Fix for an Issue #216

lib/core/common.py

@@ -3005,6 +3005,34 @@ def asciifyUrl(url, forceQuote=False):
 
     return urlparse.urlunsplit([parts.scheme, netloc, path, query, parts.fragment])
 
+def isAdminFromPrivileges(privileges):
+    """
+    Inspects privileges to see if those are comming from an admin user
+    """
+
+    # In PostgreSQL the usesuper privilege means that the
+    # user is DBA
+    retVal = (Backend.isDbms(DBMS.PGSQL) and "super" in privileges)
+
+    # In Oracle the DBA privilege means that the
+    # user is DBA
+    retVal |= (Backend.isDbms(DBMS.ORACLE) and "DBA" in privileges)
+
+    # In MySQL >= 5.0 the SUPER privilege means
+    # that the user is DBA
+    retVal |= (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema and "SUPER" in privileges)
+
+    # In MySQL < 5.0 the super_priv privilege means
+    # that the user is DBA
+    retVal |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema and "super_priv" in privileges)
+
+    # In Firebird there is no specific privilege that means
+    # that the user is DBA
+    # TODO: confirm
+    retVal |= (Backend.isDbms(DBMS.FIREBIRD) and "SELECT" in privileges and "INSERT" in privileges and "UPDATE" in privileges and "DELETE" in privileges and "REFERENCES" in privileges and "EXECUTE" in privileges)
+
+    return retVal
+
 def findPageForms(content, url, raise_=False, addToTargets=False):
     """
     Parses given page content for possible forms

plugins/dbms/oracle/enumeration.py

@@ -7,6 +7,7 @@ See the file 'doc/COPYING' for copying permission
 
 from lib.core.common import Backend
 from lib.core.common import getLimitRange
+from lib.core.common import isAdminFromPrivileges
 from lib.core.common import isInferenceAvailable
 from lib.core.common import isNoneValue
 from lib.core.common import isNumPosStrValue
@@ -78,7 +79,7 @@ class Enumeration(GenericEnumeration):
                             # In Oracle we get the list of roles as string
                             roles.add(role)
 
-                    if self.__isAdminFromPrivileges(roles):
+                    if isAdminFromPrivileges(roles):
                         areAdmins.add(user)
 
                     if kb.data.cachedUsersRoles.has_key(user):

plugins/generic/users.py

@@ -13,6 +13,7 @@ from lib.core.common import Backend
 from lib.core.common import filterPairValues
 from lib.core.common import getLimitRange
 from lib.core.common import getUnicode
+from lib.core.common import isAdminFromPrivileges
 from lib.core.common import isInferenceAvailable
 from lib.core.common import isNoneValue
 from lib.core.common import isNumPosStrValue
@@ -309,30 +310,6 @@ class Users:
 
         return kb.data.cachedUsersPasswords
 
-    def __isAdminFromPrivileges(self, privileges):
-        # In PostgreSQL the usesuper privilege means that the
-        # user is DBA
-        dbaCondition = (Backend.isDbms(DBMS.PGSQL) and "super" in privileges)
-
-        # In Oracle the DBA privilege means that the
-        # user is DBA
-        dbaCondition |= (Backend.isDbms(DBMS.ORACLE) and "DBA" in privileges)
-
-        # In MySQL >= 5.0 the SUPER privilege means
-        # that the user is DBA
-        dbaCondition |= (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema and "SUPER" in privileges)
-
-        # In MySQL < 5.0 the super_priv privilege means
-        # that the user is DBA
-        dbaCondition |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema and "super_priv" in privileges)
-
-        # In Firebird there is no specific privilege that means
-        # that the user is DBA
-        # TODO: confirm
-        dbaCondition |= (Backend.isDbms(DBMS.FIREBIRD) and "SELECT" in privileges and "INSERT" in privileges and "UPDATE" in privileges and "DELETE" in privileges and "REFERENCES" in privileges and "EXECUTE" in privileges)
-
-        return dbaCondition
-
     def getPrivileges(self, query2=False):
         infoMsg = "fetching database users privileges"
 
@@ -441,7 +418,7 @@ class Users:
 
                                 privileges.add(privilege)
 
-                    if self.__isAdminFromPrivileges(privileges):
+                    if isAdminFromPrivileges(privileges):
                         areAdmins.add(user)
 
                     if user in kb.data.cachedUsersPrivileges:
@@ -579,7 +556,7 @@ class Users:
 
                         privileges.add(privilege)
 
-                    if self.__isAdminFromPrivileges(privileges):
+                    if isAdminFromPrivileges(privileges):
                         areAdmins.add(user)
 
                     # In MySQL < 5.0 we break the cycle after the first