Closed gjsjohnmurray closed 2 years ago
@isc-bsaviano it may be advisable to adopt this technique in the Language Server and main ObjectScript extensions, otherwise if a user creates a multi-root isfs workspace that uses two different usernames to connect to two different namespaces on the same server the extensions could in theory encounter problems by supplying the cookie for userA's session when they actually need to operate in a namespace that only userB has access to.
Doing some more work on this, so have set it to Draft. Please hold off review for now.
@isc-bsaviano @isc-rsingh when you have time please review / test this. The VSIX is at https://github.com/intersystems-community/intersystems-servermanager/suites/8418802188/artifacts/372553351
@gjsjohnmurray Neither the main extension nor language server using cookie jars so what action is required to resolve this issue there, if any? I'm pretty sure that they have used the same cookie management system since LS 2.0.0
@isc-bsaviano based on this:
if a multi-root workspace has two isfs folders that use different server names that actually point to the same server but specify different usernames with different permissions on the server, I think the first one to connect will get and store a cookie, then the second one will operate as that user rather than the one specified in the definition.
It's a bit of an edge case, but in fixing it in Server Manager I just wanted to make you aware of it.
Ok, so I should add the username to the end of that key?
Yes, I think that will do the trick. One test case would be userA having permission on namespace A but not on B, and userB having permission on B but not A.
@gjsjohnmurray I updated the language server code
@isc-bsaviano @isc-rsingh when you have time please review / test this. The VSIX is at https://github.com/intersystems-community/intersystems-servermanager/suites/8418802188/artifacts/372553351
@gjsjohnmurray can you share with me a .workspace file you used for testing? I'll use that to build my own similar one.
can you share with me a .workspace file you used for testing?
@isc-rsingh you don't really need a .code-workspace file for testing Server Manager. Here are my suggested steps:
@isc-bsaviano @isc-rsingh any chance of getting this approved today? I'd like to get the pre-release published very soon if we're going to achieve the goal of promoting Server Manager v3 to replace v2 early next week.
This PR fixes #149 and #145.
With this change multiple
intersystems.servers
entries that point to the same server but specify different usernames will now each connect with the correct username (provided the /api/aterlier webapp doesn't permit Unauthenticated access), and will only show namespaces which the user can access.As a bonus it also displays the connection's username in the tooltip on the Namespaces folder.
When user logs out of a connection from the VS Code Accounts menu we will attempt to release the server-side session license.