Various User Access Rights

Help
janosh
2013-04-26
2013-06-06
  • janosh
    janosh
    2013-04-26

    Hi,
    I'm hosting my MySQL database externally and I don't have super user rights on my databases there. Is it possible using Adminer Editor, so I can setup several users who can access the Adminer Editor interface having different access rights, such as different access to tables (read/update/delete permissions)?
    Thanks in advance and regards,
    janosh

     
  • Jakub Vrána
    Jakub Vrána
    2013-04-26

    Adminer customization supports hiding tables. Restricting access isn't supported but you can hack it around with something like this:

    if ($_GET == "restricted_read") {
      exit("Restricted.");
    }
    if ($_GET == "restricted_write" || ($_GET == "restricted_write" && $_POST) {
      exit("Restricted.");
    }

    You can put this code in the beginning of the customization file.

     
  • janosh
    janosh
    2013-04-30

    very good, thanks for your answer.
    I have used this method to add a second auth layer on top of the DB. Please find the code here:

    <?php
    $global_userperms = array(
      array('user'=>'myuser1','pass'=>'abcd','db_user'=>'net1234','db_pass'=>'abcdef','mode'=>'incl','tables'=>array('customers','budget','countries','products')),
      array('user'=>'myuser2','pass'=>'efgh','db_user'=>'net1234','db_pass'=>'abcdef','mode'=>'excl','tables'=>array('sales','budget'))
    );
    foreach ($global_userperms as $up) {
      if (isset($_GET['username']) and strtolower($up['user']) == strtolower($_GET['username'])) {
        
        if (isset($_GET['select'])) $tbl = strtolower($_GET['select']);
        elseif (isset($_GET['edit'])) $tbl = strtolower($_GET['edit']);
        else break;
        
        if ($up['mode'] == 'incl' and !in_array($tbl, $up['tables'])) exit('Table access not permitted for current user.');
        if ($up['mode'] == 'excl' and  in_array($tbl, $up['tables'])) exit('Table access not permitted for current user.');
        break;
      }
    }
       
    function adminer_object() {
        
        class AdminerSoftware extends Adminer {
            
            function tableName($tableStatus) {
              global $global_userperms;
              $hide = false;
              foreach ($global_userperms as $up) {
                if (isset($_GET['username']) and strtolower($up['user']) == strtolower($_GET['username'])) {
                  $tbl = $tableStatus['Name'];          
                  if ($up['mode'] == 'incl' and !in_array($tbl, $up['tables'])) $hide = true;
                  if ($up['mode'] == 'excl' and  in_array($tbl, $up['tables'])) $hide = true;
                  break;
                }
              }
              return ($hide?'':h($tableStatus["Name"]));
            }
            function credentials() {
              global $global_userperms;
              foreach ($global_userperms as $up) {
                if (strtolower($up['user']) == strtolower($_GET['username'])) {
                  if ($up['pass'] == get_session('pwds')) $db_pass = $up['db_pass']; else $db_pass = '';
                  return array(SERVER, $up['db_user'], $db_pass);
                }
              }
              return array(SERVER, '', '');
            }
        }
        return new AdminerSoftware;
    }
    include "./editor.php";