pgAdmin 4 in server mode had no data isolation between users — any
authenticated user could access other users' private servers,
background processes, and debugger state by guessing object IDs.
The shared server feature had 21 vulnerabilities including credential
leaks, privilege escalation via passexec_cmd, and owner data
corruption via SQLAlchemy session mutations.
Centralized access control:
- New server_access.py with get_server(), get_server_group(),
get_user_server_query() replacing ~20 unfiltered queries
- connection_manager() raises ObjectGone (HTTP 410) in server mode
when access is denied — fixes 155+ unguarded callers
- UserScopedMixin.for_user() on 10 models replaces scattered
user_id filters
Shared server isolation (all 21 audit issues):
- Expunge server from session before property merge to prevent
owner data corruption
- Suppress passexec_cmd, post_connection_sql for non-owners in
merge, API response, and ServerManager
- Override all 6 SSL/passfile connection_params keys from
SharedServer; strip owner-only keys; sanitize on creation
- _is_non_owner() helper centralises 15+ inline ownership checks
- SharedServer lookup uses (osid, user_id) not name
- Unique constraint on SharedServer(osid, user_id)
- Tunnel/DB password save, change_password, clear_saved_password,
clear_sshtunnel_password all branch on ownership
- Only owner can unshare (delete_shared_server guard)
- Session restore includes shared servers
- tunnel_port/tunnel_keep_alive copied from owner, not hardcoded
Tool/module hardening:
- All tool endpoints use get_server()
- Debugger function arguments scoped by user_id
- Background processes use Process.for_user()
- Workspace adhoc servers scoped to current user
Migration (schema version 49 -> 50):
- Add user_id to debugger_function_arguments composite PK
- Add indexes on server, sharedserver, servergroup
- Add unique constraint on sharedserver(osid, user_id)
* Add preference for insert with relations
Co-authored-by: Christian P. <pirnichristian@gmail.com>
* Insert tables with relations on drag and drop
Co-authored-by: Christian P. <pirnichristian@gmail.com>
* Fix test mock not returning Erd Supported Data
Co-authored-by: Christian P. <pirnichristian@gmail.com>
---------
Co-authored-by: Christian P. <pirnichristian@gmail.com>
1. Leverage rc-dock layout to restore the application state.
2. Move the save and load file endpoints to the file manager module.
3. Ensure that the order and layout of tabs is maintained on restore.
4. Persist the changed title of tabs on restore.
1. Replace the current layout library wcDocker with ReactJS based rc-dock. #6479
2. Have close buttons on individual panel tabs instead of common. #2821
3. Changes in the context menu on panel tabs - Add close, close all and close others menu items. #5394
4. Allow closing all the tabs, including SQL and Properties. #4733
5. Changes in docking behaviour of different tabs based on user requests and remove lock layout menu.
6. Fix an issue where the scroll position of panels was not remembered on Firefox. #2986
7. Reset layout now will not require page refresh and is done spontaneously.
8. Use the zustand store for storing preferences instead of plain JS objects. This will help reflecting preferences immediately.
9. The above fix incorrect format (no indent) of SQL stored functions/procedures. #6720
10. New version check is moved to an async request now instead of app start to improve startup performance.
11. Remove jQuery and Bootstrap completely.
12. Replace jasmine and karma test runner with jest. Migrate all the JS test cases to jest. This will save time in writing and debugging JS tests.
13. Other important code improvements and cleanup.
1. Make use of MUI styles and remove SCSS.
2. Use the new common components for buttons and tooltips, so that they are consistent.
3. UI design should be aligned with the query tool.
4. Remove tippyjs and Alertify dependencies.
1) Failed to fetch query history error sometimes.
2) In copy paste row, if a copied row has [null], then those are pasted as an empty string.
3) When Data output is empty, show an empty grid.
4) Schema diff generates a script button resulting in an empty window. Fixes#7306.
5) Detach the DataOutput panel > Try editing text cell > Text editor is hidden behind the data output panel
refs #6131
2) Ensure that the diagram should not vanish entirely if zooming out too far in ERD. Fixes#6164
3) Fixed an issue where Generate SQL displayed twice in the ERD tool. Fixes#6179
4) Updated missing documentation for the 'Download Image' option in ERD. Fixes#6180
1) After opening an existing project, the first table is already selected but the edit, clone, delete buttons are disabled.
2) ERD project title gets changed when 2 ERD projects are open & anyone of it edited.
3) Closing the ERD tab does not ask for a confirmation pop-up.
4) Shortcut for 'Show more/Fewer details' is missing.
5) Deleting the primary key does not delete associated links.
6) The long table & schema name are getting out of the box.
7) The long table name in the notes pop-up needs re-alignment.
8) The same table name present in ERD/canvas is allowed in Add Table dialogue. Added validation in the dialog.
9) Download image option is added, but it is not perfect yet. Image icons (table, schema, etc.) are not showing up.
10) Rename panel option should be disabled by default. It should be enabled for the tools which implement rename functionality.
11) The Toolbar is not visible in Safari for the ERD tool.
refs #1802
Ashesh Vashi
Lance J.
Akshay Joshi
Aditya Toshniwal
Yogesh Mahajan
Pravesh Sharma
Khushboo Vashi
Matěj Cepl