From: Dominik Csapak <d.csapak@proxmox.com>
To: pdm-devel@lists.proxmox.com
Subject: [pdm-devel] [PATCH datacenter-manager] server/ui: don't return token secret in api response
Date: Thu, 19 Dec 2024 13:03:41 +0100 [thread overview]
Message-ID: <20241219120341.2003443-1-d.csapak@proxmox.com> (raw)
as a stop-gap, simply return the empty string for the secret.
Later we can fix that up with a proper type e.g. like we do in
proxmox-backup with `RemoteWithoutPassword`, but that touches too many
places here currently, so this seems fine for now.
On the UI side it's enough to simply don't mark it required and
add a placeholder. If its empty, it won't get submitted anyway.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
server/src/api/remotes.rs | 8 ++++++--
ui/src/remotes/edit_remote.rs | 3 ++-
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/server/src/api/remotes.rs b/server/src/api/remotes.rs
index 02843fa..d4412d0 100644
--- a/server/src/api/remotes.rs
+++ b/server/src/api/remotes.rs
@@ -76,7 +76,9 @@ pub fn list_remotes(rpcenv: &mut dyn RpcEnvironment) -> Result<Vec<Remote>, Erro
Ok(remotes
.into_iter()
- .filter_map(|(id, value)| {
+ .filter_map(|(id, mut value)| {
+ // FIXME: proper type here?
+ value.token = String::new(); // remove secret from api response
(top_level_allowed || 0 != user_info.lookup_privs(&auth_id, &["resource", &id]))
.then_some(value)
})
@@ -286,6 +288,8 @@ pub async fn version(id: String) -> Result<pve_api_types::VersionResponse, Error
/// Get the Remote Configuration
pub fn remote_config(id: String) -> Result<Remote, Error> {
let (remotes, _) = pdm_config::remotes::config()?;
- let remote = get_remote(&remotes, &id)?;
+ let mut remote = get_remote(&remotes, &id)?.clone();
+ // FIXME: proper type here?
+ remote.token = String::new(); // mask token in response
Ok(remote.clone())
}
diff --git a/ui/src/remotes/edit_remote.rs b/ui/src/remotes/edit_remote.rs
index 8902273..ecdb7d5 100644
--- a/ui/src/remotes/edit_remote.rs
+++ b/ui/src/remotes/edit_remote.rs
@@ -90,8 +90,9 @@ fn edit_remote_input_panel(_form_ctx: &FormContext, remote_id: &str) -> Html {
tr!("Password/Secret"),
Field::new()
.name("token")
+ .placeholder(tr!("Unchanged"))
.input_type(InputType::Password)
- .required(true),
+ .required(false),
)
.with_custom_child(
Container::new()
--
2.39.5
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel
next reply other threads:[~2024-12-19 12:03 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-19 12:03 Dominik Csapak [this message]
2024-12-19 12:15 ` [pdm-devel] applied: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241219120341.2003443-1-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pdm-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.