Geographic Information Systems Asked by Alfredo Garcia on May 7, 2021
How can I hide the password in QGIS Vector Layer (PostGIS) in a Plugin (via PyQGIS)?
If the layer is created.
uri = QgsDataSourceURI()
uri.setConnection(self.uri.host(), self.uri.port(), self.uri.database(), self.uri.username(), self.uri.password())
uri.setDataSource(schema,vista, geom, '', pk_field)
vlayer = QgsVectorLayer(uri.uri(False), vista,'postgres')
I just opened the Python console in QGIS, select the layer to discover the database password and type.
layer = iface.activeLayer()
layer.source()
And it displays the user and password of the PostGIS database I am connecting.
I want to avoid that so important information, like the user and password of the PostGIS database I am connecting to, could be displayed so simply, without a way to hide it.
It depends on what is your final purpose.
publicSource
It seems you need to display the source of the layer within your plugin.
So you can use QgsMapLayer.publicSource()
instead of QgsMapLayer.source()
.
Gets a version of the internal layer definition that has sensitive bits removed (for example, the password). This function should be used when displaying the source name for general viewing.
https://qgis.org/api/classQgsMapLayer.html#a2da43913a3a0ed20b4873b2276e2e7f9
When the user is adding a layer, there is warning from QGIS saying that password and user are stored in the project. This is a security issue.
But the user should use the Authentification System provided in QGIS: https://docs.qgis.org/2.14/en/docs/user_manual/auth_system/auth_overview.html
For example, I'm adding the same layer with these two different methods. First by adding my credentials following my first screenshot. I got the warning from QGIS about password. Then I added the layer again with the authentification system (cf the second screenshot above):
iface.activeLayer().source()
u'dbname='stdm' host=localhost port=5433 user='etienne' password='etienne' sslmode=disable key='id' srid=4326 type=MultiPolygon table="public"."buildings" (geom) sql='
iface.activeLayer().source()
u'dbname='stdm' host=localhost port=5433 sslmode=disable authcfg=1363gs5 key='id' srid=4326 type=MultiPolygon table="public"."buildings" (geom) sql='
My password is not there anymore.
Answered by etrimaille on May 7, 2021
This PyQGIS code finally worked:
def getURI(self):
uri = QgsDataSourceURI()
uri.setConnection(self.host,self.port , self.database, "","", QgsDataSourceURI.SSLdisable,"")
configId='nnnID'
self.initAuthManager(configId)
uri.setAuthConfigId(configId)
return uri
def initAuthManager(self,configId):
self.AUTHDB_MASTERPWD = 'yourPluginId'
if self.am==None:
self.am=QgsAuthManager().instance()
if not self.am.masterPasswordHashInDb():
self.am.setMasterPassword(self.AUTHDB_MASTERPWD, True)
self.am.authenticationDbPath()
self.am.masterPasswordIsSet()
cfg = QgsAuthMethodConfig()
cfg.setId(configId)
cfg.setName('yourPluginName')
cfg.setMethod('Basic')
cfg.setConfig('username', "secretuser")
cfg.setConfig('password', "secretpassword")
self.am.storeAuthenticationConfig(cfg)
def insertLayer(self):
uri= self.getURI
vlayer = QgsVectorLayer(uri.uri(False), table,'postgres')
QgsMapLayerRegistry.instance().addMapLayer(vlayer,True)
Answered by Alfredo Garcia on May 7, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP