From 6a861f7a914ab5c33cf9e04aae6fa4aa5bf96a53 Mon Sep 17 00:00:00 2001 From: Akshay Joshi Date: Fri, 31 Mar 2017 20:14:37 -0400 Subject: [PATCH] Add the config option ALLOW_SAVE_PASSWORD to allow admins to disable saving of passwords. Fixes #2232 --- web/config.py | 5 +++++ web/pgadmin/browser/server_groups/servers/__init__.py | 7 ++++--- .../server_groups/servers/templates/servers/password.html | 4 +++- .../server_groups/servers/templates/servers/servers.js | 3 +++ 4 files changed, 15 insertions(+), 4 deletions(-) diff --git a/web/config.py b/web/config.py index 676977eb8..a28283b62 100644 --- a/web/config.py +++ b/web/config.py @@ -202,6 +202,10 @@ SQLITE_PATH = env('SQLITE_PATH') or os.path.join(DATA_DIR, 'pgadmin4.db') # (Default: 500 milliseconds) SQLITE_TIMEOUT = 500 +# Allow database connection passwords to be saved if the user chooses. +# Set to False to disable password saving. +ALLOW_SAVE_PASSWORD = True + ########################################################################## # Server-side session storage path # @@ -333,3 +337,4 @@ try: from config_local import * except ImportError: pass + diff --git a/web/pgadmin/browser/server_groups/servers/__init__.py b/web/pgadmin/browser/server_groups/servers/__init__.py index 3a3e4a42d..37d842f86 100644 --- a/web/pgadmin/browser/server_groups/servers/__init__.py +++ b/web/pgadmin/browser/server_groups/servers/__init__.py @@ -595,7 +595,8 @@ class ServerNode(PGChildNodeView): errormsg=gettext(u"Unable to connect to server:\n\n%s" % errmsg) ) else: - if 'save_password' in data and data['save_password'] and have_password: + if 'save_password' in data and data['save_password'] and \ + have_password and config.ALLOW_SAVE_PASSWORD: setattr(server, 'password', password) db.session.commit() @@ -809,7 +810,7 @@ class ServerNode(PGChildNodeView): ) ) else: - if save_password: + if save_password and config.ALLOW_SAVE_PASSWORD: try: # Save the encrypted password using the user's login # password key. @@ -1012,7 +1013,7 @@ class ServerNode(PGChildNodeView): password = encrypt(data['newPassword'], user.password) # Check if old password was stored in pgadmin4 sqlite database. # If yes then update that password. - if server.password is not None: + if server.password is not None and config.ALLOW_SAVE_PASSWORD: setattr(server, 'password', password) db.session.commit() # Also update password in connection manager. diff --git a/web/pgadmin/browser/server_groups/servers/templates/servers/password.html b/web/pgadmin/browser/server_groups/servers/templates/servers/password.html index c8e73e89a..005589cb4 100644 --- a/web/pgadmin/browser/server_groups/servers/templates/servers/password.html +++ b/web/pgadmin/browser/server_groups/servers/templates/servers/password.html @@ -13,7 +13,9 @@ -   Save Password +   Save Password
diff --git a/web/pgadmin/browser/server_groups/servers/templates/servers/servers.js b/web/pgadmin/browser/server_groups/servers/templates/servers/servers.js index 59d9682f6..c879bb25f 100644 --- a/web/pgadmin/browser/server_groups/servers/templates/servers/servers.js +++ b/web/pgadmin/browser/server_groups/servers/templates/servers/servers.js @@ -676,6 +676,9 @@ function($, _, S, pgAdmin, pgBrowser, alertify) { group: "{{ 'Connection' }}", mode: ['create'], deps: ['connect_now'], visible: function(m) { return m.get('connect_now') && m.isNew(); + }, + disabled: function(m) { + return {% if config.ALLOW_SAVE_PASSWORD %}false{% else %}true{% endif %}; } },{ id: 'role', label:'{{ _('Role') }}', type: 'text', group: "{{ 'Connection' }}",