Skip to content

Commit

Permalink
fix: unchanged masked client_secret/password updated to *** (#749)
Browse files Browse the repository at this point in the history
  • Loading branch information
@greenhandatsjtu
greenhandatsjtu committed May 10, 2022
1 parent 5dac87a commit 8efd964
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 5 deletions.
6 changes: 5 additions & 1 deletion object/application.go
View file
Expand Up @@ -257,7 +257,11 @@ func UpdateApplication(id string, application *Application) bool {
providerItem.Provider = nil
}

affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(application)
session := adapter.Engine.ID(core.PK{owner, name}).AllCols()
if application.ClientSecret == "***" {
session.Omit("client_secret")
}
affected, err := session.Update(application)
if err != nil {
panic(err)
}
Expand Down
8 changes: 6 additions & 2 deletions object/organization.go
View file
Expand Up @@ -128,15 +128,19 @@ func UpdateOrganization(id string, organization *Organization) bool {
}
}

if organization.MasterPassword != "" {
if organization.MasterPassword != "" && organization.MasterPassword != "***" {
credManager := cred.GetCredManager(organization.PasswordType)
if credManager != nil {
hashedPassword := credManager.GetHashedPassword(organization.MasterPassword, "", organization.PasswordSalt)
organization.MasterPassword = hashedPassword
}
}

affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(organization)
session := adapter.Engine.ID(core.PK{owner, name}).AllCols()
if organization.MasterPassword == "***" {
session.Omit("master_password")
}
affected, err := session.Update(organization)
if err != nil {
panic(err)
}
Expand Down
9 changes: 8 additions & 1 deletion object/provider.go
View file
Expand Up @@ -172,7 +172,14 @@ func UpdateProvider(id string, provider *Provider) bool {
return false
}

affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(provider)
session := adapter.Engine.ID(core.PK{owner, name}).AllCols()
if provider.ClientSecret == "***" {
session = session.Omit("client_secret")
}
if provider.ClientSecret2 == "***" {
session = session.Omit("client_secret2")
}
affected, err := session.Update(provider)
if err != nil {
panic(err)
}
Expand Down
6 changes: 5 additions & 1 deletion object/syncer.go
View file
Expand Up @@ -133,7 +133,11 @@ func UpdateSyncer(id string, syncer *Syncer) bool {
return false
}

affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(syncer)
session := adapter.Engine.ID(core.PK{owner, name}).AllCols()
if syncer.Password == "***" {
session.Omit("password")
}
affected, err := session.Update(syncer)
if err != nil {
panic(err)
}
Expand Down
3 changes: 3 additions & 0 deletions object/user.go
View file
Expand Up @@ -314,6 +314,9 @@ func UpdateUser(id string, user *User, columns []string, isGlobalAdmin bool) boo
return false
}

if user.Password == "***" {
user.Password = oldUser.Password
}
user.UpdateUserHash()

if user.Avatar != oldUser.Avatar && user.Avatar != "" && user.PermanentAvatar != "*" {
Expand Down

0 comments on commit 8efd964

Please sign in to comment.