolbar, TO_KDE_TOOLBAR_WIDGET));
1551
new toChangeConnection(toolbar, TO_KDE_TOOLBAR_WIDGET);
1553
QSplitter *splitter = new QSplitter(Horizontal, this);
1554
UserList = new toListView(splitter);
1555
UserList->addColumn(tr("Users/Roles"));
1556
UserList->setSQLName(QString::fromLatin1("toSecurity:Users/Roles"));
1557
UserList->setRootIsDecorated(true);
1558
UserList->setSelectionMode(QListView::Single);
1559
Tabs = new QTabWidget(splitter);
1560
Quota = new toSecurityQuota(Tabs);
1561
General = new toSecurityPage(Quota, connection, Tabs);
1562
Tabs->addTab(General, tr("&General"));
1563
RoleGrant = new toSecurityRoleGrant(Tabs);
1564
Tabs->addTab(RoleGrant, tr("&Roles"));
1565
SystemGrant = new toSecuritySystem(Tabs);
1566
Tabs->addTab(SystemGrant, tr("&System Privileges"));
1567
ObjectGrant = new toSecurityObject(Tabs);
1568
Tabs->addTab(ObjectGrant, tr("&Object Privileges"));
1569
Tabs->addTab(Quota, tr("&Quota"));
1570
UserList->setSelectionMode(QListView::Single);
1571
connect(UserList, SIGNAL(selectionChanged(QListViewItem *)),
1572
this, SLOT(changeUser(QListViewItem *)));
1574
connect(toMainWidget()->workspace(), SIGNAL(windowActivated(QWidget *)),
1575
this, SLOT(windowActivated(QWidget *)));
1577
connect(this, SIGNAL(connectionChange()),
1578
this, SLOT(refresh()));
1579
setFocusProxy(Tabs);
1582
#define TO_ID_COPY (toMain::TO_TOOL_MENU_ID+ 0)
1583
#define TO_ID_DROP (toMain::TO_TOOL_MENU_ID+ 1)
1585
void toSecurity::windowActivated(QWidget *widget)
1591
ToolMenu = new QPopupMenu(this);
1592
ToolMenu->insertItem(QPixmap(const_cast<const char**>(refresh_xpm)), tr("&Refresh"),
1593
this, SLOT(refresh(void)),
1594
toKeySequence(tr("F5", "Security|Refresh")));
1595
ToolMenu->insertSeparator();
1596
ToolMenu->insertItem(QPixmap(const_cast<const char**>(commit_xpm)), tr("&Save changes"),
1597
this, SLOT(saveChanges()),
1598
toKeySequence(tr("Ctrl+Return", "Security|Save changes")));
1599
ToolMenu->insertItem(QPixmap(const_cast<const char**>(trash_xpm)), tr("&Remove user/role"),
1600
this, SLOT(drop()), 0, TO_ID_DROP);
1601
ToolMenu->insertSeparator();
1602
ToolMenu->insertItem(QPixmap(const_cast<const char**>(adduser_xpm)), tr("Add &user"),
1603
this, SLOT(addUser()),
1604
toKeySequence(tr("Ctrl+Shift+U", "Security|Add user")));
1605
ToolMenu->insertItem(QPixmap(const_cast<const char**>(addrole_xpm)), tr("Add &role"),
1606
this, SLOT(addRole()),
1607
toKeySequence(tr("Ctrl+Shift+R", "Security|Add role")));
1608
ToolMenu->insertItem(QPixmap(const_cast<const char**>(copyuser_xpm)), tr("&Copy current"),
1610
toKeySequence(tr("Ctrl+Shift+O", "Security|Copy current")), TO_ID_COPY);
1611
ToolMenu->insertSeparator();
1612
ToolMenu->insertItem(QPixmap(const_cast<const char**>(sql_xpm)), tr("Display SQL..."),
1613
this, SLOT(displaySQL()),
1614
toKeySequence(tr("F4", "Security|Display SQL")));
1615
toMainWidget()->menuBar()->insertItem(tr("&Security"), ToolMenu, -1, toToolMenuIndex());
1616
ToolMenu->setItemEnabled(TO_ID_DROP, DropButton->isEnabled());
1617
ToolMenu->setItemEnabled(TO_ID_COPY, CopyButton->isEnabled());
1627
void toSecurity::displaySQL(void)
1629
std::list<QString> lines = sql();
1631
for (std::list<QString>::iterator i = lines.begin();i != lines.end();i++)
1634
res += QString::fromLatin1(";\n");
1636
if (res.length() > 0)
1637
new toMemoEditor(this, res, -1, -1, true);
1639
toStatusMessage(tr("No changes made"));
1642
std::list<QString> toSecurity::sql(void)
1644
std::list<QString> ret;
1647
QString tmp = General->sql();
1649
ret.insert(ret.end(), tmp);
1650
QString name = General->name();
1651
if (!name.isEmpty())
1653
SystemGrant->sql(name, ret);
1654
ObjectGrant->sql(name, ret);
1655
RoleGrant->sql(name, ret);
1658
catch (const QString &str)
1660
toStatusMessage(str);
1661
std::list<QString> empty;
1668
void toSecurity::changeUser(bool ask)
1674
std::list<QString> sqlList = sql();
1675
if (sqlList.size() != 0)
1677
switch (TOMessageBox::warning(this,
1678
tr("Save changes?"),
1679
tr("Save the changes made to this user?"),
1680
tr("Save"), tr("Discard"), tr("Cancel")))
1692
catch (const QString &str)
1694
toStatusMessage(str);
1702
QListViewItem *item = UserList->selectedItem();
1706
UserID = item->text(1);
1707
DropButton->setEnabled(item->parent());
1708
CopyButton->setEnabled(item->parent());
1711
ToolMenu->setItemEnabled(TO_ID_DROP, DropButton->isEnabled());
1712
ToolMenu->setItemEnabled(TO_ID_COPY, CopyButton->isEnabled());
1715
if (UserID[4].latin1() != ':')
1716
throw tr("Invalid security ID");
1718
if (UserID.startsWith(QString::fromLatin1("USER")))
1720
QString username = UserID.right(UserID.length() - 5);
1721
General->changePage(username, user);
1722
Quota->changeUser(username);
1723
Tabs->setTabEnabled(Quota, user);
1724
RoleGrant->changeUser(user, username);
1725
SystemGrant->changeUser(username);
1726
ObjectGrant->changeUser(username);
1732
void toSecurity::refresh(void)
1735
disconnect(UserList, SIGNAL(selectionChanged(QListViewItem *)),
1736
this, SLOT(changeUser(QListViewItem *)));
1737
SystemGrant->update();
1738
RoleGrant->update();
1739
ObjectGrant->update();
1744
QListViewItem *parent = new toResultViewItem(UserList, NULL, QString::fromLatin1("Users"));
1745
parent->setText(1, QString::fromLatin1("USER:"));
1746
parent->setOpen(true);
1747
toQuery user(connection(), toSQL::string(toSQL::TOSQL_USERLIST, connection()));
1748
QListViewItem *item = NULL;
1751
QString tmp = user.readValue();
1752
QString id = QString::fromLatin1("USER:");
1754
item = new toResultViewItem(parent, item, tmp);
1755
item->setText(1, id);
1757
UserList->setSelected(item, true);
1759
parent = new toResultViewItem(UserList, parent, tr("Roles"));
1760
parent->setText(1, QString::fromLatin1("ROLE:"));
1761
parent->setOpen(true);
1762
toQuery roles(connection(), SQLRoles);
1764
while (!roles.eof())
1766
QString tmp = roles.readValue();
1767
QString id = QString::fromLatin1("ROLE:");
1769
item = new toResultViewItem(parent, item, tmp);
1770
item->setText(1, id);
1772
UserList->setSelected(item, true);
1776
connect(UserList, SIGNAL(selectionChanged(QListViewItem *)),
1777
this, SLOT(changeUser(QListViewItem *)));
1780
void toSecurity::saveChanges()
1782
std::list<QString> sqlList = sql();
1783
for (std::list<QString>::iterator i = sqlList.begin();i != sqlList.end();i++)
1787
connection().execute(*i);
1791
if (General->user())
1792
UserID = QString::fromLatin1("USER:");
1794
UserID = QString::fromLatin1("ROLE:");
1795
UserID += General->name();
1800
void toSecurity::drop()
1802
if (UserID.length() > 5)
1804
QString str = QString::fromLatin1("DROP ");
1805
if (General->user())
1806
str += QString::fromLatin1("USER");
1808
str += QString::fromLatin1("ROLE");
1809
str += QString::fromLatin1(" \"");
1810
str += UserID.right(UserID.length() - 5);
1811
str += QString::fromLatin1("\"");
1814
connection().execute(str);
1820
switch (TOMessageBox::warning(this,
1821
tr("Are you sure?"),
1822
tr("The user still owns objects, add the cascade option?"),
1823
tr("Yes"), tr("No")))
1826
str += QString::fromLatin1(" CASCADE");
1829
connection().execute(str);
1842
void toSecurity::addUser(void)
1844
for (QListViewItem *item = UserList->firstChild();item;item = item->nextSibling())
1845
if (item->text(1) == QString::fromLatin1("USER:"))
1847
UserList->clearSelection();
1848
UserList->setCurrentItem(item);
1849
Tabs->showPage(General);
1850
General->setFocus();
1855
void toSecurity::addRole(void)
1857
for (QListViewItem *item = UserList->firstChild();item;item = item->nextSibling())
1858
if (item->text(1) == QString::fromLatin1("ROLE:"))
1860
UserList->clearSelection();
1861
UserList->setCurrentItem(item);
1862
Tabs->showPage(General);
1863
General->setFocus();
1868
void toSecurity::copy(void)
1871
SystemGrant->eraseUser(false);
1872
RoleGrant->eraseUser(General->user(), false);
1873
ObjectGrant->eraseUser(false);
1875
if (General->user())
1876
UserID = QString::fromLatin1("USER:");
1878
UserID = QString::fromLatin1("ROLE:");
1879
for (QListViewItem *item = UserList->firstChild();item;item = item->nextSibling())
1880
if (item->text(1) == UserID)
1882
disconnect(UserList, SIGNAL(selectionChanged(QListViewItem *)),
1883
this, SLOT(changeUser(QListViewItem *)));
1884
UserList->clearSelection();
1885
UserList->setCurrentItem(item);
1886
connect(UserList, SIGNAL(selectionChanged(QListViewItem *)),
1887
this, SLOT(changeUser(QListViewItem *)));