Commit Graph

104 Commits

Author SHA1 Message Date
Libor M
7648bd9646 Added missing gettext. 2020-10-27 10:51:35 +05:30
Ganesh Jaybhay
08c4deba5a Added following security enhancements:
1) Added ALLOWED_HOSTS list to limit the host address.
  2) Added CSP and HSTS security header.
  3) Hide the webserver/ development framework version.

Fixes #5919
2020-10-20 17:14:45 +05:30
Cyril Jouve
5a253f9053 Change the following to replace Python 2 code with Python 3:
1) Replace the deprecated unit test method.
2) Wraps filter usage in a list call.
3) Converts the old metaclass syntax to new.
4) Use range instead of xrange method.
5) Change Unicode to str.
6) Several other transformations.
7) Fixed change password test cases.
8) Use simplejson instead of plain JSON.
2020-08-31 16:45:31 +05:30
Pradip Parkale
7f947f146c Fixed cognitive complexity issues reported by SonarQube. 2020-08-25 12:28:55 +05:30
Akshay Joshi
103b08c9c5 Define constants for preferences label to fix SonarQube issues. 2020-08-20 17:58:37 +05:30
Khushboo Vashi
cc5a7ea334 Fixed code smell 'String literals should not be duplicated'.
Create a constant.py file which contains the common Constants.
2020-08-19 14:16:02 +05:30
Akshay Joshi
ed0dc62b69 Fixed incorrect import statement for urlopen.
refs #5700
2020-07-27 17:33:44 +05:30
Cyril Jouve
f93cfe8c4c Remove old Python 2 compatibility code. Fixes #5700 2020-07-27 11:03:13 +01:00
Yogesh Mahajan
dd27e08a98 Fixed code smell 'Unused local variables should be removed'. 2020-07-24 12:15:29 +05:30
Aditya Toshniwal
8c20f0c0d2 Some clumsy coding related fixes reported by SonarQube. 2020-06-12 15:24:17 +05:30
Yogesh Mahajan
4632a7faba Fixed an issue where pgadmin detects the wrong browser version of the Microsoft Edge. Fixes #5465 2020-05-29 13:07:02 +05:30
Khushboo Vashi
a9a1a975a6 Added compatibility for Flask-Security-Too version 3.2 2020-05-13 16:02:38 +05:30
Dave Page
74b3495542 Warn the user if an unsupported, deprecated or unknown browser is detected. Fixes #5399 2020-04-14 21:15:02 +05:30
Khushboo Vashi
f77aa3284f Added LDAP authentication support. Fixes #2186 2020-04-06 15:57:05 +05:30
Aditya Toshniwal
915b09255c Added Python 3.8 support. Fixes #5179
1) Upgraded passlib==1.7.1 to passlib==1.7.2
2) Replace unmaintained Flask-Security with maintained Flask-Security-Too package, which is also compatible with python 3.8
3) Other compatibility code changes.
2020-02-18 12:10:38 +05:30
Aditya Toshniwal
8c3bba65e5 Logout the pgAdmin session when no user activity of mouse move, click or keypress. Fixes #5000.
Introduced two config params:
1. USER_INACTIVITY_TIMEOUT - Interval in seconds for the timeout. Default is 0-Zero which means disabled.
2. OVERRIDE_USER_INACTIVITY_TIMEOUT - If set to true, tools like query tool or debugger will override USER_INACTIVITY_TIMEOUT
   and will not allow the application to timeout if a query is running for a long time.
2020-01-15 18:07:46 +05:30
Dave Page
01c7636c75 Update copyright notices for 2020. 2020-01-02 14:43:50 +00:00
Aditya Toshniwal
75ac259632 Fix issue where the user can not switch the UI language. It's a regression of #4348. Fixes #4975 2019-12-05 14:34:44 +05:30
Dave Page
7408b8c8d9 PEP-8 fix. 2019-10-29 12:18:49 +00:00
Richard Yen
30e9673375 Give appropriate error messages when the user tries to use an blank master password. Fixes #4341 2019-10-25 13:55:07 +01:00
Dave Page
2dd075161d Allow the UI layout to be fully locked or to prevent docking changes. Fixes #2653 2019-05-31 11:51:30 -04:00
Aditya Toshniwal
dfa892d2a2 1. Added Master Password to increase the security of saved passwords. Fixes #4184
2. In server(web) mode, update all the saved server credentials when user password is changed. Fixes #3377
2019-05-28 12:00:18 +05:30
Khushboo Vashi
6f0eafb223 Fixed CSRF security vulnerability issue. per Alvin Lindstam. Fixes #4217
Initial patch by: Khushboo Vashi
Modified by: Ashesh Vashi and Murtuza Zabuawala
2019-05-28 10:59:51 +05:30
Dave Page
4b421550d3 Stop using application/x-javascript as a mime type and use the RFC-compliant application/javascript instead. Fixes #4261 2019-05-15 09:44:57 +01:00
Dave Page
d7da8be486 Make the upgrade check key configurable. 2019-01-02 12:56:39 +00:00
Murtuza Zabuawala
e23d307c56 Update copyright notices for 2019 2019-01-02 15:54:12 +05:30
Aditya Toshniwal
82c9cca683 Move all CSS into SCSS files for consistency and ease of colour maintenance etc. Fixes #2927 2018-09-04 11:24:51 +01:00
Dave Page
d7eb41fff4 Include a cacert file when needed for the upgrade check. Fixes #3185 2018-07-23 16:15:58 +01:00
Aditya Toshniwal
bdb7e3fde2 Infrastructure and changes to the Query Tool for realtime preference handling. Refs #3294
Highlights of this patch include:
- Changes will affect SQL Editors in Create dialog boxes, SQL tab of the main screen, Query tool, History entries in the query tool, Query tool opened in New Tab/Window
- All the components of SQL editor will refer to single source of preferences which is cached in the Browser object. All other redundant ajax get preference calls are removed.
- SQL editor will not refer template JS variables anymore, once all the references are removed the template variables will also be removed.
- Code refactoring wherever possible.
- Covered JS test cases wherever possible.
2018-07-05 11:38:43 +01:00
Akshay Joshi
b7fb01ab04 Add support for SSH tunneled connections. Fixes #1447 2018-05-04 11:27:27 +01:00
Murtuza Zabuawala
8ec51412c3 Add a (configurable) limit to the number of pgAgent job history rows displayed on the statistics tab. Fixes #3072 2018-04-06 10:00:25 +01:00
Murtuza Zabuawala
be055ce57d Update Python and JS modules. Fixes #3154 2018-04-04 10:47:01 +01:00
Khushboo Vashi
7805170783 Add the ability to enable/disable UI animations. Fixes #1978 2018-04-03 14:52:13 +01:00
Khushboo Vashi
413709fc78 Simplify cookie domain/path settings, per discussion. Instead of trying to be smart, just let the user specify them in the config, e.g.
COOKIE_DEFAULT_DOMAIN = None
SESSION_COOKIE_DOMAIN = None
2018-03-23 10:14:02 +00:00
Khushboo Vashi
534f1f35fe Appropriately set the cookie path. Fixes #3197 2018-03-19 17:09:19 +00:00
Dave Page
93d44d5643 Revert "Ensure the cookie domain and path are properly set. Fixes #3197"
This reverts commit 9c4edb4a28.

Jenkins really doesn't like this.
2018-03-15 14:54:14 -04:00
Khushboo Vashi
9c4edb4a28 Ensure the cookie domain and path are properly set. Fixes #3197 2018-03-15 13:59:29 -04:00
Joao Pedro De Almeida Pereira
3a6994f719 Final PEP-8 fixes 2018-03-08 09:33:43 +00:00
Murtuza Zabuawala
abf0b1a7ae Allow admins to disable the use of Gravatar if they choose. Fixes #3037 2018-03-07 16:35:33 +00:00
Murtuza Zabuawala
06ff05762e PEP8 fixes. Fixes #3175 2018-03-07 11:47:01 +00:00
Harshal Dhumal
aa1849c13a Support tab navigation in dialogs. Fixes #2898 2018-02-27 11:18:36 +00:00
Harshal Dhumal
43d3e0ca64 PEP8 fixes. 2018-02-26 15:58:48 +00:00
Harshal Dhumal
c91a597df9 Fix alignment issues in keyboard shortcut options. Fixes #3080 2018-02-20 16:49:59 +00:00
Khushboo Vashi
258b064963 Add configurable shortcut keys for various common options in the main window. Fixes #2899 2018-02-09 12:07:57 +00:00
Khushboo Vashi
262d01bf01 Add keyboard navigation options for the main browser windows. Fixes #2895 2018-02-02 14:28:37 +01:00
Dave Page
89821c0d19 Update copyright notices for 2018. 2018-01-05 10:42:50 +00:00
Harshal Dhumal
1a4e21e6dd Fix regression tests for password reset in server mode 2017-11-30 13:16:59 +00:00
Harshal Dhumal
35a5cf22d5 Refuse password changes (and tell the user) if the notification email cannot be sent. Fixes #2892 2017-11-30 11:16:38 +00:00
Murtuza Zabuawala
897bf4857a Fix counted rows display in table properties. Fixes #2836 2017-11-02 09:35:44 +00:00
Murtuza Zabuawala
0cb57848f8 Ensure auto-indent honours the spaces/tabs config setting. Fixes #2780 2017-10-16 15:37:03 +01:00