diff options
| author | Joram Wilander <jwawilander@gmail.com> | 2016-05-03 14:45:36 -0400 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2016-05-03 14:45:36 -0400 |
| commit | b18cf58c8f607bed64d821fcc856e251a391df6a (patch) | |
| tree | 7315a3f82a9de07fd3dd5ca0b83ddb912f87d5aa /model | |
| parent | 87989b8afd4666a72940389db716b6500d0a9ec3 (diff) | |
| download | chat-b18cf58c8f607bed64d821fcc856e251a391df6a.tar.gz chat-b18cf58c8f607bed64d821fcc856e251a391df6a.tar.bz2 chat-b18cf58c8f607bed64d821fcc856e251a391df6a.zip | |
Sanitize sensitive data of out config file for the system console (#2849)
Diffstat (limited to 'model')
| -rw-r--r-- | model/client.go | 2 | ||||
| -rw-r--r-- | model/config.go | 36 |
2 files changed, 34 insertions, 4 deletions
diff --git a/model/client.go b/model/client.go index 7eab008f1..9285368c4 100644 --- a/model/client.go +++ b/model/client.go @@ -611,7 +611,7 @@ func (c *Client) SaveConfig(config *Config) (*Result, *AppError) { return nil, err } else { return &Result{r.Header.Get(HEADER_REQUEST_ID), - r.Header.Get(HEADER_ETAG_SERVER), ConfigFromJson(r.Body)}, nil + r.Header.Get(HEADER_ETAG_SERVER), MapFromJson(r.Body)}, nil } } diff --git a/model/config.go b/model/config.go index 4bb2a7a49..b7c939202 100644 --- a/model/config.go +++ b/model/config.go @@ -28,6 +28,8 @@ const ( GENERIC_NOTIFICATION = "generic" FULL_NOTIFICATION = "full" + + FAKE_SETTING = "********************************" ) type ServiceSettings struct { @@ -597,10 +599,38 @@ func (o *Config) IsValid() *AppError { return nil } -func (me *Config) GetSanitizeOptions() map[string]bool { +func (o *Config) GetSanitizeOptions() map[string]bool { options := map[string]bool{} - options["fullname"] = me.PrivacySettings.ShowFullName - options["email"] = me.PrivacySettings.ShowEmailAddress + options["fullname"] = o.PrivacySettings.ShowFullName + options["email"] = o.PrivacySettings.ShowEmailAddress return options } + +func (o *Config) Sanitize() { + if len(*o.LdapSettings.BindPassword) > 0 { + *o.LdapSettings.BindPassword = FAKE_SETTING + } + + o.FileSettings.PublicLinkSalt = FAKE_SETTING + if len(o.FileSettings.AmazonS3SecretAccessKey) > 0 { + o.FileSettings.AmazonS3SecretAccessKey = FAKE_SETTING + } + + o.EmailSettings.InviteSalt = FAKE_SETTING + o.EmailSettings.PasswordResetSalt = FAKE_SETTING + if len(o.EmailSettings.SMTPPassword) > 0 { + o.EmailSettings.SMTPPassword = FAKE_SETTING + } + + if len(o.GitLabSettings.Secret) > 0 { + o.GitLabSettings.Secret = FAKE_SETTING + } + + o.SqlSettings.DataSource = FAKE_SETTING + o.SqlSettings.AtRestEncryptKey = FAKE_SETTING + + for i := range o.SqlSettings.DataSourceReplicas { + o.SqlSettings.DataSourceReplicas[i] = FAKE_SETTING + } +} |