Inspects privileges to see if those are coming from an admin user
(privileges)
| 4630 | return getText(_urllib.parse.urlunsplit([parts.scheme, netloc, path, query, parts.fragment]) or url) |
| 4631 | |
| 4632 | def isAdminFromPrivileges(privileges): |
| 4633 | """ |
| 4634 | Inspects privileges to see if those are coming from an admin user |
| 4635 | """ |
| 4636 | |
| 4637 | privileges = privileges or [] |
| 4638 | |
| 4639 | # In PostgreSQL the usesuper privilege means that the |
| 4640 | # user is DBA |
| 4641 | retVal = (Backend.isDbms(DBMS.PGSQL) and "super" in privileges) |
| 4642 | |
| 4643 | # In Oracle the DBA privilege means that the |
| 4644 | # user is DBA |
| 4645 | retVal |= (Backend.isDbms(DBMS.ORACLE) and "DBA" in privileges) |
| 4646 | |
| 4647 | # In MySQL >= 5.0 the SUPER privilege means |
| 4648 | # that the user is DBA |
| 4649 | retVal |= (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema and "SUPER" in privileges) |
| 4650 | |
| 4651 | # In MySQL < 5.0 the super_priv privilege means |
| 4652 | # that the user is DBA |
| 4653 | retVal |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema and "super_priv" in privileges) |
| 4654 | |
| 4655 | # In Firebird there is no specific privilege that means |
| 4656 | # that the user is DBA |
| 4657 | retVal |= (Backend.isDbms(DBMS.FIREBIRD) and all(_ in privileges for _ in ("SELECT", "INSERT", "UPDATE", "DELETE", "REFERENCES", "EXECUTE"))) |
| 4658 | |
| 4659 | return retVal |
| 4660 | |
| 4661 | def findPageForms(content, url, raiseException=False, addToTargets=False): |
| 4662 | """ |
no test coverage detected
searching dependent graphs…