pgadmin4/web/migrations/versions/f195f9a4923d_.py

##########################################################################
#
# pgAdmin 4 - PostgreSQL Tools
#
# Copyright (C) 2013 - 2025, The pgAdmin Development Team
# This software is released under the PostgreSQL Licence
#
##########################################################################
"""Encrypt the existing user password.

Revision ID: f195f9a4923d
Revises: 3c1e4b6eda55
Create Date: 2017-06-15 17:18:50.667139

"""
import config
from flask import current_app
from flask_security import Security, SQLAlchemyUserDatastore
from flask_security.utils import verify_and_update_password
from alembic import op
from sqlalchemy.orm.session import Session
from pgadmin.model import Keys, db, User, Role

# revision identifiers, used by Alembic.
revision = 'f195f9a4923d'
down_revision = '3c1e4b6eda55'
branch_labels = None
depends_on = None


def upgrade():
    app = current_app
    session = Session(bind=op.get_bind())
    current_salt = session.query(Keys).filter_by(
        name='SECURITY_PASSWORD_SALT').first().value
    app.config.update(dict(SECURITY_PASSWORD_SALT=current_salt))
    app.config['SECURITY_PASSWORD_HASH'] = config.SECURITY_PASSWORD_HASH

    if app.extensions.get('security') is None:
        user_datastore = SQLAlchemyUserDatastore(db, User, Role)
        Security(app, user_datastore, register_blueprint=False)
    else:
        app.config['SECURITY_PASSWORD_SALT'] = current_salt

    users = session.query(User).with_entities(
        User.id, User.email, User.password, User.active, User.confirmed_at)\
        .all()
    # This will upgrade the plaintext password of all the user as per the
    # SECURITY_PASSWORD_HASH.
    for user in users:
        if user.password is not None:
            verify_and_update_password(user.password, user)


def downgrade():
    # pgAdmin only upgrades, downgrade not implemented.
    pass
Added support for storing configurations of pgAdmin in an external database. #1832 2022-10-20 05:48:41 -05:00			`##########################################################################`
			`#`
			`# pgAdmin 4 - PostgreSQL Tools`
			`#`
Copyright updated for 2025 2024-12-31 23:56:42 -06:00			`# Copyright (C) 2013 - 2025, The pgAdmin Development Team`
Added support for storing configurations of pgAdmin in an external database. #1832 2022-10-20 05:48:41 -05:00			`# This software is released under the PostgreSQL Licence`
			`#`
			`##########################################################################`
Ensure the initial password is properly hashed during setup in web mode. Fixes #2492 2017-07-10 10:08:35 -05:00			`"""Encrypt the existing user password.`

			`Revision ID: f195f9a4923d`
			`Revises: 3c1e4b6eda55`
			`Create Date: 2017-06-15 17:18:50.667139`

			`"""`
Dead code cleanup. 2017-09-28 04:16:49 -05:00			`import config`
Ensure the initial password is properly hashed during setup in web mode. Fixes #2492 2017-07-10 10:08:35 -05:00			`from flask import current_app`
			`from flask_security import Security, SQLAlchemyUserDatastore`
			`from flask_security.utils import verify_and_update_password`
Added support for storing configurations of pgAdmin in an external database. #1832 2022-10-20 05:48:41 -05:00			`from alembic import op`
			`from sqlalchemy.orm.session import Session`
Ensure the initial password is properly hashed during setup in web mode. Fixes #2492 2017-07-10 10:08:35 -05:00			`from pgadmin.model import Keys, db, User, Role`

			`# revision identifiers, used by Alembic.`
			`revision = 'f195f9a4923d'`
			`down_revision = '3c1e4b6eda55'`
			`branch_labels = None`
			`depends_on = None`


			`def upgrade():`
			`app = current_app`
Added support for storing configurations of pgAdmin in an external database. #1832 2022-10-20 05:48:41 -05:00			`session = Session(bind=op.get_bind())`
			`current_salt = session.query(Keys).filter_by(`
			`name='SECURITY_PASSWORD_SALT').first().value`
Ensure the initial password is properly hashed during setup in web mode. Fixes #2492 2017-07-10 10:08:35 -05:00			`app.config.update(dict(SECURITY_PASSWORD_SALT=current_salt))`
			`app.config['SECURITY_PASSWORD_HASH'] = config.SECURITY_PASSWORD_HASH`

			`if app.extensions.get('security') is None:`
			`user_datastore = SQLAlchemyUserDatastore(db, User, Role)`
			`Security(app, user_datastore, register_blueprint=False)`
			`else:`
			`app.config['SECURITY_PASSWORD_SALT'] = current_salt`
1. Added Master Password to increase the security of saved passwords. Fixes #4184 2. In server(web) mode, update all the saved server credentials when user password is changed. Fixes #3377 2019-05-28 01:30:18 -05:00
Added support for storing configurations of pgAdmin in an external database. #1832 2022-10-20 05:48:41 -05:00			`users = session.query(User).with_entities(`
1. Added Master Password to increase the security of saved passwords. Fixes #4184 2. In server(web) mode, update all the saved server credentials when user password is changed. Fixes #3377 2019-05-28 01:30:18 -05:00			`User.id, User.email, User.password, User.active, User.confirmed_at)\`
			`.all()`
Ensure the initial password is properly hashed during setup in web mode. Fixes #2492 2017-07-10 10:08:35 -05:00			`# This will upgrade the plaintext password of all the user as per the`
			`# SECURITY_PASSWORD_HASH.`
			`for user in users:`
			`if user.password is not None:`
			`verify_and_update_password(user.password, user)`


			`def downgrade():`
1) Fixed cognitive complexity issues reported by SonarQube. 2) Fixed code smell 'Add a nested comment explaining why this method is empty, or complete the implementation'. 2020-07-24 01:16:30 -05:00			`# pgAdmin only upgrades, downgrade not implemented.`
Ensure the initial password is properly hashed during setup in web mode. Fixes #2492 2017-07-10 10:08:35 -05:00			`pass`