[common] Try to replace all sensitive data in logs

pretalx · Feb 22, 2019 · 1b112d4 · 1b112d4
1 parent 584c5d8
commit 1b112d4
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/src/pretalx/common/mixins/models.py b/src/pretalx/common/mixins/models.py
@@ -3,6 +3,7 @@
 from django.contrib.contenttypes.models import ContentType
 from i18nfield.utils import I18nJSONEncoder
 
+SENSITIVE_KEYS = ['password', 'secret', 'api_key']
 
 class LogMixin:
 
@@ -11,8 +12,14 @@ def log_action(self, action, data=None, person=None, orga=False):
             return
 
         from pretalx.common.models import ActivityLog
-        if data and not isinstance(data, str):
+        if data and isinstance(data, dict):
+            for key, value in data.items():
+                if any(sensitive_key in key for sensitive_key in SENSITIVE_KEYS):
+                    value = data[key]
+                    data[key] = '********' if value else value
             data = json.dumps(data, cls=I18nJSONEncoder)
+        elif data:
+            raise TypeError('Logged data should always be a dictionary.')
 
         ActivityLog.objects.create(
             event=getattr(self, 'event', None), person=person, content_object=self,