From 44f3deae2babbc72493806c476c907454c7cece3 Mon Sep 17 00:00:00 2001
From: Lynwee <linwei.hou@merico.dev>
Date: Fri, 14 Jun 2024 13:43:24 +0800
Subject: [PATCH] fix(framework): sanitize gitextractor plugin options
 correctly (#7622)

* fix(framework): sanitize gitextractor plugin options correctly

* fix(test): fix panic when running CI
---
 backend/server/services/pipeline.go | 14 ++++++++++++--
 backend/server/services/project.go  |  5 +++++
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/backend/server/services/pipeline.go b/backend/server/services/pipeline.go
index 733b78f7761..15d930205aa 100644
--- a/backend/server/services/pipeline.go
+++ b/backend/server/services/pipeline.go
@@ -47,10 +47,19 @@ var pluginOptionSanitizers = map[string]func(map[string]interface{}){
 	"gitextractor": func(options map[string]interface{}) {
 		if v, ok := options["url"]; ok {
 			gitUrl := cast.ToString(v)
-			u, _ := url.Parse(gitUrl)
+			u, err := url.Parse(gitUrl)
+			if err != nil {
+				logger.Error(err, "failed to parse git url", gitUrl)
+			}
 			if u != nil && u.User != nil {
 				password, ok := u.User.Password()
 				if ok {
+					escapedUrl, err := url.QueryUnescape(gitUrl)
+					if err != nil {
+						logger.Warn(err, "failed to unescape url %s", gitUrl)
+					} else {
+						gitUrl = escapedUrl
+					}
 					gitUrl = strings.Replace(gitUrl, password, strings.Repeat("*", len(password)), -1)
 					options["url"] = gitUrl
 				}
@@ -148,7 +157,8 @@ func SanitizeBlueprint(blueprint *models.Blueprint) error {
 func SanitizePipeline(pipeline *models.Pipeline) error {
 	for planStageIdx, pipelineStage := range pipeline.Plan {
 		for planTaskIdx := range pipelineStage {
-			pipelineTask, err := SanitizeTask(pipeline.Plan[planStageIdx][planTaskIdx])
+			task := pipeline.Plan[planStageIdx][planTaskIdx]
+			pipelineTask, err := SanitizeTask(task)
 			if err != nil {
 				return err
 			}
diff --git a/backend/server/services/project.go b/backend/server/services/project.go
index 547616d078c..e119979ab05 100644
--- a/backend/server/services/project.go
+++ b/backend/server/services/project.go
@@ -416,6 +416,11 @@ func makeProjectOutput(project *models.Project, withLastPipeline bool) (*models.
 	if err != nil {
 		return nil, errors.Default.Wrap(err, "Error to get blueprint by project")
 	}
+	if projectOutput.Blueprint != nil {
+		if err := SanitizeBlueprint(projectOutput.Blueprint); err != nil {
+			return nil, errors.Convert(err)
+		}
+	}
 	if withLastPipeline {
 		if projectOutput.Blueprint == nil {
 			logger.Warn(fmt.Errorf("blueprint is nil"), "want to get latest pipeline, but blueprint is nil")