From 8279e7e01cf5acb4e88b33f16a35d5fe4b573258 Mon Sep 17 00:00:00 2001
From: Nikhil Mohite <nikhil.mohite@enterprisedb.com>
Date: Fri, 26 Feb 2021 12:30:30 +0530
Subject: [PATCH] =?UTF-8?q?Ensure=20that=20the=20user=20should=20be=20able?=
 =?UTF-8?q?=20to=20kill=20the=20session=20from=20Dashboard=20if=20the=20us?=
 =?UTF-8?q?er=20has=C2=A0a=20'pg=5Fsignal=5Fbackend'=20role.=20Fixes=20#61?=
 =?UTF-8?q?59?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/en_US/release_notes.rst                  |  1 +
 docs/en_US/release_notes_5_1.rst              | 20 +++++++++++++++++++
 web/pgadmin/dashboard/static/js/dashboard.js  |  7 ++++++-
 .../utils/driver/psycopg2/connection.py       | 16 +++++++++++----
 4 files changed, 39 insertions(+), 5 deletions(-)
 create mode 100644 docs/en_US/release_notes_5_1.rst

diff --git a/docs/en_US/release_notes.rst b/docs/en_US/release_notes.rst
index db4ecfada..015c3850b 100644
--- a/docs/en_US/release_notes.rst
+++ b/docs/en_US/release_notes.rst
@@ -11,6 +11,7 @@ notes for it.
 .. toctree::
    :maxdepth: 1
 
+   release_notes_5_1
    release_notes_5_0
    release_notes_4_30
    release_notes_4_29
diff --git a/docs/en_US/release_notes_5_1.rst b/docs/en_US/release_notes_5_1.rst
new file mode 100644
index 000000000..45ce20a77
--- /dev/null
+++ b/docs/en_US/release_notes_5_1.rst
@@ -0,0 +1,20 @@
+************
+Version 5.1
+************
+
+Release date: 2021-03-25
+
+This release contains a number of bug fixes and new features since the release of pgAdmin4 5.0.
+
+New features
+************
+
+
+Housekeeping
+************
+
+
+Bug fixes
+*********
+
+| `Issue #6159 <https://redmine.postgresql.org/issues/6159>`_ -  Ensure that the user should be able to kill the session from Dashboard if the user has a 'pg_signal_backend' role.
diff --git a/web/pgadmin/dashboard/static/js/dashboard.js b/web/pgadmin/dashboard/static/js/dashboard.js
index d8c298201..1cce956f2 100644
--- a/web/pgadmin/dashboard/static/js/dashboard.js
+++ b/web/pgadmin/dashboard/static/js/dashboard.js
@@ -30,7 +30,8 @@ define('pgadmin.dashboard', [
     is_super_user = false,
     current_user, maintenance_database,
     is_server_dashboard = false,
-    is_database_dashboard = false;
+    is_database_dashboard = false,
+    can_signal_backend = false;
 
   // Custom BackGrid cell, Responsible for cancelling active sessions
   var customDashboardActionCell = Backgrid.Extension.DeleteCell.extend({
@@ -293,6 +294,7 @@ define('pgadmin.dashboard', [
           // Check if user is super user
           var server = treeHierarchy['server'];
           maintenance_database = (server && server.db) || null;
+          can_signal_backend = server.user.can_signal_backend;
 
           if (server && server.user && server.user.is_superuser) {
             is_super_user = true;
@@ -1149,6 +1151,9 @@ define('pgadmin.dashboard', [
           gettext('The session is already in idle state.')
         );
         return false;
+      } else if (can_signal_backend) {
+        // user with membership of 'pg_signal_backend' can terminate the session of non admin user.
+        return true;
       } else if (is_super_user) {
         // Super user can do anything
         return true;
diff --git a/web/pgadmin/utils/driver/psycopg2/connection.py b/web/pgadmin/utils/driver/psycopg2/connection.py
index cd6a07b3b..7dadb22aa 100644
--- a/web/pgadmin/utils/driver/psycopg2/connection.py
+++ b/web/pgadmin/utils/driver/psycopg2/connection.py
@@ -552,12 +552,20 @@ WHERE db.datname = current_database()""")
         """
         status = self._execute(cur, """
         SELECT
-            oid as id, rolname as name, rolsuper as is_superuser,
-            CASE WHEN rolsuper THEN true ELSE rolcreaterole END as
+            roles.oid as id, roles.rolname as name,
+            roles.rolsuper as is_superuser,
+            CASE WHEN roles.rolsuper THEN true ELSE roles.rolcreaterole END as
             can_create_role,
-            CASE WHEN rolsuper THEN true ELSE rolcreatedb END as can_create_db
+            CASE WHEN roles.rolsuper THEN true
+            ELSE roles.rolcreatedb END as can_create_db,
+            CASE WHEN 'pg_signal_backend'=ANY(ARRAY(
+                SELECT pg_catalog.pg_roles.rolname FROM
+                pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles ON
+                (m.roleid = pg_catalog.pg_roles.oid) WHERE
+                 m.member = roles.oid)) THEN True
+            ELSE False END as can_signal_backend
         FROM
-            pg_catalog.pg_roles
+            pg_catalog.pg_roles as roles
         WHERE
             rolname = current_user""")