From 80ccd62d384192a76b8d4b10b3853fcbc6ee2123 Mon Sep 17 00:00:00 2001
From: Pradip Parkale <pradip.parkale@enterprisedb.com>
Date: Wed, 23 Jun 2021 12:39:55 +0530
Subject: [PATCH] Fixed an issue in the search object when searching in 'all
 types' or 'subscription' if the user doesn't have access to the subscription.
 Fixes #6448

---
 docs/en_US/release_notes_5_5.rst              |  1 +
 .../search_objects/sql/pg/10_plus/search.sql  |  2 ++
 .../search_objects/sql/pg/11_plus/search.sql  |  3 ++-
 .../sql/ppas/10_plus/search.sql               |  2 ++
 .../sql/ppas/12_plus/search.sql               |  2 ++
 web/pgadmin/tools/search_objects/utils.py     | 21 ++++++++++++++++++-
 6 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/docs/en_US/release_notes_5_5.rst b/docs/en_US/release_notes_5_5.rst
index ea2466448..a3d3533ff 100644
--- a/docs/en_US/release_notes_5_5.rst
+++ b/docs/en_US/release_notes_5_5.rst
@@ -20,5 +20,6 @@ Bug fixes
 
 | `Issue #6388 <https://redmine.postgresql.org/issues/6388>`_ -  Fixed replace keyboard shortcut issue in the query tool on the normal keyboard layout.
 | `Issue #6398 <https://redmine.postgresql.org/issues/6398>`_ -  Fixed an issue where detaching the query editor panel gives a blank white panel.
+| `Issue #6448 <https://redmine.postgresql.org/issues/6448>`_ -  Fixed an issue in the search object when searching in 'all types' or 'subscription' if the user doesn't have access to the subscription.
 | `Issue #6489 <https://redmine.postgresql.org/issues/6489>`_ -  Fixed an issue where Execute/Refresh button should not be disabled when we run the empty query.
 | `Issue #6541 <https://redmine.postgresql.org/issues/6541>`_ -  Ensure that setting 'Open in new browser tab' should be visible, it should not be based on the value of 'ENABLE_PSQL'.
diff --git a/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/10_plus/search.sql b/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/10_plus/search.sql
index 1a472230b..be4a47136 100644
--- a/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/10_plus/search.sql
+++ b/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/10_plus/search.sql
@@ -330,6 +330,7 @@ FROM (
     UNION
 {% endif %}
 
+{% if 'subscription' not in skip_obj_type%}
 {% if all_obj or obj_type in ['subscription'] %}
     SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
     {{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@@ -338,6 +339,7 @@ FROM (
 {% if all_obj %}
     UNION
 {% endif %}
+{% endif %}
 {% if all_obj or obj_type in ['language'] %}
     SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,
     {{ show_node_prefs['language'] }} AS show_node, NULL AS other_info
diff --git a/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/11_plus/search.sql b/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/11_plus/search.sql
index 26fc238aa..992b547ae 100644
--- a/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/11_plus/search.sql
+++ b/web/pgadmin/tools/search_objects/templates/search_objects/sql/pg/11_plus/search.sql
@@ -346,7 +346,7 @@ FROM (
 {% if all_obj %}
     UNION
 {% endif %}
-
+{% if 'subscription' not in skip_obj_type%}
 {% if all_obj or obj_type in ['subscription'] %}
     SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
     {{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@@ -355,6 +355,7 @@ FROM (
 {% if all_obj %}
     UNION
 {% endif %}
+{% endif %}
 {% if all_obj or obj_type in ['language'] %}
     SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,
     {{ show_node_prefs['language'] }} AS show_node, NULL AS other_info
diff --git a/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/10_plus/search.sql b/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/10_plus/search.sql
index b5fc01b51..356509fd6 100644
--- a/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/10_plus/search.sql
+++ b/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/10_plus/search.sql
@@ -371,6 +371,7 @@ FROM (
     UNION
 {% endif %}
 
+{% if 'subscription' not in skip_obj_type%}
 {% if all_obj or obj_type in ['subscription'] %}
     SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
     {{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@@ -379,6 +380,7 @@ FROM (
 {% if all_obj %}
     UNION
 {% endif %}
+{% endif %}
 
 {% if all_obj or obj_type in ['language'] %}
     SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,
diff --git a/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/12_plus/search.sql b/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/12_plus/search.sql
index 1a6165836..63273498b 100644
--- a/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/12_plus/search.sql
+++ b/web/pgadmin/tools/search_objects/templates/search_objects/sql/ppas/12_plus/search.sql
@@ -378,6 +378,7 @@ FROM (
     UNION
 {% endif %}
 
+{% if 'subscription' not in skip_obj_type%}
 {% if all_obj or obj_type in ['subscription'] %}
     SELECT 'subscription'::text AS obj_type, subname AS obj_name, ':subscription.'||pub.oid||':/' || subname AS obj_path, ''::text AS schema_name,
     {{ show_node_prefs['subscription'] }} AS show_node, NULL AS other_info
@@ -386,6 +387,7 @@ FROM (
 {% if all_obj %}
     UNION
 {% endif %}
+{% endif %}
 
 {% if all_obj or obj_type in ['language'] %}
     SELECT 'language'::text AS obj_type, lanname AS obj_name, ':language.'||lan.oid||':/' || lanname AS obj_path, ''::text AS schema_name,
diff --git a/web/pgadmin/tools/search_objects/utils.py b/web/pgadmin/tools/search_objects/utils.py
index a7d556853..407dc83f2 100644
--- a/web/pgadmin/tools/search_objects/utils.py
+++ b/web/pgadmin/tools/search_objects/utils.py
@@ -89,7 +89,23 @@ class SearchObjectsHelper:
             **kwargs
         )
 
+    def _check_permission(self, obj_type, conn, skip_obj_type):
+        """
+        This function return whether user has permission to see type
+        :param obj_type:
+        :param conn:
+        :return:
+        """
+
+        if obj_type == 'all':
+            status, error = conn.execute_dict('select * from pg_subscription')
+            if 'permission denied' in error:
+                skip_obj_type.append('subscription')
+
+        return skip_obj_type
+
     def search(self, text, obj_type=None):
+        skip_obj_type = []
         conn = self.manager.connection(did=self.did)
         last_system_oid = (self.manager.db_info[self.did])['datlastsysoid'] \
             if self.manager.db_info is not None and self.did in \
@@ -99,6 +115,8 @@ class SearchObjectsHelper:
         node_labels = self.get_supported_types(skip_check=True)
         # escape the single quote from search text
         text = text.replace("'", "''")
+        skip_obj_type = self._check_permission(obj_type, conn,
+                                               skip_obj_type)
 
         # Column catalog_level has values as
         # N - Not a catalog schema
@@ -109,7 +127,8 @@ class SearchObjectsHelper:
                          search_text=text.lower(), obj_type=obj_type,
                          show_system_objects=self.show_system_objects,
                          show_node_prefs=show_node_prefs, _=gettext,
-                         last_system_oid=last_system_oid)
+                         last_system_oid=last_system_oid,
+                         skip_obj_type=skip_obj_type)
         )
 
         if not status: