IntenseWebs/pgadmin4
3
0
Fork 0
mirror of https://github.com/pgadmin-org/pgadmin4.git synced 2025-02-25 18:55:31 -06:00
Code Issues Packages Projects Releases Wiki Activity

Added encrypted password in reverse engineered SQL for roles. Fixes #1974.

Browse Source
This commit is contained in:
Aditya Toshniwal
2019-10-23 13:16:36 +05:30
committed by Akshay Joshi
parent 5b438e13cc
commit 02642628b0
7 changed files with 53 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
web/pgadmin/browser/server_groups/servers/roles/__init__.py
View File

@@ -735,9 +735,10 @@ rolmembership:{
@check_precondition()
def sql(self, gid, sid, rid):
show_password = self.conn.manager.user_info['is_superuser']
status, res = self.conn.execute_scalar(
render_template(
self.sql_path + 'sql.sql'
self.sql_path + 'sql.sql', show_password=show_password
),
dict({'rid': rid})
)

7
web/pgadmin/browser/server_groups/servers/roles/templates/roles/sql/9.4_plus/sql.sql
View File

@@ -8,7 +8,6 @@ FROM
pg_catalog.quote_ident(rolname) || E';\n\nCREATE ROLE ' ||
pg_catalog.quote_ident(rolname) || E' WITH\n ' ||
CASE WHEN rolcanlogin THEN 'LOGIN' ELSE 'NOLOGIN' END || E'\n ' ||
CASE WHEN rolcanlogin AND rolpassword LIKE 'md5%%' THEN 'ENCRYPTED PASSWORD ' || quote_literal(rolpassword) || E'\n ' ELSE '' END ||
CASE WHEN rolsuper THEN 'SUPERUSER' ELSE 'NOSUPERUSER' END || E'\n ' ||
CASE WHEN rolinherit THEN 'INHERIT' ELSE 'NOINHERIT' END || E'\n ' ||
CASE WHEN rolcreatedb THEN 'CREATEDB' ELSE 'NOCREATEDB' END || E'\n ' ||
@@ -16,6 +15,12 @@ FROM
-- PostgreSQL >= 9.1
CASE WHEN rolreplication THEN 'REPLICATION' ELSE 'NOREPLICATION' END ||
CASE WHEN rolconnlimit > 0 THEN E'\n CONNECTION LIMIT ' || rolconnlimit ELSE '' END ||
{% if show_password %}
(SELECT CASE
WHEN (rolpassword LIKE 'md5%%' or rolpassword LIKE 'SCRAM%%') THEN E'\n ENCRYPTED PASSWORD ''' || rolpassword || ''''
WHEN rolpassword IS NOT NULL THEN E'\n PASSWORD ''' || rolpassword || ''''
ELSE '' END FROM pg_authid au WHERE au.oid=r.oid) ||
{% endif %}
CASE WHEN rolvaliduntil IS NOT NULL THEN E'\n VALID UNTIL ' || quote_literal(rolvaliduntil::text) ELSE '' END || ';' AS sql
FROM
pg_roles r

1
web/pgadmin/browser/server_groups/servers/roles/tests/9.4_plus/alter_login_role_options.sql
View File

@@ -9,6 +9,7 @@ CREATE ROLE "Role2_$%{}[]()&*^!@""'`\/#" WITH
CREATEROLE
NOREPLICATION
CONNECTION LIMIT 100
ENCRYPTED PASSWORD '<PASSWORD>'
VALID UNTIL '<TIMESTAMPTZ>';
ALTER ROLE "Role2_$%{}[]()&*^!@""'`\/#" IN DATABASE postgres SET application_name TO 'pg4';

1
web/pgadmin/browser/server_groups/servers/roles/tests/9.4_plus/alter_role_options.sql
View File

@@ -9,6 +9,7 @@ CREATE ROLE "Role2_$%{}[]()&*^!@""'`\/#" WITH
NOCREATEROLE
NOREPLICATION
CONNECTION LIMIT 100
ENCRYPTED PASSWORD '<PASSWORD>'
VALID UNTIL '<TIMESTAMPTZ>';
ALTER ROLE "Role2_$%{}[]()&*^!@""'`\/#" IN DATABASE postgres SET application_name TO 'pg4';

6
web/pgadmin/browser/server_groups/servers/roles/tests/9.4_plus/test.json
View File

@@ -65,7 +65,8 @@
},
"expected_sql_file": "alter_role_options.sql",
"expected_msql_file": "alter_role_options.msql",
"convert_timestamp_columns": ["rolvaliduntil"]
"convert_timestamp_columns": ["rolvaliduntil"],
"replace_password": true
},
{
"type": "delete",
@@ -138,7 +139,8 @@
},
"expected_sql_file": "alter_login_role_options.sql",
"expected_msql_file": "alter_login_role_options.msql",
"convert_timestamp_columns": ["rolvaliduntil"]
"convert_timestamp_columns": ["rolvaliduntil"],
"replace_password": true
},
{
"type": "delete",