Postgres Pro
Downloads
Home   >   mailing lists

Re: New macros for sequence node [pgadmin4] - Mailing list pgadmin-hackers

From Dave Page
Subject Re: New macros for sequence node [pgadmin4]
Date
Msg-id CA+OCxoxjWATufbOFcMiStmnLbUmsmq7akTbEw_21J5BXpU+z2g@mail.gmail.com
Whole thread Raw
In response to Re: New macros for sequence node [pgadmin4]  (Harshal Dhumal <harshal.dhumal@enterprisedb.com>)
List pgadmin-hackers
Tree view
Thanks - patch applied.

On Wed, Feb 10, 2016 at 2:00 PM, Harshal Dhumal <harshal.dhumal@enterprisedb.com> wrote:
+ Usage of macros


Way to use in template:

1] Security labels:

SECLABLE.SET(conn, object_type, object_name, provider, security_label, object.schema)

SECLABLE.UNSET(conn, object_type, object_name, provider, object.schema)

2] Privileges:

PRIVILEGE.SET(conn, object_type, grantee, object_name, privileges_without_grant, privileges_with_grant,
            object.schema)

PRIVILEGE.UNSETALL(conn, object_type, grantee, object_name, schema)



privileges_without_grant = comma separated string of privileges.
privileges_with_grant = comma separated string of privileges.


-- 
Harshal Dhumal
Software Engineer 




On Wed, Feb 10, 2016 at 6:57 PM, Harshal Dhumal <harshal.dhumal@enterprisedb.com> wrote:
Hi,

PFA patch for schema macros for security and privilege.

Now I have moved macros related to schema and its child object under schemas/templates/macros/schemas folder


-- 
Harshal Dhumal
Software Engineer 




On Wed, Feb 10, 2016 at 5:41 PM, Harshal Dhumal <harshal.dhumal@enterprisedb.com> wrote:
Hi,

Here is updated patch for macros. I have added required validation in macros.


-- 
Harshal Dhumal
Software Engineer 




On Wed, Feb 10, 2016 at 1:06 PM, Ashesh Vashi <ashesh.vashi@enterprisedb.com> wrote:

On Tue, Feb 9, 2016 at 3:48 PM, Harshal Dhumal <harshal.dhumal@enterprisedb.com> wrote:

Hi,

PFA of macros  (privilege, security) for sequence node.

Also fixed minor issue in security macro (removed unwanted qtIdent for provider)
This is not allowed.
We can't pass on the data coming from the client blindly to the server.
It is an area, which can introduce the SQL injection in our code.

Hence - I can't allowed that.

--

Thanks & Regards,

Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company





-- 
Harshal Dhumal
Software Engineer 





 --
Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgadmin-hackers








--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgadmin-hackers by date:

Previous
From: Dave Page
Date:
Subject: pgAdmin 4 commit: Security Label and ACL template macros:
Next
From: Ashesh Vashi
Date:
Subject: Re: PATCH: Preferences/Options dialog