pgadmin-org
/
pgadmin4
mirror of https://github.com/pgadmin-org/pgadmin4.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed an issue in the search object when searching in 'all types' or 'subscription' if the user doesn't have access to the subscription. Fixes #6448

pull/55/head
Pradip Parkale 2021-06-23 12:39:55 +05:30 committed by Akshay Joshi
parent b81ff45d34
commit 80ccd62d38
6 changed files with 29 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/en_US/release_notes_5_5.rst
View File

@ -20,5 +20,6 @@ Bug fixes
| `Issue #6388 <https://redmine.postgresql.org/issues/6388>`_ - Fixed replace keyboard shortcut issue in the query tool on the normal keyboard layout.
| `Issue #6398 <https://redmine.postgresql.org/issues/6398>`_ - Fixed an issue where detaching the query editor panel gives a blank white panel.
| `Issue #6448 <https://redmine.postgresql.org/issues/6448>`_ - Fixed an issue in the search object when searching in 'all types' or 'subscription' if the user doesn't have access to the subscription.
| `Issue #6489 <https://redmine.postgresql.org/issues/6489>`_ - Fixed an issue where Execute/Refresh button should not be disabled when we run the empty query.
| `Issue #6541 <https://redmine.postgresql.org/issues/6541>`_ - Ensure that setting 'Open in new browser tab' should be visible, it should not be based on the value of 'ENABLE_PSQL'.

2
web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/10_plus/search.sql
View File

@ -330,6 +330,7 @@ FROM (
UNION
{% endif %}
{% if 'subscription' not in skip_obj_type%}
{% if all_obj or obj_type in ['subscription'] %}
SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
{{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@ -338,6 +339,7 @@ FROM (
{% if all_obj %}
UNION
{% endif %}
{% endif %}
{% if all_obj or obj_type in ['language'] %}
SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,
{{ show_node_prefs['language'] }} AS show_node, NULL AS other_info

3
web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/11_plus/search.sql
View File

@ -346,7 +346,7 @@ FROM (
{% if all_obj %}
UNION
{% endif %}
{% if 'subscription' not in skip_obj_type%}
{% if all_obj or obj_type in ['subscription'] %}
SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
{{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@ -355,6 +355,7 @@ FROM (
{% if all_obj %}
UNION
{% endif %}
{% endif %}
{% if all_obj or obj_type in ['language'] %}
SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,
{{ show_node_prefs['language'] }} AS show_node, NULL AS other_info

2
web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/10_plus/search.sql
View File

@ -371,6 +371,7 @@ FROM (
UNION
{% endif %}
{% if 'subscription' not in skip_obj_type%}
{% if all_obj or obj_type in ['subscription'] %}
SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
{{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@ -379,6 +380,7 @@ FROM (
{% if all_obj %}
UNION
{% endif %}
{% endif %}
{% if all_obj or obj_type in ['language'] %}
SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,

2
web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/12_plus/search.sql
View File

@ -378,6 +378,7 @@ FROM (
UNION
{% endif %}
{% if 'subscription' not in skip_obj_type%}
{% if all_obj or obj_type in ['subscription'] %}
SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
{{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@ -386,6 +387,7 @@ FROM (
{% if all_obj %}
UNION
{% endif %}
{% endif %}
{% if all_obj or obj_type in ['language'] %}
SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,

21
web/pgadmin/tools/search_objects/utils.py
View File

@ -89,7 +89,23 @@ class SearchObjectsHelper:
**kwargs
)
def _check_permission(self, obj_type, conn, skip_obj_type):
"""
This function return whether user has permission to see type
:param obj_type:
:param conn:
:return:
"""
if obj_type == 'all':
status, error = conn.execute_dict('select * from pg_subscription')
if 'permission denied' in error:
skip_obj_type.append('subscription')
return skip_obj_type
def search(self, text, obj_type=None):
skip_obj_type = []
conn = self.manager.connection(did=self.did)
last_system_oid = (self.manager.db_info[self.did])['datlastsysoid'] \
if self.manager.db_info is not None and self.did in \
@ -99,6 +115,8 @@ class SearchObjectsHelper:
node_labels = self.get_supported_types(skip_check=True)
# escape the single quote from search text
text = text.replace("'", "''")
skip_obj_type = self._check_permission(obj_type, conn,
skip_obj_type)
# Column catalog_level has values as
# N - Not a catalog schema
@ -109,7 +127,8 @@ class SearchObjectsHelper:
search_text=text.lower(), obj_type=obj_type,
show_system_objects=self.show_system_objects,
show_node_prefs=show_node_prefs, _=gettext,
last_system_oid=last_system_oid)
last_system_oid=last_system_oid,
skip_obj_type=skip_obj_type)
)
if not status: