Hi,
PFA patch for schema macros for security and privilege.
Now I have moved macros related to schema and its child object under
schemas/templates/macros/schemas folder
--
*Harshal Dhumal*
*Software Engineer *
EenterpriseDB <http://www.enterprisedb.com>
On Wed, Feb 10, 2016 at 5:41 PM, Harshal Dhumal <
harshal.dhu...@enterprisedb.com> wrote:
> Hi,
>
> Here is updated patch for macros. I have added required validation in
> macros.
>
>
> --
> *Harshal Dhumal*
> *Software Engineer *
>
>
>
> EenterpriseDB <http://www.enterprisedb.com>
>
> On Wed, Feb 10, 2016 at 1:06 PM, Ashesh Vashi <
> ashesh.va...@enterprisedb.com> wrote:
>
>> On Tue, Feb 9, 2016 at 3:48 PM, Harshal Dhumal <
>> harshal.dhu...@enterprisedb.com> wrote:
>>
>>> Hi,
>>>
>>> PFA of macros (privilege, security) for sequence node.
>>>
>>> Also fixed minor issue in security macro (removed unwanted qtIdent for
>>> provider)
>>>
>> This is not allowed.
>> We can't pass on the data coming from the client blindly to the server.
>> It is an area, which can introduce the SQL injection in our code.
>>
>> Hence - I can't allowed that.
>>
>> --
>>
>> Thanks & Regards,
>>
>> Ashesh Vashi
>> EnterpriseDB INDIA: Enterprise PostgreSQL Company
>> <http://www.enterprisedb.com/>
>>
>>
>> *http://www.linkedin.com/in/asheshvashi*
>> <http://www.linkedin.com/in/asheshvashi>
>>
>>>
>>>
>>>
>>> --
>>> *Harshal Dhumal*
>>> *Software Engineer *
>>>
>>>
>>>
>>> EenterpriseDB <http://www.enterprisedb.com>
>>>
>>>
>>> --
>>> Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org)
>>> To make changes to your subscription:
>>> http://www.postgresql.org/mailpref/pgadmin-hackers
>>>
>>>
>>
>
diff --git a/web/pgadmin/browser/server_groups/servers/databases/schemas/templates/macros/schemas/privilege.macros b/web/pgadmin/browser/server_groups/servers/databases/schemas/templates/macros/schemas/privilege.macros
new file mode 100644
index 0000000..cec2e53
--- /dev/null
+++ b/web/pgadmin/browser/server_groups/servers/databases/schemas/templates/macros/schemas/privilege.macros
@@ -0,0 +1,14 @@
+{##########################################}
+{# Macros for schema and its child nodes #}
+{##########################################}
+{% macro SET(conn, type, role, param, priv, with_grant, schema) -%}
+{% if priv %}
+GRANT {{ priv }} ON {{ type }} {{ conn|qtIdent(schema, param) }} TO {{ conn|qtIdent(role) }};
+{% endif %}
+{% if with_grant %}
+GRANT {{ with_grant }} ON {{ type }} {{ conn|qtIdent(schema, param) }} TO {{ conn|qtIdent(role) }} WITH GRANT OPTION;
+{% endif %}
+{%- endmacro %}
+{% macro UNSETALL(conn, type, role, param, schema) -%}
+REVOKE ALL ON {{ type }} {{ conn|qtIdent(schema, param) }} FROM {{ conn|qtIdent(role) }};
+{%- endmacro %}
\ No newline at end of file
diff --git a/web/pgadmin/browser/server_groups/servers/databases/schemas/templates/macros/schemas/security.macros b/web/pgadmin/browser/server_groups/servers/databases/schemas/templates/macros/schemas/security.macros
new file mode 100644
index 0000000..e1126b1
--- /dev/null
+++ b/web/pgadmin/browser/server_groups/servers/databases/schemas/templates/macros/schemas/security.macros
@@ -0,0 +1,9 @@
+{##########################################}
+{# Macros for schema and its child nodes #}
+{##########################################}
+{% macro SET(conn, type, name, provider, label, schema) -%}
+SECURITY LABEL FOR {{ provider }} ON {{ type }} {{ conn|qtIdent(schema, name) }} IS {{ label|qtLiteral }};
+{%- endmacro %}
+{% macro UNSET(conn, type, name, provider, schema) -%}
+SECURITY LABEL FOR {{ provider }} ON {{ type }} {{ conn|qtIdent(schema, name) }} IS NULL;
+{%- endmacro %}
\ No newline at end of file
--
Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgadmin-hackers
