phpmyadmin
diff --git a/‎libraries/classes/Controllers/Database/PrivilegesController.php‎
Lines changed: 58 additions & 8 deletions b/‎libraries/classes/Controllers/Database/PrivilegesController.php‎
Lines changed: 58 additions & 8 deletions
diff --git a/‎libraries/classes/Controllers/Server/PrivilegesController.php‎
Lines changed: 3 additions & 54 deletions b/‎libraries/classes/Controllers/Server/PrivilegesController.php‎
Lines changed: 3 additions & 54 deletions
diff --git a/‎libraries/classes/Controllers/Table/PrivilegesController.php‎
Lines changed: 41 additions & 10 deletions b/‎libraries/classes/Controllers/Table/PrivilegesController.php‎
Lines changed: 41 additions & 10 deletions
diff --git a/‎libraries/classes/Footer.php‎
Lines changed: 0 additions & 23 deletions b/‎libraries/classes/Footer.php‎
Lines changed: 0 additions & 23 deletions
diff --git a/‎libraries/classes/Menu.php‎
Lines changed: 4 additions & 10 deletions b/‎libraries/classes/Menu.php‎
Lines changed: 4 additions & 10 deletions
diff --git a/‎libraries/classes/Server/Privileges.php‎
Lines changed: 3 additions & 8 deletions b/‎libraries/classes/Server/Privileges.php‎
Lines changed: 3 additions & 8 deletions
@@ -7,14 +7,19 @@
 
 namespace PhpMyAdmin\Controllers\Database;
 
+use PhpMyAdmin\CheckUserPrivileges;
 use PhpMyAdmin\Controllers\AbstractController;
 use PhpMyAdmin\DatabaseInterface;
+use PhpMyAdmin\Message;
 use PhpMyAdmin\ResponseRenderer;
 use PhpMyAdmin\Server\Privileges;
 use PhpMyAdmin\Template;
 use PhpMyAdmin\Util;
 
+use function __;
 use function mb_strtolower;
+use function ob_get_clean;
+use function ob_start;
 
 /**
  * Controller for database privileges
@@ -38,26 +43,70 @@ public function __construct(
         $this->dbi = $dbi;
     }
 
-    /**
-     * @param string[] $params Request parameters
-     * @psalm-param array{checkprivsdb: string} $params
-     */
-    public function __invoke(array $params): string
+    public function __invoke(): void
     {
         $GLOBALS['text_dir'] = $GLOBALS['text_dir'] ?? null;
+
+        $checkUserPrivileges = new CheckUserPrivileges($this->dbi);
+        $checkUserPrivileges->getPrivileges();
+
+        $this->addScriptFiles(['server/privileges.js', 'vendor/zxcvbn-ts.js']);
+
+        /**
+         * Checks if the user is allowed to do what they try to...
+         */
+        $isGrantUser = $this->dbi->isGrantUser();
+        $isCreateUser = $this->dbi->isCreateUser();
+
+        if (! $this->dbi->isSuperUser() && ! $isGrantUser && ! $isCreateUser) {
+            $this->render('server/sub_page_header', [
+                'type' => 'privileges',
+                'is_image' => false,
+            ]);
+            $this->response->addHTML(
+                Message::error(__('No Privileges'))
+                    ->getDisplay()
+            );
+
+            return;
+        }
+
+        if (! $isGrantUser && ! $isCreateUser) {
+            $this->response->addHTML(Message::notice(
+                __('You do not have the privileges to administrate the users!')
+            )->getDisplay());
+        }
+
+        // Gets the database structure
+        $GLOBALS['sub_part'] = '_structure';
+        ob_start();
+
+        [
+            $GLOBALS['tables'],
+            $GLOBALS['num_tables'],
+            $GLOBALS['total_num_tables'],
+            $GLOBALS['sub_part'],,,
+            $GLOBALS['tooltip_truename'],
+            $GLOBALS['tooltip_aliasname'],
+            $GLOBALS['pos'],
+        ] = Util::getDbInfo($GLOBALS['db'], $GLOBALS['sub_part']);
+
+        $content = ob_get_clean();
+        $this->response->addHTML($content . "\n");
+
         $scriptName = Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabDatabase'], 'database');
 
-        $db = $params['checkprivsdb'];
+        $db = $GLOBALS['db'];
         if ($this->dbi->getLowerCaseNames() === '1') {
-            $db = mb_strtolower($params['checkprivsdb']);
+            $db = mb_strtolower($GLOBALS['db']);
         }
 
         $privileges = [];
         if ($this->dbi->isSuperUser()) {
             $privileges = $this->privileges->getAllPrivileges($db);
         }
 
-        return $this->template->render('database/privileges/index', [
+        $this->render('database/privileges/index', [
             'is_superuser' => $this->dbi->isSuperUser(),
             'db' => $db,
             'database_url' => $scriptName,
@@ -66,5 +115,6 @@ public function __invoke(array $params): string
             'is_grantuser' => $this->dbi->isGrantUser(),
             'privileges' => $privileges,
         ]);
+        $this->render('export_modal');
     }
 }
@@ -8,8 +8,6 @@
 use PhpMyAdmin\ConfigStorage\Relation;
 use PhpMyAdmin\ConfigStorage\RelationCleanup;
 use PhpMyAdmin\Controllers\AbstractController;
-use PhpMyAdmin\Controllers\Database\PrivilegesController as DatabaseController;
-use PhpMyAdmin\Controllers\Table\PrivilegesController as TableController;
 use PhpMyAdmin\Core;
 use PhpMyAdmin\DatabaseInterface;
 use PhpMyAdmin\Html\Generator;
@@ -26,8 +24,6 @@
 use function implode;
 use function is_array;
 use function is_string;
-use function ob_get_clean;
-use function ob_start;
 use function str_replace;
 use function urlencode;
 
@@ -102,15 +98,7 @@ public function __invoke(): void
             new Plugins($this->dbi)
         );
 
-        $databaseController = new DatabaseController($this->response, $this->template, $serverPrivileges, $this->dbi);
-
-        $tableController = new TableController($this->response, $this->template, $serverPrivileges, $this->dbi);
-
-        if (
-            (isset($_GET['viewing_mode'])
-                && $_GET['viewing_mode'] === 'server')
-            && $relationParameters->configurableMenusFeature !== null
-        ) {
+        if ($relationParameters->configurableMenusFeature !== null) {
             $this->response->addHTML('<div class="container-fluid">');
             $this->render('server/privileges/subnav', [
                 'active' => 'privileges',
@@ -371,26 +359,7 @@ public function __invoke(): void
         /**
          * Displays the links
          */
-        if (isset($_GET['viewing_mode']) && $_GET['viewing_mode'] === 'db') {
-            $GLOBALS['db'] = $_REQUEST['db'] = $_GET['checkprivsdb'];
-
-            // Gets the database structure
-            $GLOBALS['sub_part'] = '_structure';
-            ob_start();
-
-            [
-                $GLOBALS['tables'],
-                $GLOBALS['num_tables'],
-                $GLOBALS['total_num_tables'],
-                $GLOBALS['sub_part'],,,
-                $GLOBALS['tooltip_truename'],
-                $GLOBALS['tooltip_aliasname'],
-                $GLOBALS['pos'],
-            ] = Util::getDbInfo($GLOBALS['db'], $GLOBALS['sub_part']);
-
-            $content = ob_get_clean();
-            $this->response->addHTML($content . "\n");
-        } elseif (! empty($GLOBALS['message'])) {
+        if (! empty($GLOBALS['message'])) {
             $this->response->addHTML(Generator::getMessage($GLOBALS['message']));
             unset($GLOBALS['message']);
         }
@@ -420,22 +389,6 @@ public function __invoke(): void
             $this->response->addHTML($serverPrivileges->getHtmlForAddUser(
                 Util::escapeMysqlWildcards(is_string($GLOBALS['dbname']) ? $GLOBALS['dbname'] : '')
             ));
-        } elseif (isset($_GET['checkprivsdb']) && is_string($_GET['checkprivsdb'])) {
-            if (isset($_GET['checkprivstable']) && is_string($_GET['checkprivstable'])) {
-                $this->response->addHTML($tableController([
-                    'checkprivsdb' => $_GET['checkprivsdb'],
-                    'checkprivstable' => $_GET['checkprivstable'],
-                ]));
-                $this->render('export_modal');
-            } elseif ($this->response->isAjax() === true && empty($_REQUEST['ajax_page_request'])) {
-                $GLOBALS['message'] = Message::success(__('User has been added.'));
-                $this->response->addJSON('message', $GLOBALS['message']);
-
-                return;
-            } else {
-                $this->response->addHTML($databaseController(['checkprivsdb' => $_GET['checkprivsdb']]));
-                $this->render('export_modal');
-            }
         } else {
             if (isset($GLOBALS['dbname']) && ! is_array($GLOBALS['dbname'])) {
                 $GLOBALS['url_dbname'] = urlencode(
@@ -488,11 +441,7 @@ public function __invoke(): void
             }
         }
 
-        if (
-            ! isset($_GET['viewing_mode'])
-            || $_GET['viewing_mode'] !== 'server'
-            || $relationParameters->configurableMenusFeature === null
-        ) {
+        if ($relationParameters->configurableMenusFeature === null) {
             return;
         }
 
 
@@ -7,13 +7,16 @@
 
 namespace PhpMyAdmin\Controllers\Table;
 
+use PhpMyAdmin\CheckUserPrivileges;
 use PhpMyAdmin\Controllers\AbstractController;
 use PhpMyAdmin\DatabaseInterface;
+use PhpMyAdmin\Message;
 use PhpMyAdmin\ResponseRenderer;
 use PhpMyAdmin\Server\Privileges;
 use PhpMyAdmin\Template;
 use PhpMyAdmin\Util;
 
+use function __;
 use function mb_strtolower;
 
 /**
@@ -38,28 +41,55 @@ public function __construct(
         $this->dbi = $dbi;
     }
 
-    /**
-     * @param string[] $params Request parameters
-     * @psalm-param array{checkprivsdb: string, checkprivstable: string} $params
-     */
-    public function __invoke(array $params): string
+    public function __invoke(): void
     {
         $GLOBALS['text_dir'] = $GLOBALS['text_dir'] ?? null;
+
+        $checkUserPrivileges = new CheckUserPrivileges($this->dbi);
+        $checkUserPrivileges->getPrivileges();
+
+        $this->addScriptFiles(['server/privileges.js', 'vendor/zxcvbn-ts.js']);
+
+        /**
+         * Checks if the user is allowed to do what they try to...
+         */
+        $isGrantUser = $this->dbi->isGrantUser();
+        $isCreateUser = $this->dbi->isCreateUser();
+
+        if (! $this->dbi->isSuperUser() && ! $isGrantUser && ! $isCreateUser) {
+            $this->render('server/sub_page_header', [
+                'type' => 'privileges',
+                'is_image' => false,
+            ]);
+            $this->response->addHTML(
+                Message::error(__('No Privileges'))
+                    ->getDisplay()
+            );
+
+            return;
+        }
+
+        if (! $isGrantUser && ! $isCreateUser) {
+            $this->response->addHTML(Message::notice(
+                __('You do not have the privileges to administrate the users!')
+            )->getDisplay());
+        }
+
         $scriptName = Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabTable'], 'table');
 
-        $db = $params['checkprivsdb'];
-        $table = $params['checkprivstable'];
+        $db = $GLOBALS['db'];
+        $table = $GLOBALS['table'];
         if ($this->dbi->getLowerCaseNames() === '1') {
-            $db = mb_strtolower($params['checkprivsdb']);
-            $table = mb_strtolower($params['checkprivstable']);
+            $db = mb_strtolower($GLOBALS['db']);
+            $table = mb_strtolower($GLOBALS['table']);
         }
 
         $privileges = [];
         if ($this->dbi->isSuperUser()) {
             $privileges = $this->privileges->getAllPrivileges($db, $table);
         }
 
-        return $this->template->render('table/privileges/index', [
+        $this->render('table/privileges/index', [
             'db' => $db,
             'table' => $table,
             'is_superuser' => $this->dbi->isSuperUser(),
@@ -69,5 +99,6 @@ public function __invoke(array $params): string
             'is_grantuser' => $this->dbi->isGrantUser(),
             'privileges' => $privileges,
         ]);
+        $this->render('export_modal');
     }
 }
@@ -153,29 +153,6 @@ public function getSelfUrl(): string
 
         $params['server'] = $GLOBALS['server'];
 
-        // needed for server privileges tabs
-        if (isset($_GET['viewing_mode']) && in_array($_GET['viewing_mode'], ['server', 'db', 'table'])) {
-            $params['viewing_mode'] = $_GET['viewing_mode'];
-        }
-
-        /**
-         * @todo    coming from /server/privileges, here $db is not set,
-         *          add the following condition below when that is fixed
-         *          && $_GET['checkprivsdb'] == $db
-         */
-        if (isset($_GET['checkprivsdb'])) {
-            $params['checkprivsdb'] = $_GET['checkprivsdb'];
-        }
-
-        /**
-         * @todo    coming from /server/privileges, here $table is not set,
-         *          add the following condition below when that is fixed
-         *          && $_REQUEST['checkprivstable'] == $table
-         */
-        if (isset($_GET['checkprivstable'])) {
-            $params['checkprivstable'] = $_GET['checkprivstable'];
-        }
-
         if (isset($_REQUEST['single_table']) && in_array($_REQUEST['single_table'], [true, false])) {
             $params['single_table'] = $_REQUEST['single_table'];
         }
 
@@ -286,14 +286,11 @@ private function getTableTabs(): array
         }
 
         if (($isSuperUser || $isCreateOrGrantUser) && ! $isSystemSchema) {
-            $tabs['privileges']['route'] = '/server/privileges';
-            $tabs['privileges']['args']['checkprivsdb'] = $this->db;
-            $tabs['privileges']['args']['checkprivstable'] = $this->table;
+            $tabs['privileges']['route'] = '/table/privileges';
             // stay on table view
-            $tabs['privileges']['args']['viewing_mode'] = 'table';
             $tabs['privileges']['text'] = __('Privileges');
             $tabs['privileges']['icon'] = 's_rights';
-            $tabs['privileges']['active'] = $route === '/server/privileges';
+            $tabs['privileges']['active'] = $route === '/table/privileges';
         }
 
         /**
@@ -397,13 +394,11 @@ private function getDbTabs(): array
             $tabs['operation']['active'] = $route === '/database/operations';
 
             if ($isSuperUser || $isCreateOrGrantUser) {
-                $tabs['privileges']['route'] = '/server/privileges';
-                $tabs['privileges']['args']['checkprivsdb'] = $this->db;
+                $tabs['privileges']['route'] = '/database/privileges';
                 // stay on database view
-                $tabs['privileges']['args']['viewing_mode'] = 'db';
                 $tabs['privileges']['text'] = __('Privileges');
                 $tabs['privileges']['icon'] = 's_rights';
-                $tabs['privileges']['active'] = $route === '/server/privileges';
+                $tabs['privileges']['active'] = $route === '/database/privileges';
             }
 
             $tabs['routines']['route'] = '/database/routines';
@@ -503,7 +498,6 @@ private function getServerTabs(): array
                 '/server/privileges',
                 '/server/user-groups',
             ]);
-            $tabs['rights']['args']['viewing_mode'] = 'server';
         }
 
         $tabs['export']['icon'] = 'b_export';
 
@@ -2101,7 +2101,6 @@ public function getHtmlForInitials(array $arrayInitials)
         return $this->template->render('server/privileges/initials_row', [
             'array_initials' => $arrayInitials,
             'initial' => $_GET['initial'] ?? null,
-            'viewing_mode' => $_GET['viewing_mode'] ?? null,
         ]);
     }
 
@@ -2901,20 +2900,16 @@ public function getAddUserHtmlFieldset($db = '', $table = '')
             return '';
         }
 
-        $relParams = [];
         $urlParams = ['adduser' => 1];
         if (! empty($db)) {
-            $urlParams['dbname'] = $relParams['checkprivsdb'] = $db;
+            $urlParams['dbname'] = $db;
         }
 
         if (! empty($table)) {
-            $urlParams['tablename'] = $relParams['checkprivstable'] = $table;
+            $urlParams['tablename'] = $table;
         }
 
-        return $this->template->render('server/privileges/add_user_fieldset', [
-            'url_params' => $urlParams,
-            'rel_params' => $relParams,
-        ]);
+        return $this->template->render('server/privileges/add_user_fieldset', ['url_params' => $urlParams]);
     }
 
     /**
Original file line number	Diff line number	Diff line change
`@@ -2101,7 +2101,6 @@ public function getHtmlForInitials(array $arrayInitials)`
`2101`	`2101`	`return $this->template->render('server/privileges/initials_row', [`
`2102`	`2102`	`'array_initials' => $arrayInitials,`
`2103`	`2103`	`'initial' => $_GET['initial'] ?? null,`
`2104`		`- 'viewing_mode' => $_GET['viewing_mode'] ?? null,`
`2105`	`2104`	`]);`
`2106`	`2105`	`}`
`2107`	`2106`
`@@ -2901,20 +2900,16 @@ public function getAddUserHtmlFieldset($db = '', $table = '')`
`2901`	`2900`	`return '';`
`2902`	`2901`	`}`
`2903`	`2902`
`2904`		`- $relParams = [];`
`2905`	`2903`	`$urlParams = ['adduser' => 1];`
`2906`	`2904`	`if (! empty($db)) {`
`2907`		`- $urlParams['dbname'] = $relParams['checkprivsdb'] = $db;`
	`2905`	`+ $urlParams['dbname'] = $db;`
`2908`	`2906`	`}`
`2909`	`2907`
`2910`	`2908`	`if (! empty($table)) {`
`2911`		`- $urlParams['tablename'] = $relParams['checkprivstable'] = $table;`
	`2909`	`+ $urlParams['tablename'] = $table;`
`2912`	`2910`	`}`
`2913`	`2911`
`2914`		`- return $this->template->render('server/privileges/add_user_fieldset', [`
`2915`		`- 'url_params' => $urlParams,`
`2916`		`- 'rel_params' => $relParams,`
`2917`		`- ]);`
	`2912`	`+ return $this->template->render('server/privileges/add_user_fieldset', ['url_params' => $urlParams]);`
`2918`	`2913`	`}`
`2919`	`2914`
`2920`	`2915`	`/**`