IntenseWebs/pgadmin4
3
0
Fork 0
mirror of https://github.com/pgadmin-org/pgadmin4.git synced 2025-01-23 23:13:38 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixed sonaqube security smells and bugs

Browse Source 
1. Delete unreachable code or refactor the code to make it reachable.
2. Unexpected var, use let or const instead.
3. Remove useless assignment to variable.
4. Define a constant instead of duplicating the literal
5. Remove commented out code
This commit is contained in:
Pravesh Sharma 2023-07-10 10:36:15 +05:30 committed by GitHub
parent 9aa116bf3f
commit 62056cab14
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 27 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
runtime/src/js/pgadmin.js
View File

@ -368,7 +368,7 @@ function addCommonMenus(menu) {
let _menu = new gui.Menu();
menu.menuItems.forEach((menuItem) => {
var submenu = getSubMenu(menuItem);
let submenu = getSubMenu(menuItem);
let _menuItem = new gui.MenuItem({
label: menuItem.label,
@ -417,8 +417,6 @@ function addCommonMenus(menu) {
}
function getRuntimeMenu() {
let controlKey = platform() === 'darwin' ? 'cmd' : 'ctrl';
let fullScreenKey = platform() === 'darwin' ? 'F' : 'F10';
let subMenus = new gui.Menu();
let rtmenudt = pgAdminMainScreen.window.pgAdmin.Browser.RUNTIME_MENUS_OPTIONS['runtime']
let runtimeSubMenus = pgAdminMainScreen.window.pgAdmin.Browser.RUNTIME_MENUS_OPTIONS['runtime']['submenus']
@ -558,7 +556,7 @@ function getSubMenu(menuItem) {
function addMacMenu(menu) {
if (menu.name == 'file' && platform() === 'darwin') {
var rootMenu = nativeMenu.items[0].submenu;
let rootMenu = nativeMenu.items[0].submenu;
let indx = 0;
menu.menuItems.forEach((menuItem) => {
let submenu = getSubMenu(menuItem);
@ -652,7 +650,7 @@ function refreshMenuItems(menu) {
}
menu.menuItems.forEach((item) => {
var submenu = new gui.Menu();
let submenu = new gui.Menu();
if (item.menu_items) {
item.menu_items.forEach((subItem) => {
submenu.append(new gui.MenuItem({

9
web/pgadmin/__init__.py
View File

@ -68,6 +68,8 @@ socketio = SocketIO(manage_session=False, async_mode='threading',
logger=False, engineio_logger=False, debug=False,
ping_interval=25, ping_timeout=120)
_INDEX_PATH = 'browser.index'
class PgAdmin(Flask):
def __init__(self, *args, **kwargs):
@ -126,8 +128,8 @@ class PgAdmin(Flask):
# into endpoints
#############################################################
wsgi_root_path = ''
if url_for('browser.index') != '/browser/':
wsgi_root_path = url_for('browser.index').replace(
if url_for(_INDEX_PATH) != '/browser/':
wsgi_root_path = url_for(_INDEX_PATH).replace(
'/browser/', ''
)
@ -540,7 +542,7 @@ def create_app(app_name=None):
# Make the Session more secure against XSS & CSRF when running in web mode
if config.SERVER_MODE and config.ENHANCED_COOKIE_PROTECTION:
paranoid = Paranoid(app)
paranoid.redirect_view = 'browser.index'
paranoid.redirect_view = _INDEX_PATH
##########################################################################
# Load all available server drivers
@ -717,7 +719,6 @@ def create_app(app_name=None):
except Exception as e:
print(str(e))
db.session.rollback()
pass
@user_logged_in.connect_via(app)
@user_logged_out.connect_via(app)

33
web/pgadmin/authenticate/mfa/authenticator.py
View File

@ -29,6 +29,7 @@ from pgadmin.utils.constants import MessageType
_TOTP_AUTH_METHOD = "authenticator"
_TOTP_AUTHENTICATOR = _("Authenticator App")
_OTP_PLACEHOLDER = _("Enter code")
class TOTPAuthenticator(BaseMFAuth):
@ -113,7 +114,7 @@ class TOTPAuthenticator(BaseMFAuth):
if totp.verify(code) is False:
raise ValidationException("Invalid Code")
def validation_view(self) -> str:
def validation_view(self) -> dict:
"""
Generate the portion of the view to render on the authentication page
@ -125,10 +126,10 @@ class TOTPAuthenticator(BaseMFAuth):
"Enter the code shown in your authenticator application for "
"TOTP (Time-based One-Time Password)"
),
otp_placeholder=_("Enter code"),
otp_placeholder=_OTP_PLACEHOLDER,
)
def _registration_view(self) -> str:
def _registration_view(self) -> dict:
"""
Internal function to generate a view for the registration page.
@ -164,31 +165,7 @@ class TOTPAuthenticator(BaseMFAuth):
auth_description=_(
"Scan the QR code and the enter the code from the "
"TOTP Authenticator application"
), otp_placeholder=_("Enter code")
)
return "".join([
"<h5 class='form-group text-center'>{auth_title}</h5>",
"<input type='hidden' name='{auth_method}' value='SETUP'/>",
"<input type='hidden' name='VALIDATE' value='validate'/>",
"<img src='data:image/jpeg;base64,{image}'" +
" alt='{qrcode_alt_text}' class='w-100'/>",
"<div class='form-group pt-3'>{auth_description}</div>",
"<div class='form-group'>",
"<input class='form-control' " +
" placeholder='{otp_placeholder}' name='code'" +
" type='password' autofocus='' autocomplete='one-time-code'" +
" pattern='\\d*' require>",
"</div>",
]).format(
auth_title=_(_TOTP_AUTHENTICATOR),
auth_method=_TOTP_AUTH_METHOD,
image=img_base64.decode("utf-8"),
qrcode_alt_text=_("TOTP Authenticator QRCode"),
auth_description=_(
"Scan the QR code and the enter the code from the "
"TOTP Authenticator application"
), otp_placeholder=_("Enter code")
), otp_placeholder=_OTP_PLACEHOLDER
)
def registration_view(self, form_data) -> Union[str, None]:

12
web/pgadmin/browser/server_groups/servers/databases/casts/static/js/cast.ui.js
View File

@ -33,10 +33,14 @@ export default class CastSchema extends BaseUISchema {
let srctype = state.srctyp;
let trgtype = state.trgtyp;
if(srctype != undefined && srctype != '' &&
trgtype != undefined && trgtype != '')
return state.name = srctype+'->'+trgtype;
else
return state.name = '';
trgtype != undefined && trgtype != '') {
state.name = srctype+'->'+trgtype;
return state.name;
}
else {
state.name = '';
return state.name;
}
}
get baseFields() {

7
web/pgadmin/browser/server_groups/servers/databases/publications/__init__.py
View File

@ -169,6 +169,7 @@ class PublicationView(PGChildNodeView, SchemaDiffObjectCompare):
gettext("Could not find the publication information.")
node_type = blueprint.node_type
BASE_TEMPLATE_PATH = 'publications/{0}/#{1}#/sql'
GET_PUB_SCHEMAS_SQL = 'get_pub_schemas.sql'
parent_ids = [
{'type': 'int', 'id': 'gid'},
@ -380,7 +381,7 @@ class PublicationView(PGChildNodeView, SchemaDiffObjectCompare):
if not res['rows'][0]['all_table']:
if self.manager.version >= 150000:
schema_name_sql = render_template(
"/".join([self.template_path, 'get_pub_schemas.sql']),
"/".join([self.template_path, self.GET_PUB_SCHEMAS_SQL]),
pbid=pbid
)
status, snames_list_res = self.conn.execute_dict(
@ -736,7 +737,7 @@ class PublicationView(PGChildNodeView, SchemaDiffObjectCompare):
if self.manager.version >= 150000:
schema_name_sql = render_template(
"/".join([self.template_path, 'get_pub_schemas.sql']),
"/".join([self.template_path, self.GET_PUB_SCHEMAS_SQL]),
pbid=pbid
)
status, snames_list_res = self.conn.execute_dict(
@ -949,7 +950,7 @@ class PublicationView(PGChildNodeView, SchemaDiffObjectCompare):
if self.manager.version >= 150000:
schema_name_sql = render_template(
"/".join([self.template_path, 'get_pub_schemas.sql']),
"/".join([self.template_path, self.GET_PUB_SCHEMAS_SQL]),
pbid=pbid
)
status, snames_list_res = self.conn.execute_dict(

5
web/pgadmin/browser/server_groups/servers/databases/schemas/domains/static/js/domain.ui.js
View File

@ -40,10 +40,7 @@ export class DomainConstSchema extends BaseUISchema {
type: 'checkbox',
readonly: function(state) {
let currCon = _.find(obj.top.origData.constraints, (con)=>con.conoid == state.conoid);
if (!obj.isNew(state) && currCon.convalidated) {
return true;
}
return false;
return !obj.isNew(state) && currCon.convalidated ? true : false;
},
}
];

5
web/pgadmin/browser/server_groups/servers/databases/schemas/synonyms/static/js/synonym.ui.js
View File

@ -97,10 +97,7 @@ export default class SynonymSchema extends BaseUISchema {
};
},
readonly: function() {
if(!obj.inCatalog()) {
return false;
}
return true;
return !obj.inCatalog() ? false : true;
}
}, {
id: 'is_sys_obj', label: gettext('System synonym?'),

2
web/pgadmin/browser/server_groups/servers/static/js/server.js
View File

@ -666,8 +666,6 @@ define('pgadmin.node.server', [
// Check the database server against supported version.
checkSupportedVersion(_data.version, res.info);
// obj.trigger('connected', obj, _item, _data);
// Generate the event that server is connected
pgBrowser.Events.trigger(
'pgadmin:server:connected', _data._id, _item, _data

1
web/pgadmin/static/js/pgadmin.js
View File

@ -26,7 +26,6 @@ define([], function() {
_t = i;
}
_t = 'fontSize' === _r ? +t.parentNode || _t : _t;
// _t = _f ? _t : 'rem' === _c ? i : 'fontSize' === _r ? +t.parentNode || _t : _t;
_f = _f || parseFloat(a(_t, 'fontSize'));
_m = parseFloat(_e) * _f;
}

1
web/regression/javascript/SecurityPages/ForgotPasswordPage.spec.js
View File

@ -21,7 +21,6 @@ describe('ForgotPasswordPage', ()=>{
/* https://material-ui.com/guides/testing/#api */
beforeAll(()=>{
mount = createMount();
// spyOn(Notify, 'alert');
});
afterAll(() => {

1
web/regression/javascript/SecurityPages/LoginPage.spec.js
View File

@ -21,7 +21,6 @@ describe('LoginPage', ()=>{
/* https://material-ui.com/guides/testing/#api */
beforeAll(()=>{
mount = createMount();
// spyOn(Notify, 'alert');
});
afterAll(() => {

1
web/regression/javascript/SecurityPages/MfaRegisterPage.spec.js
View File

@ -21,7 +21,6 @@ describe('MfaRegisterPage', ()=>{
/* https://material-ui.com/guides/testing/#api */
beforeAll(()=>{
mount = createMount();
// spyOn(Notify, 'alert');
});
afterAll(() => {

1
web/regression/javascript/SecurityPages/MfaValidatePage.spec.js
View File

@ -21,7 +21,6 @@ describe('MfaValidatePage', ()=>{
/* https://material-ui.com/guides/testing/#api */
beforeAll(()=>{
mount = createMount();
// spyOn(Notify, 'alert');
});
afterAll(() => {

1
web/regression/javascript/SecurityPages/PasswordResetPage.spec.js
View File

@ -21,7 +21,6 @@ describe('PasswordResetPage', ()=>{
/* https://material-ui.com/guides/testing/#api */
beforeAll(()=>{
mount = createMount();
// spyOn(Notify, 'alert');
});
afterAll(() => {