From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 91E111FF163 for ; Thu, 19 Dec 2024 13:03:44 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 7A68E440F; Thu, 19 Dec 2024 13:03:44 +0100 (CET) From: Dominik Csapak To: pdm-devel@lists.proxmox.com Date: Thu, 19 Dec 2024 13:03:41 +0100 Message-Id: <20241219120341.2003443-1-d.csapak@proxmox.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.016 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pdm-devel] [PATCH datacenter-manager] server/ui: don't return token secret in api response X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" as a stop-gap, simply return the empty string for the secret. Later we can fix that up with a proper type e.g. like we do in proxmox-backup with `RemoteWithoutPassword`, but that touches too many places here currently, so this seems fine for now. On the UI side it's enough to simply don't mark it required and add a placeholder. If its empty, it won't get submitted anyway. Signed-off-by: Dominik Csapak --- server/src/api/remotes.rs | 8 ++++++-- ui/src/remotes/edit_remote.rs | 3 ++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/server/src/api/remotes.rs b/server/src/api/remotes.rs index 02843fa..d4412d0 100644 --- a/server/src/api/remotes.rs +++ b/server/src/api/remotes.rs @@ -76,7 +76,9 @@ pub fn list_remotes(rpcenv: &mut dyn RpcEnvironment) -> Result, Erro Ok(remotes .into_iter() - .filter_map(|(id, value)| { + .filter_map(|(id, mut value)| { + // FIXME: proper type here? + value.token = String::new(); // remove secret from api response (top_level_allowed || 0 != user_info.lookup_privs(&auth_id, &["resource", &id])) .then_some(value) }) @@ -286,6 +288,8 @@ pub async fn version(id: String) -> Result Result { let (remotes, _) = pdm_config::remotes::config()?; - let remote = get_remote(&remotes, &id)?; + let mut remote = get_remote(&remotes, &id)?.clone(); + // FIXME: proper type here? + remote.token = String::new(); // mask token in response Ok(remote.clone()) } diff --git a/ui/src/remotes/edit_remote.rs b/ui/src/remotes/edit_remote.rs index 8902273..ecdb7d5 100644 --- a/ui/src/remotes/edit_remote.rs +++ b/ui/src/remotes/edit_remote.rs @@ -90,8 +90,9 @@ fn edit_remote_input_panel(_form_ctx: &FormContext, remote_id: &str) -> Html { tr!("Password/Secret"), Field::new() .name("token") + .placeholder(tr!("Unchanged")) .input_type(InputType::Password) - .required(true), + .required(false), ) .with_custom_child( Container::new() -- 2.39.5 _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel