diff --git a/web/pgadmin/browser/server_groups/servers/static/js/server.ui.js b/web/pgadmin/browser/server_groups/servers/static/js/server.ui.js index a6a619aa2..8ea3cf189 100644 --- a/web/pgadmin/browser/server_groups/servers/static/js/server.ui.js +++ b/web/pgadmin/browser/server_groups/servers/static/js/server.ui.js @@ -349,6 +349,7 @@ export default class ServerSchema extends BaseUISchema { group: gettext('Advanced'), controlProps: {maxLength: null}, mode: ['properties', 'edit', 'create'], disabled: pgAdmin.server_mode == 'True' && pgAdmin.enable_server_passexec_cmd == 'False', + helpMessage: gettext('The server hostname, port, and username can be passed as variables by using the placeholders %HOST%, %PORT%, and %USERNAME%, which will be replaced with the corresponding server connection information.') }, { id: 'passexec_expiration', label: gettext('Password exec expiration (seconds)'), type: 'int', diff --git a/web/pgadmin/utils/passexec.py b/web/pgadmin/utils/passexec.py index 189b15c7d..9f28e3234 100644 --- a/web/pgadmin/utils/passexec.py +++ b/web/pgadmin/utils/passexec.py @@ -14,6 +14,7 @@ from threading import Lock from flask import current_app import config +from pgadmin.utils.driver import get_driver class PasswordExec: @@ -22,9 +23,9 @@ class PasswordExec: def __init__(self, cmd, host, port, username, expiration_seconds=None, timeout=60): - cmd = str(cmd).replace('%HOSTNAME%', host) - cmd = cmd.replace('%PORT%', str(port)) - cmd = cmd.replace('%USERNAME%', username) + self.host = host + self.port = port + self.username = username self.cmd = cmd self.expiration_seconds = int(expiration_seconds) \ if expiration_seconds is not None else None @@ -36,6 +37,12 @@ class PasswordExec: if config.SERVER_MODE and not config.ENABLE_SERVER_PASS_EXEC_CMD: # Arbitrary shell execution on server is a security risk raise NotImplementedError('Passexec not available in server mode') + driver = get_driver(config.PG_DEFAULT_DRIVER) + self.cmd = str(self.cmd) + self.cmd = self.cmd.replace('%HOSTNAME%', self.host) + self.cmd = self.cmd.replace('%PORT%', str(self.port)) + self.cmd = self.cmd.replace('%USERNAME%', + driver.qtIdent(None,self.username)) with self.lock: if not self.password or self.is_expired(): if not self.cmd: