admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 18:12:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Hide credentials password values (#4868)

Browse Source 
* feat: redact password field values in credentials

* feat: disable expanding password fields

* fix: redacting credentials without a valid type

This only seems to be a thing in testing?
This commit is contained in:
Valya
2022-12-15 13:31:06 +00:00
committed by GitHub
parent 0e4cda5763
commit fe0f982437
5 changed files with 144 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
packages/cli/src/credentials/credentials.controller.ee.ts
View File

@@ -1,5 +1,5 @@
import express from 'express';
import { INodeCredentialTestResult, LoggerProxy } from 'n8n-workflow';
import { deepCopy, INodeCredentialTestResult, LoggerProxy } from 'n8n-workflow';
import * as Db from '@/Db';
import { InternalHooksManager } from '@/InternalHooksManager';
import * as ResponseHelper from '@/ResponseHelper';
@@ -91,7 +91,10 @@ EECredentialsController.get(
const { id, data: _, ...rest } = credential;
const key = await EECredentials.getEncryptionKey();
const decryptedData = await EECredentials.decrypt(key, credential);
const decryptedData = EECredentials.redact(
await EECredentials.decrypt(key, credential),
credential,
);
// @TODO_TECH_DEBT: Stringify `id` with entity field transformer
return { id: id.toString(), data: decryptedData, ...rest };
@@ -112,8 +115,8 @@ EECredentialsController.post(
const { ownsCredential } = await EECredentials.isOwned(req.user, credentials.id.toString());
const sharing = await EECredentials.getSharing(req.user, credentials.id);
if (!ownsCredential) {
const sharing = await EECredentials.getSharing(req.user, credentials.id);
if (!sharing) {
throw new ResponseHelper.UnauthorizedError(`Forbidden`);
}
@@ -122,7 +125,13 @@ EECredentialsController.post(
Object.assign(credentials, { data: decryptedData });
}
return EECredentials.test(req.user, encryptionKey, credentials);
const mergedCredentials = deepCopy(credentials);
if (mergedCredentials.data && sharing?.credentials) {
const decryptedData = await EECredentials.decrypt(encryptionKey, sharing.credentials);
mergedCredentials.data = EECredentials.unredact(mergedCredentials.data, decryptedData);
}
return EECredentials.test(req.user, encryptionKey, mergedCredentials);
}),
);