Ensure the crypt key is retrieved correctly on backend server restart. #8065

2024-11-21 08:24:14 -06:00 · 2024-11-21 15:55:38 +05:30 · 2024-11-21 15:55:38 +05:30 · 026c0d2389
commit 026c0d2389
parent 032583e280
4 changed files with 16 additions and 6 deletions
--- a/docs/en_US/container_deployment.rst
+++ b/docs/en_US/container_deployment.rst
@ -142,6 +142,12 @@ Override the default file path for the preferences customization at the containe
 /pgadmin4/preferences.json mapped file below for more information. See the format
 of the `Preferences JSON file <https://www.pgadmin.org/docs/pgadmin4/latest/preferences.html#json-format>`_.

+**PGPASS_FILE**
+
+*Default: <null>*
+This varible should be set to if you want to pass password using pgpass
+file for the servers added in pgadmin.
+
 **GUNICORN_ACCESS_LOGFILE**

 *Default: -* (stdout)
--- a/web/pgadmin/utils/driver/psycopg3/server_manager.py
+++ b/web/pgadmin/utils/driver/psycopg3/server_manager.py
@ -242,7 +242,8 @@ WHERE db.oid = {0}""".format(did))
                                "Could not find the specified database."
                            ))

-        if not get_crypt_key()[0]:
+        if not get_crypt_key()[0] and (
+                config.SERVER_MODE or not config.USE_OS_SECRET_STORAGE):
            # the reason its not connected might be missing key
            raise CryptKeyMissing()

--- a/web/pgadmin/utils/master_password.py
+++ b/web/pgadmin/utils/master_password.py
@ -28,13 +28,14 @@ def get_crypt_key():
    :return: the key
    """
    enc_key = current_app.keyManager.get()
-    # if desktop mode and master pass disabled then use the password hash
+    # if desktop mode and master pass and local os secret is
+    # disabled then use the password hash
    if not config.MASTER_PASSWORD_REQUIRED and\
            not config.USE_OS_SECRET_STORAGE and not config.SERVER_MODE:
        return True, current_user.password
    # if desktop mode and master pass enabled
-    elif config.MASTER_PASSWORD_REQUIRED and \
-            enc_key is None:
+    elif (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
+            and enc_key is None:
        return False, None
    elif not config.MASTER_PASSWORD_REQUIRED and config.SERVER_MODE and \
            'pass_enc_key' in session:
--- a/web/regression/feature_tests/pg_utilities_maintenance_test.py
+++ b/web/regression/feature_tests/pg_utilities_maintenance_test.py
@ -112,9 +112,11 @@ class PGUtilitiesMaintenanceFeatureTest(BaseFeatureTest):
            (By.CSS_SELECTOR,
             NavMenuLocators.tools_menu_css),
            (By.CSS_SELECTOR, NavMenuLocators.maintenance_obj_css))
-        maintenance_obj = self.wait.until(EC.visibility_of_element_located(
+        self.wait.until(EC.visibility_of_element_located(
            (By.CSS_SELECTOR, NavMenuLocators.maintenance_obj_css)))
-        maintenance_obj.click()
+        self.page.retry_click(
+            (By.CSS_SELECTOR, NavMenuLocators.maintenance_obj_css),
+            (By.XPATH, NavMenuLocators.maintenance_operation))

        self.assertFalse(self.page.check_utility_error(),
                         'Binary path is not configured.')