Fix issue with Username being required for Shared server import config #9971
+29
−10
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -601,8 +601,10 @@ def validate_json_data(data, is_admin): | |
| for server in data["Servers"]: | ||
| obj = data["Servers"][server] | ||
|
|
||
| is_shared = obj.get("Shared", None) | ||
|
|
||
| # Check if server is shared.Won't import if user is non-admin | ||
| if is_shared and not is_admin: | ||
| print("Won't import the server '%s' as it is shared " % | ||
| obj["Name"]) | ||
| skip_servers.append(server) | ||
|
|
@@ -627,14 +629,25 @@ def check_is_integer(value): | |
| is_service_attrib_available = obj.get("Service", None) is not None | ||
|
|
||
| if not is_service_attrib_available: | ||
| errmsg = check_attrib("Port") | ||
| if errmsg: | ||
| return errmsg | ||
| errmsg = check_is_integer(obj["Port"]) | ||
| if errmsg: | ||
| return errmsg | ||
|
|
||
| if is_shared: | ||
| # Shared servers may carry either the owner's username | ||
| # or a per-user override, so accept either attribute. | ||
| if "Username" not in obj and "SharedUsername" not in obj: | ||
| return gettext( | ||
| "'Username' or 'SharedUsername' attribute not " | ||
| "found for server '%s'" % server | ||
| ) | ||
| else: | ||
| errmsg = check_attrib("Username") | ||
| if errmsg: | ||
| return errmsg | ||
|
|
||
| errmsg = check_attrib("MaintenanceDB") | ||
| if errmsg: | ||
|
|
@@ -720,6 +733,12 @@ def load_database_servers(input_file, selected_servers, | |
| groups_added = groups_added + 1 | ||
| groups = ServerGroup.query.filter_by(user_id=user_id) | ||
|
|
||
| is_shared = obj.get("Shared", None) | ||
| username = obj.get("Username", None) | ||
| shared_username = obj.get("SharedUsername", None) | ||
| if is_shared and not username: | ||
| username = shared_username | ||
|
|
||
|
Comment on lines
+736
to
+741
Contributor
Author
There was a problem hiding this comment.
I think this
I dont think we should be treating |
||
| # Create the server | ||
| new_server = Server() | ||
| new_server.name = obj["Name"] | ||
|
|
@@ -731,7 +750,7 @@ def load_database_servers(input_file, selected_servers, | |
|
|
||
| new_server.port = obj.get("Port", None) | ||
|
|
||
| new_server.username = username | ||
|
|
||
| new_server.role = obj.get("Role", None) | ||
|
|
||
|
|
@@ -785,9 +804,9 @@ def load_database_servers(input_file, selected_servers, | |
| new_server.tunnel_keep_alive = \ | ||
| obj.get("TunnelKeepAlive", None) | ||
|
|
||
| new_server.shared = is_shared | ||
|
|
||
| new_server.shared_username = shared_username | ||
|
|
||
|
KijongHan marked this conversation as resolved.
|
||
| new_server.kerberos_conn = obj.get("KerberosAuthentication", None) | ||
|
|
||
|
|
||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @KijongHan , In case where
usernameis a empty string in json data, it will fall back toSharedUsername. If SharedUsername is also missing, the server imports silently with username = None. We can useusername is Noneto only trigger the fallback when the key is genuinely absent.I was able to reproduce this with following json
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @hiteshjambhale thanks alot for checking this use case! I share your concern around an empty username string being considered a valid import, but I'm thinking that we should short-circuit the import process further up the validation chain (during JSON validation) here that way we handle the validation in the right place
From what I can see, an empty string
usernamebeing considered valid has been there for some time, so I want to check with you @asheshv or @akshay-joshi and get your opinion on whether we should tighten the validation logic on theusernameproperty and not allow empty stringsThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @hiteshjambhale what do you think about raising the username empty string validation logic as a separate issue?