Ensure the crypt key is retrieved correctly on backend server restart. …

…pgadmin-org#8065
akshay-joshi · Nov 21, 2024 · 026c0d2 · 026c0d2
1 parent 032583e
commit 026c0d2
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 6 deletions.
diff --git a/docs/en_US/container_deployment.rst b/docs/en_US/container_deployment.rst
@@ -142,6 +142,12 @@ Override the default file path for the preferences customization at the containe
 /pgadmin4/preferences.json mapped file below for more information. See the format
 of the `Preferences JSON file <https://www.pgadmin.org/docs/pgadmin4/latest/preferences.html#json-format>`_.
 
+**PGPASS_FILE**
+
+*Default: <null>*
+This varible should be set to if you want to pass password using pgpass
+file for the servers added in pgadmin.
+
 **GUNICORN_ACCESS_LOGFILE**
 
 *Default: -* (stdout)

diff --git a/web/pgadmin/utils/driver/psycopg3/server_manager.py b/web/pgadmin/utils/driver/psycopg3/server_manager.py
@@ -242,7 +242,8 @@ def connection(self, **kwargs):
                                 "Could not find the specified database."
                             ))
 
-        if not get_crypt_key()[0]:
+        if not get_crypt_key()[0] and (
+                config.SERVER_MODE or not config.USE_OS_SECRET_STORAGE):
             # the reason its not connected might be missing key
             raise CryptKeyMissing()
 

diff --git a/web/pgadmin/utils/master_password.py b/web/pgadmin/utils/master_password.py
@@ -28,13 +28,14 @@ def get_crypt_key():
     :return: the key
     """
     enc_key = current_app.keyManager.get()
-    # if desktop mode and master pass disabled then use the password hash
+    # if desktop mode and master pass and local os secret is
+    # disabled then use the password hash
     if not config.MASTER_PASSWORD_REQUIRED and\
             not config.USE_OS_SECRET_STORAGE and not config.SERVER_MODE:
         return True, current_user.password
     # if desktop mode and master pass enabled
-    elif config.MASTER_PASSWORD_REQUIRED and \
-            enc_key is None:
+    elif (config.MASTER_PASSWORD_REQUIRED or config.USE_OS_SECRET_STORAGE) \
+            and enc_key is None:
         return False, None
     elif not config.MASTER_PASSWORD_REQUIRED and config.SERVER_MODE and \
             'pass_enc_key' in session:

diff --git a/web/regression/feature_tests/pg_utilities_maintenance_test.py b/web/regression/feature_tests/pg_utilities_maintenance_test.py
@@ -112,9 +112,11 @@ def _open_maintenance_dialogue(self):
             (By.CSS_SELECTOR,
              NavMenuLocators.tools_menu_css),
             (By.CSS_SELECTOR, NavMenuLocators.maintenance_obj_css))
-        maintenance_obj = self.wait.until(EC.visibility_of_element_located(
+        self.wait.until(EC.visibility_of_element_located(
             (By.CSS_SELECTOR, NavMenuLocators.maintenance_obj_css)))
-        maintenance_obj.click()
+        self.page.retry_click(
+            (By.CSS_SELECTOR, NavMenuLocators.maintenance_obj_css),
+            (By.XPATH, NavMenuLocators.maintenance_operation))
 
         self.assertFalse(self.page.check_utility_error(),
                          'Binary path is not configured.')