mirror of
https://github.com/pgadmin-org/pgadmin4.git
synced 2024-11-24 17:50:20 -06:00
Updated Flask-Security-Too to the latest v4. Fixes #6225
This commit is contained in:
parent
2aa2d79de2
commit
065a3aa2f5
@ -20,6 +20,7 @@ New features
|
||||
Housekeeping
|
||||
************
|
||||
|
||||
| `Issue #6225 <https://redmine.postgresql.org/issues/6225>`_ - Updated Flask-Security-Too to the latest v4.
|
||||
|
||||
Bug fixes
|
||||
*********
|
||||
|
@ -29,7 +29,7 @@ psycopg2==2.8.*
|
||||
python-dateutil==2.*
|
||||
SQLAlchemy==1.3.*
|
||||
itsdangerous<=1.1.0
|
||||
Flask-Security-Too==3.*
|
||||
Flask-Security-Too==4.*
|
||||
bcrypt==3.*
|
||||
cryptography==3.*
|
||||
sshtunnel==0.*
|
||||
|
57
web/migrations/versions/c465fee44968_.py
Normal file
57
web/migrations/versions/c465fee44968_.py
Normal file
@ -0,0 +1,57 @@
|
||||
|
||||
"""empty message
|
||||
|
||||
Revision ID: c465fee44968
|
||||
Revises: d0bc9f32b2b9
|
||||
Create Date: 2021-06-04 14:42:12.843116
|
||||
|
||||
"""
|
||||
from pgadmin.model import db, User
|
||||
import uuid
|
||||
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = 'c465fee44968'
|
||||
down_revision = 'd0bc9f32b2b9'
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
|
||||
def upgrade():
|
||||
db.engine.execute("ALTER TABLE user RENAME TO user_old")
|
||||
|
||||
db.engine.execute("""
|
||||
CREATE TABLE user (
|
||||
id INTEGER NOT NULL,
|
||||
username VARCHAR(256) NOT NULL,
|
||||
email VARCHAR(256),
|
||||
password VARCHAR(256),
|
||||
active BOOLEAN NOT NULL,
|
||||
confirmed_at DATETIME,
|
||||
masterpass_check VARCHAR(256),
|
||||
auth_source VARCHAR(256) NOT NULL DEFAULT 'internal',
|
||||
fs_uniquifier NOT NULL UNIQUE,
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE (username, auth_source, fs_uniquifier),
|
||||
CHECK (active IN (0, 1))
|
||||
);
|
||||
""")
|
||||
|
||||
user_old = db.engine.execute(
|
||||
'select id, username, email, password, active, '
|
||||
'confirmed_at, masterpass_check, auth_source '
|
||||
'from user_old')
|
||||
|
||||
db.engine.execute(User.__table__.insert(), [
|
||||
{
|
||||
**row,
|
||||
'fs_uniquifier': uuid.uuid4().hex
|
||||
} for row in user_old
|
||||
])
|
||||
|
||||
db.engine.execute("DROP TABLE user_old")
|
||||
|
||||
|
||||
def downgrade():
|
||||
# pgAdmin only upgrades, downgrade not implemented.
|
||||
pass
|
@ -305,7 +305,7 @@ def create_app(app_name=None):
|
||||
if current_user.is_authenticated:
|
||||
user_id = current_user.id
|
||||
else:
|
||||
user = user_datastore.get_user(config.DESKTOP_USER)
|
||||
user = user_datastore.find_user(email=config.DESKTOP_USER)
|
||||
if user is not None:
|
||||
user_id = user.id
|
||||
user_language = Preferences.raw_value(
|
||||
@ -697,7 +697,7 @@ def create_app(app_name=None):
|
||||
abort(401)
|
||||
|
||||
if not config.SERVER_MODE and not current_user.is_authenticated:
|
||||
user = user_datastore.get_user(config.DESKTOP_USER)
|
||||
user = user_datastore.find_user(email=config.DESKTOP_USER)
|
||||
# Throw an error if we failed to find the desktop user, to give
|
||||
# the sysadmin a hint. We'll continue to try to login anyway as
|
||||
# that'll through a nice 500 error for us.
|
||||
|
@ -32,7 +32,7 @@ from flask_security.recoverable import reset_password_token_status, \
|
||||
from flask_security.signals import reset_password_instructions_sent
|
||||
from flask_security.utils import config_value, do_flash, get_url, \
|
||||
get_message, slash_url_suffix, login_user, send_mail, logout_user
|
||||
from flask_security.views import _security, _commit, _ctx
|
||||
from flask_security.views import _security, view_commit, _ctx
|
||||
from werkzeug.datastructures import MultiDict
|
||||
|
||||
import config
|
||||
@ -1144,7 +1144,7 @@ if hasattr(config, 'SECURITY_CHANGEABLE') and config.SECURITY_CHANGEABLE:
|
||||
has_error = True
|
||||
|
||||
if request.json is None and not has_error:
|
||||
after_this_request(_commit)
|
||||
after_this_request(view_commit)
|
||||
do_flash(*get_message('PASSWORD_CHANGE'))
|
||||
|
||||
old_key = get_crypt_key()[1]
|
||||
@ -1310,7 +1310,7 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:
|
||||
has_error = True
|
||||
|
||||
if not has_error:
|
||||
after_this_request(_commit)
|
||||
after_this_request(view_commit)
|
||||
do_flash(*get_message('PASSWORD_RESET'))
|
||||
login_user(user)
|
||||
return redirect(get_url(_security.post_reset_view) or
|
||||
|
@ -20,6 +20,7 @@ things:
|
||||
|
||||
from flask_security import UserMixin, RoleMixin
|
||||
from flask_sqlalchemy import SQLAlchemy
|
||||
import uuid
|
||||
|
||||
##########################################################################
|
||||
#
|
||||
@ -29,7 +30,7 @@ from flask_sqlalchemy import SQLAlchemy
|
||||
#
|
||||
##########################################################################
|
||||
|
||||
SCHEMA_VERSION = 29
|
||||
SCHEMA_VERSION = 30
|
||||
|
||||
##########################################################################
|
||||
#
|
||||
@ -76,6 +77,9 @@ class User(db.Model, UserMixin):
|
||||
roles = db.relationship('Role', secondary=roles_users,
|
||||
backref=db.backref('users', lazy='dynamic'))
|
||||
auth_source = db.Column(db.String(16), unique=True, nullable=False)
|
||||
# fs_uniquifier is required by flask-security-too >= 4.
|
||||
fs_uniquifier = db.Column(db.String(255), unique=True, nullable=False,
|
||||
default=(lambda _: uuid.uuid4().hex))
|
||||
|
||||
|
||||
class Setting(db.Model):
|
||||
|
Loading…
Reference in New Issue
Block a user