Added Database link access for SQL Macro
This commit is contained in:
Yung Han Khoe
parent
b020387643
commit
f3b14a227c
7 changed files with 116 additions and 30 deletions
|
|
@ -294,12 +294,26 @@ A reference to the current session.
|
|||
sub getList {
|
||||
my $class = shift;
|
||||
my $session = shift;
|
||||
my $list = $session->db->buildHashRef("select databaseLinkId, title from databaseLink order by title");
|
||||
my $list = $session->db->buildHashRef("select databaseLinkId, title from databaseLink where databaseLinkId !=
|
||||
'0' order by title");
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
$list->{'0'} = $i18n->get(1076);
|
||||
return $list;
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 macroAccessIsAllowed ( )
|
||||
|
||||
Returns a boolean indicating if macros are allowed to access this database link.
|
||||
|
||||
=cut
|
||||
|
||||
sub macroAccessIsAllowed {
|
||||
my $self = shift;
|
||||
return $self->{_databaseLink}{allowMacroAccess};
|
||||
}
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
|
|
@ -333,7 +347,7 @@ sub new {
|
|||
identifier=>$session->config->get("dbpass"),
|
||||
title=>"WebGUI Database",
|
||||
allowedKeywords=>"select\ndescribe\ndesc\nshow\ncall",
|
||||
allowMacroAccess=>0,
|
||||
allowMacroAccess=>$session->db->quickScalar("select allowMacroAccess from databaseLink where databaseLinkId='0'"),
|
||||
additionalParameters=>'',
|
||||
);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -34,17 +34,32 @@ Describes how to format the results of the SQL statement. For each
|
|||
term in in a select-type statement, a numeric macro (^0, ^1, etc.)can
|
||||
be used to position its output in the format.
|
||||
|
||||
=head3 databaseLinkId
|
||||
|
||||
The id of the databaseLink to use. Default is the WebGUI database which has id '0'.
|
||||
The databaseLink must allow macro access, otherwise an error will be returned.
|
||||
|
||||
=cut
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub process {
|
||||
my $session = shift;
|
||||
my ($output, @data, $rownum, $temp);
|
||||
my ($statement, $format) = @_;
|
||||
my $i18n = WebGUI::International->new($session,'Macro_SQL');
|
||||
my ($output, @data, $rownum, $temp, $dbh);
|
||||
my ($statement, $format, $databaseLinkId) = @_;
|
||||
my $i18n = WebGUI::International->new($session,'Macro_SQL');
|
||||
|
||||
$databaseLinkId ||= '0';
|
||||
my $dbLink = WebGUI::DatabaseLink->new($session, $databaseLinkId);
|
||||
if($dbLink->macroAccessIsAllowed()){
|
||||
$dbh = $dbLink->db;
|
||||
}
|
||||
else{
|
||||
return $i18n->get('database access not allowed');
|
||||
}
|
||||
|
||||
$format = '^0;' if ($format eq "");
|
||||
if ($statement =~ /^\s*select/i || $statement =~ /^\s*show/i || $statement =~ /^\s*describe/i) {
|
||||
my $sth = $session->dbSlave->unconditionalRead($statement);
|
||||
my $sth = $dbh->unconditionalRead($statement);
|
||||
unless ($sth->errorCode < 1) {
|
||||
return sprintf $i18n->get('sql error'), $sth->errorMessage;
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -56,8 +56,10 @@ sub _submenu {
|
|||
my $dlid = $session->form->process("dlid");
|
||||
if (($session->form->process("op") eq "editDatabaseLink" && $dlid ne "new") || $session->form->process("op") eq "deleteDatabaseLink") {
|
||||
$ac->addSubmenuItem($session->url->page('op=editDatabaseLink;dlid='.$dlid), $i18n->get(983));
|
||||
$ac->addSubmenuItem($session->url->page('op=copyDatabaseLink;dlid='.$dlid), $i18n->get(984));
|
||||
$ac->addConfirmedSubmenuItem($session->url->page("op=deleteDatabaseLinkConfirm;dlid=".$dlid), $i18n->get(985), $i18n->get(988));
|
||||
unless ($dlid eq "0"){
|
||||
$ac->addSubmenuItem($session->url->page('op=copyDatabaseLink;dlid='.$dlid), $i18n->get(984));
|
||||
$ac->addConfirmedSubmenuItem($session->url->page("op=deleteDatabaseLinkConfirm;dlid=".$dlid), $i18n->get(985), $i18n->get(988));
|
||||
}
|
||||
$ac->addSubmenuItem($session->url->page('op=listDatabaseLinks'), $i18n->get(986));
|
||||
}
|
||||
return $ac->render($workarea, $title);
|
||||
|
|
@ -158,10 +160,9 @@ sub www_editDatabaseLink {
|
|||
if ($session->form->process("dlid") eq "new") {
|
||||
# Default values are SELECT, DESCRIBE and SHOW
|
||||
$db{allowedKeywords} = "select\ndescribe\nshow";
|
||||
} elsif ($session->form->process("dlid") eq "0") {
|
||||
|
||||
} else {
|
||||
%db = %{WebGUI::DatabaseLink->new($session,$session->form->process("dlid"))->get};
|
||||
}
|
||||
else {
|
||||
%db = %{WebGUI::DatabaseLink->new($session,$session->form->process("dlid"))->get};
|
||||
}
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
$f = WebGUI::HTMLForm->new($session,
|
||||
|
|
@ -181,12 +182,22 @@ sub www_editDatabaseLink {
|
|||
-label => $i18n->get(991),
|
||||
-hoverHelp => $i18n->get('991 description'),
|
||||
);
|
||||
$f->text(
|
||||
-name => "title",
|
||||
if ($session->form->process("dlid") eq "0"){
|
||||
$f->readOnly(
|
||||
-label => $i18n->get(992),
|
||||
-hoverHelp => $i18n->get('992 description'),
|
||||
-value => $db{title},
|
||||
);
|
||||
}
|
||||
else{
|
||||
$f->text(
|
||||
-name => "title",
|
||||
-label => $i18n->get(992),
|
||||
-hoverHelp => $i18n->get('992 description'),
|
||||
-value => $db{title},
|
||||
);
|
||||
}
|
||||
unless ($session->form->process("dlid") eq "0"){
|
||||
$f->text(
|
||||
-name => "DSN",
|
||||
-label => $i18n->get(993),
|
||||
|
|
@ -205,12 +216,13 @@ sub www_editDatabaseLink {
|
|||
-hoverHelp => $i18n->get('995 description'),
|
||||
-value => $db{identifier},
|
||||
);
|
||||
$f->textarea(
|
||||
$f->textarea(
|
||||
-name => "allowedKeywords",
|
||||
-label => $i18n->get('allowed keywords'),
|
||||
-hoverHelp => $i18n->get('allowed keywords description'),
|
||||
-value => $db{allowedKeywords},
|
||||
);
|
||||
);
|
||||
}
|
||||
$f->yesNo(
|
||||
-name => "allowMacroAccess",
|
||||
-label => $i18n->get('allow access from macros'),
|
||||
|
|
@ -218,13 +230,15 @@ sub www_editDatabaseLink {
|
|||
-defaultValue=>0,
|
||||
-value => $db{allowMacroAccess},
|
||||
);
|
||||
$f->textarea(
|
||||
unless ($session->form->process("dlid") eq "0"){
|
||||
$f->textarea(
|
||||
-name => "additionalParameters",
|
||||
-label => $i18n->get('additional parameters'),
|
||||
-hoverHelp => $i18n->get('additional parameters help'),
|
||||
-defaultValue=>'',
|
||||
-value => $db{additionalParameters},
|
||||
);
|
||||
);
|
||||
}
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
return _submenu($session,$output,"990");
|
||||
|
|
@ -244,25 +258,33 @@ Returns the user the Link Database Links screen.
|
|||
sub www_editDatabaseLinkSave {
|
||||
my ($allowedKeywords);
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient unless canView($session);
|
||||
my $params;
|
||||
return $session->privilege->insufficient unless canView($session);
|
||||
|
||||
# Convert enters to a single \n.
|
||||
($allowedKeywords = $session->form->process("allowedKeywords")) =~ s/\s+/\n/g;
|
||||
my $params = {
|
||||
title=>$session->form->process("title"),
|
||||
username=>$session->form->process("dbusername"),
|
||||
identifier=>$session->form->process("dbidentifier"),
|
||||
DSN=>$session->form->process("DSN"),
|
||||
allowedKeywords=>$allowedKeywords,
|
||||
allowMacroAccess=>$session->form->process("allowMacroAccess"),
|
||||
additionalParameters=>$session->form->process("additionalParameters"),
|
||||
};
|
||||
if ($session->form->process("dlid") eq "0"){
|
||||
$params = {
|
||||
allowMacroAccess=>$session->form->process("allowMacroAccess"),
|
||||
};
|
||||
}
|
||||
else{
|
||||
($allowedKeywords = $session->form->process("allowedKeywords")) =~ s/\s+/\n/g;
|
||||
$params = {
|
||||
title=>$session->form->process("title"),
|
||||
username=>$session->form->process("dbusername"),
|
||||
identifier=>$session->form->process("dbidentifier"),
|
||||
DSN=>$session->form->process("DSN"),
|
||||
allowedKeywords=>$allowedKeywords,
|
||||
allowMacroAccess=>$session->form->process("allowMacroAccess"),
|
||||
additionalParameters=>$session->form->process("additionalParameters"),
|
||||
};
|
||||
}
|
||||
if ($session->form->process("dlid") eq "new") {
|
||||
WebGUI::DatabaseLink->create($session,$params);
|
||||
} else {
|
||||
WebGUI::DatabaseLink->new($session,$session->form->process("dlid"))->set($params);
|
||||
}
|
||||
return www_listDatabaseLinks($session);
|
||||
return www_listDatabaseLinks($session);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -288,6 +310,9 @@ sub www_listDatabaseLinks {
|
|||
.$session->icon->edit('op=editDatabaseLink;dlid='.$id)
|
||||
.$session->icon->copy('op=copyDatabaseLink;dlid='.$id);
|
||||
}
|
||||
elsif ($id eq '0') {
|
||||
$output .= $session->icon->edit('op=editDatabaseLink;dlid='.$id);
|
||||
}
|
||||
$output .= '</td>';
|
||||
$output .= '<td valign="top" class="tableData">'.$links->{$id}.'</td></tr>';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,6 +18,11 @@ our $I18N = {
|
|||
lastUpdated => 1135105919,
|
||||
},
|
||||
|
||||
'database access not allowed' => {
|
||||
message => q|The database does not allow access from Macro's.|,
|
||||
lastUpdated => 1135105919,
|
||||
},
|
||||
|
||||
};
|
||||
|
||||
1;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue