[pgAdmin][RM-6159]: Even though a user have the role pg_signal_backend isn't possible to kill the session via the GUI (Dashboard Tab).

public inbox for [email protected]  
help / color / mirror / Atom feed

[pgAdmin][RM-6159]: Even though a user have the role pg_signal_backend isn't possible to kill the session via the GUI (Dashboard Tab).
2+ messages / 2 participants
[nested] [flat]

* [pgAdmin][RM-6159]: Even though a user have the role pg_signal_backend isn't possible to kill the session via the GUI (Dashboard Tab).
@ 2021-02-23 10:44 Nikhil Mohite <[email protected]>
  2021-02-26 07:21 ` Re: [pgAdmin][RM-6159]: Even though a user have the role pg_signal_backend isn't possible to kill the session via the GUI (Dashboard Tab). Akshay Joshi <[email protected]>
  0 siblings, 1 reply; 2+ messages in thread

From: Nikhil Mohite @ 2021-02-23 10:44 UTC (permalink / raw)
  To: pgadmin-hackers

Hi Team,

Please find the attached patch for RM-6159
<https://redmine.postgresql.org/issues/6159;: Even though a user have the
role pg_signal_backend isn't possible to kill the session via the GUI
(Dashboard Tab).


-- 
*Thanks & Regards,*
*Nikhil Mohite*
*Software Engineer.*
*EDB Postgres* <https://www.enterprisedb.com/;
*Mob.No: +91-7798364578.*


Attachments:

  [application/octet-stream] RM_6159.patch (2.8K, 3-RM_6159.patch)
  download | inline diff:
diff --git a/web/pgadmin/dashboard/static/js/dashboard.js b/web/pgadmin/dashboard/static/js/dashboard.js
index d8c29820..1cce956f 100644
--- a/web/pgadmin/dashboard/static/js/dashboard.js
+++ b/web/pgadmin/dashboard/static/js/dashboard.js
@@ -30,7 +30,8 @@ define('pgadmin.dashboard', [
     is_super_user = false,
     current_user, maintenance_database,
     is_server_dashboard = false,
-    is_database_dashboard = false;
+    is_database_dashboard = false,
+    can_signal_backend = false;
 
   // Custom BackGrid cell, Responsible for cancelling active sessions
   var customDashboardActionCell = Backgrid.Extension.DeleteCell.extend({
@@ -293,6 +294,7 @@ define('pgadmin.dashboard', [
           // Check if user is super user
           var server = treeHierarchy['server'];
           maintenance_database = (server && server.db) || null;
+          can_signal_backend = server.user.can_signal_backend;
 
           if (server && server.user && server.user.is_superuser) {
             is_super_user = true;
@@ -1149,6 +1151,9 @@ define('pgadmin.dashboard', [
           gettext('The session is already in idle state.')
         );
         return false;
+      } else if (can_signal_backend) {
+        // user with membership of 'pg_signal_backend' can terminate the session of non admin user.
+        return true;
       } else if (is_super_user) {
         // Super user can do anything
         return true;
diff --git a/web/pgadmin/utils/driver/psycopg2/connection.py b/web/pgadmin/utils/driver/psycopg2/connection.py
index cd6a07b3..7dadb22a 100644
--- a/web/pgadmin/utils/driver/psycopg2/connection.py
+++ b/web/pgadmin/utils/driver/psycopg2/connection.py
@@ -552,12 +552,20 @@ WHERE db.datname = current_database()""")
         """
         status = self._execute(cur, """
         SELECT
-            oid as id, rolname as name, rolsuper as is_superuser,
-            CASE WHEN rolsuper THEN true ELSE rolcreaterole END as
+            roles.oid as id, roles.rolname as name,
+            roles.rolsuper as is_superuser,
+            CASE WHEN roles.rolsuper THEN true ELSE roles.rolcreaterole END as
             can_create_role,
-            CASE WHEN rolsuper THEN true ELSE rolcreatedb END as can_create_db
+            CASE WHEN roles.rolsuper THEN true
+            ELSE roles.rolcreatedb END as can_create_db,
+            CASE WHEN 'pg_signal_backend'=ANY(ARRAY(
+                SELECT pg_catalog.pg_roles.rolname FROM
+                pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles ON
+                (m.roleid = pg_catalog.pg_roles.oid) WHERE
+                 m.member = roles.oid)) THEN True
+            ELSE False END as can_signal_backend
         FROM
-            pg_catalog.pg_roles
+            pg_catalog.pg_roles as roles
         WHERE
             rolname = current_user""")
 


^ permalink  raw  reply  [nested|flat] 2+ messages in thread

* Re: [pgAdmin][RM-6159]: Even though a user have the role pg_signal_backend isn't possible to kill the session via the GUI (Dashboard Tab).
  2021-02-23 10:44 [pgAdmin][RM-6159]: Even though a user have the role pg_signal_backend isn't possible to kill the session via the GUI (Dashboard Tab). Nikhil Mohite <[email protected]>
@ 2021-02-26 07:21 ` Akshay Joshi <[email protected]>
  0 siblings, 0 replies; 2+ messages in thread

From: Akshay Joshi @ 2021-02-26 07:21 UTC (permalink / raw)
  To: Nikhil Mohite <[email protected]>; +Cc: pgadmin-hackers

Thanks, patch applied.

On Tue, Feb 23, 2021 at 4:14 PM Nikhil Mohite <
[email protected]> wrote:

> Hi Team,
>
> Please find the attached patch for RM-6159
> <https://redmine.postgresql.org/issues/6159;: Even though a user have the
> role pg_signal_backend isn't possible to kill the session via the GUI
> (Dashboard Tab).
>
>
> --
> *Thanks & Regards,*
> *Nikhil Mohite*
> *Software Engineer.*
> *EDB Postgres* <https://www.enterprisedb.com/;
> *Mob.No: +91-7798364578.*
>

-- 
*Thanks & Regards*
*Akshay Joshi*
*pgAdmin Hacker | Principal Software Architect*
*EDB Postgres <http://edbpostgres.com>*

*Mobile: +91 976-788-8246*

^ permalink  raw  reply  [nested|flat] 2+ messages in thread

end of thread, other threads:[~2021-02-26 07:21 UTC | newest]

Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2021-02-23 10:44 [pgAdmin][RM-6159]: Even though a user have the role pg_signal_backend isn't possible to kill the session via the GUI (Dashboard Tab). Nikhil Mohite <[email protected]>
2021-02-26 07:21 ` Akshay Joshi <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox