Обсуждение: PATCH: Login/Group Role Node
Hi Team,
Please find the patch for Login/Group Role(s).Akshay/Murtuza,
Can you please review it?
Вложения
Hi Ashesh,
Observed so far,
In pgAdmin4,
1) We are not displaying below items in properties when compare to pgAdmin3
- Account expires
- Member of
2) Seems life one of menu item missing when right click on role
- Reassign/ Drop owned
3) Security label is disabled by default, Even though security label is disabled, we get precondition error from server saying.
Causing:
- When we add variables in Security tab on existing role, Sql does not gets generated in sql tab.
- When we add roles role membership on existing role, Sql does not gets generated in sql tab and it also allow us to enter invalid role which does not exists.
Regards,
Murtuza
Observed so far,
In pgAdmin4,
1) We are not displaying below items in properties when compare to pgAdmin3
- Account expires
- Member of
2) Seems life one of menu item missing when right click on role
- Reassign/ Drop owned
3) Security label is disabled by default, Even though security label is disabled, we get precondition error from server saying.
"errormsg": "Security Label must be passed as an array of JSON object in the following.."Causing:
- When we add variables in Security tab on existing role, Sql does not gets generated in sql tab.
- When we add roles role membership on existing role, Sql does not gets generated in sql tab and it also allow us to enter invalid role which does not exists.
Regards,
Murtuza
On Tuesday 12 January 2016 10:47 PM, Ashesh Vashi wrote:
Hi Team,Please find the patch for Login/Group Role(s).Akshay/Murtuza,Can you please review it?
Hi Ashesh,
Addition to below, I also observed two more issues,
- It's a bad idea to give md5 hash of current role's password in properties/edit mode, A malicious user can use that hash to crack another role's password.
- When you select a role and click on SQL panel (near to Statistic panel), we encounter exception as below,
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 531, in wrapped
return f(self, **kwargs)
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 714, in sql
data=self.request,
AttributeError: 'RoleView' object has no attribute 'request'
Regards,
Murtuza
Addition to below, I also observed two more issues,
- It's a bad idea to give md5 hash of current role's password in properties/edit mode, A malicious user can use that hash to crack another role's password.
- When you select a role and click on SQL panel (near to Statistic panel), we encounter exception as below,
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 531, in wrapped
return f(self, **kwargs)
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 714, in sql
data=self.request,
AttributeError: 'RoleView' object has no attribute 'request'
Regards,
Murtuza
On Thursday 14 January 2016 01:48 PM, Murtuza Zabuawala wrote:
Hi Ashesh,
Observed so far,
In pgAdmin4,
1) We are not displaying below items in properties when compare to pgAdmin3
- Account expires
- Member of
2) Seems life one of menu item missing when right click on role
- Reassign/ Drop owned
3) Security label is disabled by default, Even though security label is disabled, we get precondition error from server saying."errormsg": "Security Label must be passed as an array of JSON object in the following.."
Causing:
- When we add variables in Security tab on existing role, Sql does not gets generated in sql tab.
- When we add roles role membership on existing role, Sql does not gets generated in sql tab and it also allow us to enter invalid role which does not exists.
Regards,
MurtuzaOn Tuesday 12 January 2016 10:47 PM, Ashesh Vashi wrote:Hi Team,Please find the patch for Login/Group Role(s).Akshay/Murtuza,Can you please review it?
Hi Ashesh,
I also found that we are not handling group role in macro templates.
Steps to re-produce the issue:
1) Create a sample Group Role.
name : my_group
Click 'Ok' to create.
2) Go to privilege tab (in my case Database node)
- Click on Add button
- Select my_group (Group) from options
- grant any priviledges
3) Go to modified SQL tab
- You will see wrong SQL generated
GRANT ALL ON DATABASE postgres TO my_group WITH GRANT OPTIONS
Expected SQL:
GRANT ALL ON DATABASE postgres TO GROUP my_group WITH GRANT OPTIONS
Regards,
Murtuza
On 20-Jan-2016, at 2:10 pm, Murtuza Zabuawala <murtuza.zabuawala@enterprisedb.com> wrote:Hi Ashesh,
Addition to below, I also observed two more issues,
- It's a bad idea to give md5 hash of current role's password in properties/edit mode, A malicious user can use that hash to crack another role's password.
- When you select a role and click on SQL panel (near to Statistic panel), we encounter exception as below,
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 531, in wrapped
return f(self, **kwargs)
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 714, in sql
data=self.request,
AttributeError: 'RoleView' object has no attribute 'request'
Regards,
MurtuzaOn Thursday 14 January 2016 01:48 PM, Murtuza Zabuawala wrote:Hi Ashesh,
Observed so far,
In pgAdmin4,
1) We are not displaying below items in properties when compare to pgAdmin3
- Account expires
- Member of
2) Seems life one of menu item missing when right click on role
- Reassign/ Drop owned
3) Security label is disabled by default, Even though security label is disabled, we get precondition error from server saying."errormsg": "Security Label must be passed as an array of JSON object in the following.."
Causing:
- When we add variables in Security tab on existing role, Sql does not gets generated in sql tab.
- When we add roles role membership on existing role, Sql does not gets generated in sql tab and it also allow us to enter invalid role which does not exists.
Regards,
MurtuzaOn Tuesday 12 January 2016 10:47 PM, Ashesh Vashi wrote:Hi Team,Please find the patch for Login/Group Role(s).Akshay/Murtuza,Can you please review it?
Hi Team,
Please find the update patch for the Login/Group Role node.
On Wed, Jan 20, 2016 at 2:10 PM, Murtuza Zabuawala <murtuza.zabuawala@enterprisedb.com> wrote:
Hi Ashesh,
Addition to below, I also observed two more issues,
- It's a bad idea to give md5 hash of current role's password in properties/edit mode, A malicious user can use that hash to crack another role's password.
Ok.
I am not sending the password any more to the client in edit mode.
- When you select a role and click on SQL panel (near to Statistic panel), we encounter exception as below,
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 531, in wrapped
return f(self, **kwargs)
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 714, in sql
data=self.request,
AttributeError: 'RoleView' object has no attribute 'request'
Statistics are yet implemented for any node.
It will be taken care as a separate patch.
Regards,
MurtuzaOn Thursday 14 January 2016 01:48 PM, Murtuza Zabuawala wrote:Hi Ashesh,
Observed so far,
In pgAdmin4,
1) We are not displaying below items in properties when compare to pgAdmin3
- Account expires
- Member of
Added.
2) Seems life one of menu item missing when right click on role
- Reassign/ Drop owned
It'll be added as a separate module.
3) Security label is disabled by default, Even though security label is disabled, we get precondition error from server saying."errormsg": "Security Label must be passed as an array of JSON object in the following.."
Done.
Causing:
- When we add variables in Security tab on existing role, Sql does not gets generated in sql tab.
- When we add roles role membership on existing role, Sql does not gets generated in sql tab and it also allow us to enter invalid role which does not exists.
Done.
Regards,
MurtuzaOn Tuesday 12 January 2016 10:47 PM, Ashesh Vashi wrote:Hi Team,Please find the patch for Login/Group Role(s).Akshay/Murtuza,Can you please review it?
Вложения
Hi Team,
Please ignore the previous patch.
It was not a git binary-patch.
Please find the updated patch, which includes both binary patch, and Security Label changes (which were disabled by default).
On Thu, Feb 4, 2016 at 5:37 PM, Ashesh Vashi <ashesh.vashi@enterprisedb.com> wrote:
Hi Team,Please find the update patch for the Login/Group Role node.
On Wed, Jan 20, 2016 at 2:10 PM, Murtuza Zabuawala <murtuza.zabuawala@enterprisedb.com> wrote:Hi Ashesh,
Addition to below, I also observed two more issues,
- It's a bad idea to give md5 hash of current role's password in properties/edit mode, A malicious user can use that hash to crack another role's password.Ok.I am not sending the password any more to the client in edit mode.
- When you select a role and click on SQL panel (near to Statistic panel), we encounter exception as below,
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 531, in wrapped
return f(self, **kwargs)
File "/home/murtuza/PROJECT/pgadmin4/web/pgadmin/browser/server_groups/servers/roles/__init__.py", line 714, in sql
data=self.request,
AttributeError: 'RoleView' object has no attribute 'request'Statistics are yet implemented for any node.It will be taken care as a separate patch.
Regards,
MurtuzaOn Thursday 14 January 2016 01:48 PM, Murtuza Zabuawala wrote:Hi Ashesh,
Observed so far,
In pgAdmin4,
1) We are not displaying below items in properties when compare to pgAdmin3
- Account expires
- Member ofAdded.
2) Seems life one of menu item missing when right click on role
- Reassign/ Drop ownedIt'll be added as a separate module.
3) Security label is disabled by default, Even though security label is disabled, we get precondition error from server saying."errormsg": "Security Label must be passed as an array of JSON object in the following.."Done.
Causing:
- When we add variables in Security tab on existing role, Sql does not gets generated in sql tab.
- When we add roles role membership on existing role, Sql does not gets generated in sql tab and it also allow us to enter invalid role which does not exists.Done.
Regards,
MurtuzaOn Tuesday 12 January 2016 10:47 PM, Ashesh Vashi wrote:Hi Team,Please find the patch for Login/Group Role(s).Akshay/Murtuza,Can you please review it?