Remove is_superuser superglobal

Issue phpmyadmin#11731

Signed-off-by: Michal Čihař <michal@cihar.com>

db_operations.php

@@ -261,7 +261,7 @@
     // Don't even try to drop information_schema.
     // You won't be able to. Believe me. You won't.
     // Don't allow to easily drop mysql database, RFE #1327514.
-    if (($is_superuser || $GLOBALS['cfg']['AllowUserDropDatabase'])
+    if (($GLOBALS['dbi']->isSuperuser() || $GLOBALS['cfg']['AllowUserDropDatabase'])
         && ! $db_is_system_schema
         && $GLOBALS['db'] != 'mysql'
     ) {

import.php

@@ -683,7 +683,7 @@
 
         // Check if User is allowed to issue a 'DROP DATABASE' Statement
         if (Sql::hasNoRightsToDropDatabase(
-            $analyzed_sql_results, $cfg['AllowUserDropDatabase'], $GLOBALS['is_superuser']
+            $analyzed_sql_results, $cfg['AllowUserDropDatabase'], $GLOBALS['dbi']->isSuperuser()
         )) {
             PhpMyAdmin\Util::mysqlDie(
                 __('"DROP DATABASE" statements are disabled.'),

libraries/check_user_privileges.inc.php

@@ -11,8 +11,6 @@
 
 use PhpMyAdmin\CheckUserPrivileges;
 
-$GLOBALS['is_superuser'] = $GLOBALS['dbi']->isSuperuser();
-
 list($username, $hostname) = $GLOBALS['dbi']->getCurrentUserAndHost();
 if ($username === '') { // MySQL is started with --skip-grant-tables
     $GLOBALS['is_create_db_priv'] = true;

libraries/classes/Controllers/Server/ServerDatabasesController.php

@@ -63,7 +63,7 @@ public function indexAction()
 
         if (isset($_REQUEST['drop_selected_dbs'])
             && $response->isAjax()
-            && ($GLOBALS['is_superuser'] || $GLOBALS['cfg']['AllowUserDropDatabase'])
+            && ($GLOBALS['dbi']->isSuperuser() || $GLOBALS['cfg']['AllowUserDropDatabase'])
         ) {
             $this->dropDatabasesAction();
             return;
@@ -384,7 +384,7 @@ private function _getColumnOrder()
      */
     private function _getHtmlForTableFooterButtons()
     {
-        if (! $GLOBALS['is_superuser']
+        if (! $GLOBALS['dbi']->isSuperuser()
             && ! $GLOBALS['cfg']['AllowUserDropDatabase']
         ) {
             return '';

libraries/classes/Controllers/Table/TableStructureController.php

@@ -295,7 +295,6 @@ public function indexAction()
             $db = $this->db;
             $table = $this->table;
             $cfg = $GLOBALS['cfg'];
-            $is_superuser = $GLOBALS['dbi']->isSuperuser();
             $pmaThemeImage = $GLOBALS['pmaThemeImage'];
             include 'sql.php';
             $GLOBALS['reload'] = true;

libraries/classes/Display/ChangePassword.php

@@ -97,7 +97,6 @@ public static function getHtml($mode, $username, $hostname)
             $username,
             $hostname
         );
-        $is_superuser = $GLOBALS['dbi']->isSuperuser();
 
         if (($serverType == 'MySQL'
             && $serverVersion >= 50507)
@@ -108,7 +107,7 @@ public static function getHtml($mode, $username, $hostname)
             // OR for privileged users in 5.5.7+
             if (($serverType == 'MySQL'
                 && $serverVersion >= 50706)
-                || ($is_superuser && $mode == 'edit_other')
+                || ($GLOBALS['dbi']->isSuperuser() && $mode == 'edit_other')
             ) {
                 $auth_plugin_dropdown = Privileges::getHtmlForAuthPluginsDropdown(
                     $orig_auth_plugin, 'change_pw', 'new'

libraries/classes/Import.php

@@ -179,7 +179,7 @@ public static function runQuery($sql = '', $full = '', array &$sql_data = array(
         global $import_run_buffer, $go_sql, $complete_query, $display_query,
             $sql_query, $error, $reload, $result, $msg,
             $skip_queries, $executed_queries, $max_sql_len, $read_multiply,
-            $cfg, $sql_query_disabled, $db, $run_query, $is_superuser;
+            $cfg, $sql_query_disabled, $db, $run_query;
         $read_multiply = 1;
         if (!isset($import_run_buffer)) {
             // Do we have something to push into buffer?

libraries/classes/Rte/RteList.php

@@ -231,7 +231,7 @@ public static function getRoutineRow(array $routine, $rowclass = '')
         // CREATE ROUTINE privilege to avoid lost procedures.
         if ((Util::currentUserHasPrivilege('CREATE ROUTINE', $db)
             && $curr_user == $routine_definer)
-            || $GLOBALS['is_superuser']
+            || $GLOBALS['dbi']->isSuperuser()
         ) {
             $retval .= '                <a ' . $ajax_class['edit']
                                              . ' href="db_routines.php'
@@ -299,7 +299,7 @@ public static function getRoutineRow(array $routine, $rowclass = '')
         $retval .= "            <td>\n";
         if ((Util::currentUserHasPrivilege('CREATE ROUTINE', $db)
             && $curr_user == $routine_definer)
-            || $GLOBALS['is_superuser']
+            || $GLOBALS['dbi']->isSuperuser()
         ) {
             $retval .= '                <a ' . $ajax_class['export']
                                              . ' href="db_routines.php'

libraries/classes/Server/Privileges.php

@@ -637,7 +637,7 @@ public static function getHtmlToDisplayPrivilegesTable($db = '*',
             $row = $GLOBALS['dbi']->fetchSingleRow($sql_query);
         }
         if (empty($row)) {
-            if ($table == '*' && $GLOBALS['is_superuser']) {
+            if ($table == '*' && $GLOBALS['dbi']->isSuperuser()) {
                 $row = array();
                 if ($db == '*') {
                     $sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;';
@@ -1865,7 +1865,6 @@ public static function updatePassword($err_url, $username, $hostname)
     {
         // similar logic in user_password.php
         $message = '';
-        $is_superuser = $GLOBALS['dbi']->isSuperuser();
 
         if (empty($_REQUEST['nopass'])
             && isset($_POST['pma_pw'])
@@ -1917,7 +1916,7 @@ public static function updatePassword($err_url, $username, $hostname)
                     . $GLOBALS['dbi']->escapeString($_POST['pma_pw']) . "'";
             } else if ($serverType == 'MariaDB'
                 && $serverVersion >= 50200
-                && $is_superuser
+                && $GLOBALS['dbi']->isSuperuser()
             ) {
                 // Use 'UPDATE `mysql`.`user` ...' Syntax for MariaDB 5.2+
                 if ($authentication_plugin == 'mysql_native_password') {
@@ -2346,7 +2345,8 @@ public static function getHtmlTableBodyForSpecificDbRoutinePrivs($db, $index_che
     public static function getHtmlForSpecificDbPrivileges($db)
     {
         $html_output = '';
-        if ($GLOBALS['is_superuser']) {
+
+        if ($GLOBALS['dbi']->isSuperuser()) {
             // check the privileges for a particular database.
             $html_output  = '<form id="usersForm" action="server_privileges.php">';
             $html_output .= Url::getHiddenInputs($db);
@@ -2422,7 +2422,7 @@ public static function getHtmlForSpecificDbPrivileges($db)
     public static function getHtmlForSpecificTablePrivileges($db, $table)
     {
         $html_output = '';
-        if ($GLOBALS['is_superuser']) {
+        if ($GLOBALS['dbi']->isSuperuser()) {
             // check the privileges for a particular table.
             $html_output  = '<form id="usersForm" action="server_privileges.php">';
             $html_output .= Url::getHiddenInputs($db, $table);

libraries/classes/Server/Users.php

@@ -33,7 +33,7 @@ public static function getHtmlForSubMenusOnUsersPage($selfUrl)
             )
         );
 
-        if ($GLOBALS['is_superuser']) {
+        if ($GLOBALS['dbi']->isSuperuser()) {
             $items[] = array(
                 'name' => __('User groups'),
                 'url' => 'server_user_groups.php',

libraries/common.inc.php

@@ -754,11 +754,6 @@
     Core::fatalError(__('possible exploit'));
 }
 
-// here, the function does not exist with this configuration:
-// $cfg['ServerDefault'] = 0;
-$GLOBALS['is_superuser']
-    = isset($GLOBALS['dbi']) && $GLOBALS['dbi']->isSuperuser();
-
 if (!empty($__redirect) && in_array($__redirect, $goto_whitelist)) {
     /**
      * include subform target page

libraries/server_common.inc.php

@@ -34,11 +34,10 @@
 /**
  * @global boolean Checks for superuser privileges
  */
-$GLOBALS['is_superuser'] = $GLOBALS['dbi']->isSuperuser();
 $GLOBALS['is_grantuser'] = $GLOBALS['dbi']->isUserType('grant');
 $GLOBALS['is_createuser'] = $GLOBALS['dbi']->isUserType('create');
 
 // now, select the mysql db
-if ($GLOBALS['is_superuser']) {
+if ($GLOBALS['dbi']->isSuperuser()) {
     $GLOBALS['dbi']->selectDb('mysql', $GLOBALS['userlink']);
 }

server_privileges.php

@@ -129,7 +129,7 @@
 /**
  * Checks if the user is allowed to do what he tries to...
  */
-if (!$GLOBALS['is_superuser'] && !$GLOBALS['is_grantuser']
+if (!$GLOBALS['dbi']->isSuperuser() && !$GLOBALS['is_grantuser']
     && !$GLOBALS['is_createuser']
 ) {
     $response->addHTML(Common::getHtmlForSubPageHeader('privileges', '', false));
@@ -241,7 +241,7 @@
  * Assign users to user groups
  */
 if (! empty($_REQUEST['changeUserGroup']) && $cfgRelation['menuswork']
-    && $GLOBALS['is_superuser'] && $GLOBALS['is_createuser']
+    && $GLOBALS['dbi']->isSuperuser() && $GLOBALS['is_createuser']
 ) {
     Privileges::setUserGroup($username, $_REQUEST['userGroup']);
     $message = Message::success();

server_replication.php

@@ -30,7 +30,7 @@
 /**
  * Checks if the user is allowed to do what he tries to...
  */
-if (! $is_superuser) {
+if (! $GLOBALS['dbi']->isSuperuser()) {
     $html  = Common::getHtmlForSubPageHeader('replication');
     $html .= PhpMyAdmin\Message::error(__('No Privileges'))->getDisplay();
     $response->addHTML($html);

server_user_groups.php

@@ -25,7 +25,7 @@
 /**
  * Only allowed to superuser
  */
-if (! $GLOBALS['is_superuser']) {
+if (! $GLOBALS['dbi']->isSuperuser()) {
     $response->addHTML(
         PhpMyAdmin\Message::error(__('No Privileges'))
             ->getDisplay()

sql.php

@@ -152,7 +152,7 @@
  * into account this case.
  */
 if (Sql::hasNoRightsToDropDatabase(
-    $analyzed_sql_results, $cfg['AllowUserDropDatabase'], $is_superuser
+    $analyzed_sql_results, $cfg['AllowUserDropDatabase'], $GLOBALS['dbi']->isSuperuser()
 )) {
     Util::mysqlDie(
         __('"DROP DATABASE" statements are disabled.'),

templates/server/databases/table_footer.phtml

@@ -1,6 +1,6 @@
 <tfoot>
     <tr>
-        <?php if ($GLOBALS['is_superuser'] || $GLOBALS['cfg']['AllowUserDropDatabase']): ?>
+        <?php if ($GLOBALS['dbi']->isSuperuser() || $GLOBALS['cfg']['AllowUserDropDatabase']): ?>
             <th></th>
         <?php endif; ?>
         <th>
@@ -39,4 +39,4 @@
         <?php endif; ?>
         <th></th>
     </tr>
-</tfoot>
+</tfoot>

templates/server/databases/table_header.phtml

@@ -1,6 +1,6 @@
 <thead>
     <tr>
-        <?php if ($GLOBALS['is_superuser'] || $GLOBALS['cfg']['AllowUserDropDatabase']): ?>
+        <?php if ($GLOBALS['dbi']->isSuperuser() || $GLOBALS['cfg']['AllowUserDropDatabase']): ?>
             <th></th>
         <?php endif; ?>
         <th>

templates/server/databases/table_row.phtml

@@ -1,5 +1,5 @@
 <tr <?= $tr_class ? ('class="' . $tr_class . '"') : ''; ?>>
-    <?php if ($GLOBALS['is_superuser'] || $GLOBALS['cfg']['AllowUserDropDatabase']): ?>
+    <?php if ($GLOBALS['dbi']->isSuperuser() || $GLOBALS['cfg']['AllowUserDropDatabase']): ?>
         <td class="tool">
             <input type="checkbox" name="selected_dbs[]" class="checkall"
                    title="<?= htmlspecialchars($current['SCHEMA_NAME']); ?>"

test/classes/Controllers/Server/ServerCollationsControllerTest.php

@@ -18,7 +18,6 @@
  */
 //$GLOBALS
 $GLOBALS['server'] = 1;
-$GLOBALS['is_superuser'] = false;
 $GLOBALS['cfg']['ServerDefault'] = 1;
 $GLOBALS['url_query'] = "url_query";
 $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF');

test/classes/Controllers/Server/ServerDatabasesControllerTest.php

@@ -37,7 +37,6 @@ public function setUp()
         //$GLOBALS
         $GLOBALS['PMA_Config'] = new Config();
         $GLOBALS['PMA_Config']->enableBc();
-        $GLOBALS['is_superuser'] = true;
 
         $GLOBALS['table'] = "table";
         $GLOBALS['replication_info']['master']['status'] = false;

test/classes/Server/PrivilegesTest.php

@@ -127,7 +127,6 @@ public function setUp()
             ->will($this->returnArgument(0));
 
         $GLOBALS['dbi'] = $dbi;
-        $GLOBALS['is_superuser'] = true;
         $GLOBALS['is_grantuser'] = true;
         $GLOBALS['is_createuser'] = true;
         $GLOBALS['is_reload_priv'] = true;
@@ -1475,6 +1474,8 @@ public function testPMAGetHtmlForSpecificDbPrivileges()
             array('COLUMN_NAME' => 'Host', 'CHARACTER_MAXIMUM_LENGTH' => 80),
             array('COLUMN_NAME' => 'User', 'CHARACTER_MAXIMUM_LENGTH' => 40),
         );
+        $dbi->expects($this->any())->method('isSuperuser')
+            ->will($this->returnValue(true));
         $dbi->expects($this->any())->method('fetchResult')
             ->will($this->returnValue($fields_info));
         $dbi->expects($this->any())
@@ -1558,6 +1559,8 @@ public function testPMAGetHtmlForSpecificTablePrivileges()
         $dbi->expects($this->any())
             ->method('escapeString')
             ->will($this->returnArgument(0));
+        $dbi->expects($this->any())->method('isSuperuser')
+            ->will($this->returnValue(true));
 
         $GLOBALS['dbi'] = $dbi;
 

test/classes/Server/UsersTest.php

@@ -26,6 +26,7 @@ class UsersTest extends TestCase
      */
     public function testGetHtmlForSubMenusOnUsersPage()
     {
+        $GLOBALS['server'] = 1;
         $html = Users::getHtmlForSubMenusOnUsersPage('server_privileges.php');
 
         //validate 1: topmenu2