public inbox for [email protected]
help / color / mirror / Atom feedFrom: Murtuza Zabuawala <[email protected]>
To: Ashesh Vashi <[email protected]>
To: pgadmin-hackers <[email protected]>
To: Akshay Joshi <[email protected]>
Subject: Re: PATCH: Login/Group Role Node
Date: Tue, 2 Feb 2016 14:52:39 +0530
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <CAG7mmoy=Wd5xHV=e734d4=8pqS7BOKyL8mUdh-5AMfs84Tm6VQ@mail.gmail.com>
<[email protected]>
<[email protected]>
List-Unsubscribe: <mailto:[email protected]?body=unsub%20pgadmin-hackers>
Hi Ashesh,
I also found that we are not handling group role in macro templates.
Steps to re-produce the issue:
1) Create a sample Group Role.
name : my_group
Click 'Ok' to create.
2) Go to privilege tab (in my case Database node)
- Click on Add button
- Select my_group (Group) from options
- grant any priviledges
3) Go to modified SQL tab
- You will see wrong SQL generated
GRANT ALL ON DATABASE postgres TO my_group WITH GRANT OPTIONS
Expected SQL:
GRANT ALL ON DATABASE postgres TO GROUP my_group WITH GRANT OPTIONS
Regards,
Murtuza
> On 20-Jan-2016, at 2:10 pm, Murtuza Zabuawala <[email protected]> wrote:
>
> Hi Ashesh,
>
> Addition to below, I also observed two more issues,
>
> - It's a bad idea to give md5 hash of current role's password in properties/edit mode, A malicious user can use that hash to crack another role's password.
>
> - When you select a role and click on SQL panel (near to Statistic panel), we encounter exception as below,
>
> File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 531, in wrapped
> return f(self, **kwargs)
> File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 714, in sql
> data=self.request,
> AttributeError: 'RoleView' object has no attribute 'request'
>
>
> Regards,
> Murtuza
>
>
> On Thursday 14 January 2016 01:48 PM, Murtuza Zabuawala wrote:
>> Hi Ashesh,
>>
>> Observed so far,
>>
>> In pgAdmin4,
>> 1) We are not displaying below items in properties when compare to pgAdmin3
>> - Account expires
>> - Member of
>>
>> 2) Seems life one of menu item missing when right click on role
>> - Reassign/ Drop owned
>>
>> 3) Security label is disabled by default, Even though security label is disabled, we get precondition error from server saying.
>> "errormsg": "Security Label must be passed as an array of JSON object in the following.."
>>
>> Causing:
>> - When we add variables in Security tab on existing role, Sql does not gets generated in sql tab.
>> - When we add roles role membership on existing role, Sql does not gets generated in sql tab and it also allow us to enter invalid role which does not exists.
>>
>>
>> Regards,
>> Murtuza
>>
>> On Tuesday 12 January 2016 10:47 PM, Ashesh Vashi wrote:
>>> Hi Team,
>>>
>>> Please find the patch for Login/Group Role(s).
>>>
>>> Akshay/Murtuza,
>>>
>>> Can you please review it?
>>>
>>> --
>>> Thanks & Regards,
>>>
>>> Ashesh Vashi
>>> EnterpriseDB INDIA: Enterprise PostgreSQL Company <http://www.enterprisedb.com/;
>>>
>>> <http://www.linkedin.com/in/asheshvashi>http://www.linkedin.com/in/asheshvashi <http://www.linkedin.com/in/asheshvashi;
>
view thread (7+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: PATCH: Login/Group Role Node
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox