admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-18 10:31:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Hide credentials password values (#4868)

Browse Source 
* feat: redact password field values in credentials

* feat: disable expanding password fields

* fix: redacting credentials without a valid type

This only seems to be a thing in testing?
This commit is contained in:
Valya
2022-12-15 13:31:06 +00:00
committed by GitHub
parent 0e4cda5763
commit fe0f982437
5 changed files with 144 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
packages/cli/src/credentials/credentials.controller.ts
View File

@@ -1,7 +1,14 @@
/* eslint-disable no-param-reassign */
/* eslint-disable @typescript-eslint/no-unused-vars */
import express from 'express';
import { INodeCredentialTestResult, LoggerProxy } from 'n8n-workflow';
import {
deepCopy,
ICredentialType,
INodeCredentialTestResult,
LoggerProxy,
NodeHelpers,
} from 'n8n-workflow';
import { Credentials } from 'n8n-core';
import * as GenericHelpers from '@/GenericHelpers';
import { InternalHooksManager } from '@/InternalHooksManager';
@@ -10,6 +17,7 @@ import config from '@/config';
import { getLogger } from '@/Logger';
import { EECredentialsController } from './credentials.controller.ee';
import { CredentialsService } from './credentials.service';
import { CredentialTypes } from '@/CredentialTypes';
import type { ICredentialsResponse } from '@/Interfaces';
import type { CredentialRequest } from '@/requests';
@@ -88,17 +96,18 @@ credentialsController.get(
const { credentials: credential } = sharing;
if (!includeDecryptedData) {
const { id, data: _, ...rest } = credential;
const { id, data: _, ...rest } = credential;
if (!includeDecryptedData) {
// @TODO_TECH_DEBT: Stringify `id` with entity field transformer
return { id: id.toString(), ...rest };
}
const { id, data: _, ...rest } = credential;
const key = await CredentialsService.getEncryptionKey();
const decryptedData = await CredentialsService.decrypt(key, credential);
const decryptedData = CredentialsService.redact(
await CredentialsService.decrypt(key, credential),
credential,
);
// @TODO_TECH_DEBT: Stringify `id` with entity field transformer
return { id: id.toString(), data: decryptedData, ...rest };
@@ -116,7 +125,15 @@ credentialsController.post(
const { credentials } = req.body;
const encryptionKey = await CredentialsService.getEncryptionKey();
return CredentialsService.test(req.user, encryptionKey, credentials);
const sharing = await CredentialsService.getSharing(req.user, credentials.id);
const mergedCredentials = deepCopy(credentials);
if (mergedCredentials.data && sharing?.credentials) {
const decryptedData = await CredentialsService.decrypt(encryptionKey, sharing.credentials);
mergedCredentials.data = CredentialsService.unredact(mergedCredentials.data, decryptedData);
}
return CredentialsService.test(req.user, encryptionKey, mergedCredentials);
}),
);