public inbox for [email protected]
help / color / mirror / Atom feed[pgAdmin4][Patch] - RM #6444 and #6445
2+ messages / 2 participants
[nested] [flat]
* [pgAdmin4][Patch] - RM #6444 and #6445
@ 2021-05-13 09:33 Khushboo Vashi <[email protected]>
2021-05-14 07:04 ` Re: [pgAdmin4][Patch] - RM #6444 and #6445 Akshay Joshi <[email protected]>
0 siblings, 1 reply; 2+ messages in thread
From: Khushboo Vashi @ 2021-05-13 09:33 UTC (permalink / raw)
To: pgadmin-hackers
Hi,
Please find the attached patch to fix below RMs.
#6444 - [Kerbores] - User is not warned if Kerberos ticket expiration is
less than 30 min while initiating global backup.
#6445 - [Kerbores] - Kerberos Auth flag is True in properties dialogue
though server is connected with password.
There is no way to identify if the server connection is GSS authenticated
or not. To solve this problem, I have introduced *GSS authenticated?* and *GSS
encrypted?* fields in the server properties.
Thanks,
Khushboo
Attachments:
[application/octet-stream] RM_6444_6445.patch (7.0K, 3-RM_6444_6445.patch)
download | inline diff:
diff --git a/web/pgadmin/browser/server_groups/servers/__init__.py b/web/pgadmin/browser/server_groups/servers/__init__.py
index dc16a5de8..0d32bf4d3 100644
--- a/web/pgadmin/browser/server_groups/servers/__init__.py
+++ b/web/pgadmin/browser/server_groups/servers/__init__.py
@@ -255,6 +255,7 @@ class ServerModule(sg.ServerGroupPluginModule):
user_name=server.username,
shared=server.shared,
is_kerberos_conn=bool(server.kerberos_conn),
+ gss_authenticated=manager.gss_authenticated
)
@property
@@ -549,7 +550,8 @@ class ServerNode(PGChildNodeView):
errmsg=errmsg,
user_name=server.username,
shared=server.shared,
- is_kerberos_conn=bool(server.kerberos_conn)
+ is_kerberos_conn=bool(server.kerberos_conn),
+ gss_authenticated=manager.gss_authenticated
)
)
@@ -617,7 +619,8 @@ class ServerNode(PGChildNodeView):
errmsg=errmsg,
shared=server.shared,
user_name=server.username,
- is_kerberos_conn=bool(server.kerberos_conn)
+ is_kerberos_conn=bool(server.kerberos_conn),
+ gss_authenticated=manager.gss_authenticated
),
)
@@ -991,6 +994,8 @@ class ServerNode(PGChildNodeView):
if server.tunnel_identity_file else None,
'tunnel_authentication': tunnel_authentication,
'kerberos_conn': bool(server.kerberos_conn),
+ 'gss_authenticated': manager.gss_authenticated,
+ 'gss_encrypted': manager.gss_encrypted
}
return ajax_response(response)
@@ -1162,6 +1167,8 @@ class ServerNode(PGChildNodeView):
if manager and manager.version
else None,
is_kerberos_conn=bool(server.kerberos_conn),
+ gss_authenticated=manager.gss_authenticated if
+ manager and manager.gss_authenticated else False
)
)
@@ -1478,6 +1485,7 @@ class ServerNode(PGChildNodeView):
'is_tunnel_password_saved': True
if server.tunnel_password is not None else False,
'is_kerberos_conn': bool(server.kerberos_conn),
+ 'gss_authenticated': manager.gss_authenticated
}
)
diff --git a/web/pgadmin/browser/server_groups/servers/static/js/server.js b/web/pgadmin/browser/server_groups/servers/static/js/server.js
index b21cba431..45dea090e 100644
--- a/web/pgadmin/browser/server_groups/servers/static/js/server.js
+++ b/web/pgadmin/browser/server_groups/servers/static/js/server.js
@@ -910,6 +910,16 @@ define('pgadmin.node.server', [
group: gettext('Connection'), 'options': {
'onText': gettext('True'), 'offText': gettext('False'), 'size': 'mini',
}
+ },{
+ id: 'gss_authenticated', label: gettext('GSS authenticated?'), type: 'switch',
+ group: gettext('Connection'), 'options': {
+ 'onText': gettext('True'), 'offText': gettext('False'), 'size': 'mini',
+ }, mode: ['properties'], visible: 'isConnected'
+ },{
+ id: 'gss_encrypted', label: gettext('GSS encrypted?'), type: 'switch',
+ group: gettext('Connection'), 'options': {
+ 'onText': gettext('True'), 'offText': gettext('False'), 'size': 'mini',
+ }, mode: ['properties'], visible: 'isConnected',
},{
id: 'password', label: gettext('Password'), type: 'password', maxlength: null,
group: gettext('Connection'), control: 'input', mode: ['create'],
diff --git a/web/pgadmin/tools/backup/static/js/backup_dialog_wrapper.js b/web/pgadmin/tools/backup/static/js/backup_dialog_wrapper.js
index 1a59d420a..5a86bf82e 100644
--- a/web/pgadmin/tools/backup/static/js/backup_dialog_wrapper.js
+++ b/web/pgadmin/tools/backup/static/js/backup_dialog_wrapper.js
@@ -15,6 +15,7 @@ import _ from 'underscore';
import {DialogWrapper} from '../../../../static/js/alertify/dialog_wrapper';
import {fetch_ticket_lifetime} from '../../../../authenticate/static/js/kerberos';
import userInfo from 'pgadmin.user_management.current_user';
+import pgConst from 'pgadmin.browser.constants';
export class BackupDialogWrapper extends DialogWrapper {
constructor(dialogContainerSelector, dialogTitle, typeOfDialog,
@@ -169,7 +170,7 @@ export class BackupDialogWrapper extends DialogWrapper {
this.setExtraParameters(selectedTreeNode, treeInfo);
let backupDate = this.view.model.toJSON();
- if(userInfo['current_auth_source'] == 'KERBEROS' && (backupDate.type == 'globals' || backupDate.type == 'server')) {
+ if(userInfo['current_auth_source'] == pgConst['KERBEROS'] && treeInfo.server.gss_authenticated && (backupDate.type == 'globals' || backupDate.type == 'server')) {
let newPromise = fetch_ticket_lifetime();
newPromise.then(
function(lifetime) {
diff --git a/web/pgadmin/utils/driver/psycopg2/connection.py b/web/pgadmin/utils/driver/psycopg2/connection.py
index 3baa61fac..8ff0963f4 100644
--- a/web/pgadmin/utils/driver/psycopg2/connection.py
+++ b/web/pgadmin/utils/driver/psycopg2/connection.py
@@ -562,6 +562,26 @@ WHERE db.datname = current_database()""")
if len(manager.db_info) == 1:
manager.did = res['did']
+ if manager.sversion >= 120000:
+ status = self._execute(cur, """
+ SELECT
+ gss_authenticated, encrypted
+ FROM
+ pg_catalog.pg_stat_gssapi
+ WHERE pid = pg_backend_pid()""")
+ if status is None:
+ if cur.rowcount > 0:
+ res_enc = cur.fetchmany(1)[0]
+ manager.db_info[res['did']]['gss_authenticated'] =\
+ res_enc['gss_authenticated']
+ manager.db_info[res['did']]['gss_encrypted'] = \
+ res_enc['encrypted']
+
+ if len(manager.db_info) == 1:
+ manager.gss_authenticated = \
+ res_enc['gss_authenticated']
+ manager.gss_encrypted = res_enc['encrypted']
+
self._set_user_info(cur, manager, **kwargs)
self._set_server_type_and_password(kwargs, manager)
diff --git a/web/pgadmin/utils/driver/psycopg2/server_manager.py b/web/pgadmin/utils/driver/psycopg2/server_manager.py
index 8c16c8ec3..2a951b6ed 100644
--- a/web/pgadmin/utils/driver/psycopg2/server_manager.py
+++ b/web/pgadmin/utils/driver/psycopg2/server_manager.py
@@ -106,6 +106,9 @@ class ServerManager(object):
self.tunnel_password = None
self.kerberos_conn = server.kerberos_conn
+ self.gss_authenticated = False
+ self.gss_encrypted = False
+
for con in self.connections:
self.connections[con]._release()
^ permalink raw reply [nested|flat] 2+ messages in thread
* Re: [pgAdmin4][Patch] - RM #6444 and #6445
2021-05-13 09:33 [pgAdmin4][Patch] - RM #6444 and #6445 Khushboo Vashi <[email protected]>
@ 2021-05-14 07:04 ` Akshay Joshi <[email protected]>
0 siblings, 0 replies; 2+ messages in thread
From: Akshay Joshi @ 2021-05-14 07:04 UTC (permalink / raw)
To: Khushboo Vashi <[email protected]>; +Cc: pgadmin-hackers
Thanks, patch applied.
On Thu, May 13, 2021 at 3:03 PM Khushboo Vashi <
[email protected]> wrote:
> Hi,
>
> Please find the attached patch to fix below RMs.
>
> #6444 - [Kerbores] - User is not warned if Kerberos ticket expiration is
> less than 30 min while initiating global backup.
>
> #6445 - [Kerbores] - Kerberos Auth flag is True in properties dialogue
> though server is connected with password.
> There is no way to identify if the server connection is GSS authenticated
> or not. To solve this problem, I have introduced *GSS authenticated?* and *GSS
> encrypted?* fields in the server properties.
>
> Thanks,
> Khushboo
>
>
--
*Thanks & Regards*
*Akshay Joshi*
*pgAdmin Hacker | Principal Software Architect*
*EDB Postgres <http://edbpostgres.com>*
*Mobile: +91 976-788-8246*
^ permalink raw reply [nested|flat] 2+ messages in thread
end of thread, other threads:[~2021-05-14 07:04 UTC | newest]
Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2021-05-13 09:33 [pgAdmin4][Patch] - RM #6444 and #6445 Khushboo Vashi <[email protected]>
2021-05-14 07:04 ` Akshay Joshi <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox