diff --git a/CenRa_FLUX/flux_editor.py b/CenRa_FLUX/flux_editor.py index 4cbcbd2..0f92a4e 100644 --- a/CenRa_FLUX/flux_editor.py +++ b/CenRa_FLUX/flux_editor.py @@ -327,13 +327,36 @@ class Flux_Editor(QDialog, EDITOR_CLASS): list_projects_qgis.append(cur.fetchall()) # Récupération des droits d'accès de l'utilisateur sur les tables + SQLGrands = """ + WITH t as (SELECT + n.nspname AS table_schema, + c.relname AS table_name, + r.rolname AS grantee, + CASE + WHEN acl_text LIKE '%r%' THEN 'SELECT' + WHEN acl_text LIKE '%w%' THEN 'UPDATE' + WHEN acl_text LIKE '%a%' THEN 'INSERT' + WHEN acl_text LIKE '%d%' THEN 'DELETE' + WHEN acl_text LIKE '%x%' THEN 'REFERENCES' + ELSE 'OTHER' + END AS privilege_type + FROM pg_class c + JOIN pg_namespace n ON n.oid = c.relnamespace + LEFT JOIN LATERAL unnest(c.relacl) AS acl_item(acl) ON TRUE + LEFT JOIN LATERAL ( + SELECT acl::text AS acl_text, + split_part(acl::text, '=', 1) AS grantee_name + ) priv ON TRUE + LEFT JOIN pg_roles r ON r.rolname = priv.grantee_name + WHERE c.relkind IN ('r', 'v','m')) + """ if self.comboBox.currentText() == 'toutes les catégories': - SQLGrands = """SELECT concat(table_schema,'.',table_name) FROM information_schema.role_table_grants WHERE grantee in(SELECT rolname FROM pg_catalog.pg_roles WHERE oid in(SELECT roleid FROM pg_auth_members WHERE member = (SELECT usesysid FROM pg_catalog.pg_user WHERE usename = '""" + user + """'))) and privilege_type = 'SELECT';""" + SQLGrands = SQLGrands + """SELECT concat(table_schema,'.',table_name) FROM t WHERE grantee in(SELECT rolname FROM pg_catalog.pg_roles WHERE oid in(SELECT roleid FROM pg_auth_members WHERE member = (SELECT usesysid FROM pg_catalog.pg_user WHERE usename = '""" + user + """'))) and privilege_type = 'SELECT';""" else: if dbtype == sigdb: - SQLGrands = """SELECT concat(table_schema,'.',table_name) FROM information_schema.role_table_grants WHERE grantee in(SELECT rolname FROM pg_catalog.pg_roles WHERE oid in(SELECT roleid FROM pg_auth_members WHERE member = (SELECT usesysid FROM pg_catalog.pg_user WHERE usename = '""" + user + """'))) and privilege_type = 'SELECT' AND table_schema LIKE '_""" + str(self.comboBox.currentText()) + """_%';""" + SQLGrands = SQLGrands + """SELECT concat(table_schema,'.',table_name) FROM t WHERE grantee in(SELECT rolname FROM pg_catalog.pg_roles WHERE oid in(SELECT roleid FROM pg_auth_members WHERE member = (SELECT usesysid FROM pg_catalog.pg_user WHERE usename = '""" + user + """'))) and privilege_type = 'SELECT' AND table_schema LIKE '_""" + str(self.comboBox.currentText()) + """_%';""" elif dbtype == refdb: - SQLGrands = """SELECT concat(table_schema,'.',table_name) FROM information_schema.role_table_grants WHERE grantee in(SELECT rolname FROM pg_catalog.pg_roles WHERE oid in(SELECT roleid FROM pg_auth_members WHERE member = (SELECT usesysid FROM pg_catalog.pg_user WHERE usename = '""" + user + """'))) and privilege_type = 'SELECT' AND table_schema LIKE '""" + str(self.comboBox.currentText()) + """%';""" + SQLGrands = SQLGrands + """SELECT concat(table_schema,'.',table_name) FROM t WHERE grantee in(SELECT rolname FROM pg_catalog.pg_roles WHERE oid in(SELECT roleid FROM pg_auth_members WHERE member = (SELECT usesysid FROM pg_catalog.pg_user WHERE usename = '""" + user + """'))) and privilege_type = 'SELECT' AND table_schema LIKE '""" + str(self.comboBox.currentText()) + """%';""" cur.execute(SQLGrands) list_grands = cur.fetchall() GrandUser = []