ikiwiki: Mark secret strings in privileged actions

Tests: - Run affected privileged actions through UI and notice that secret strings are not logged. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-05-27 10:44:33 +00:00 · 2024-08-04 11:05:30 -07:00 · 2024-08-04 11:05:30 -07:00 · 382b931cd4
commit 382b931cd4
parent 5c0b15d8f8
1 changed files with 3 additions and 3 deletions
--- a/plinth/modules/ikiwiki/privileged.py
+++ b/plinth/modules/ikiwiki/privileged.py
@ -7,7 +7,7 @@ import re
 import shutil
 import subprocess
-from plinth.actions import privileged
+from plinth.actions import privileged, secret_str
 SETUP_WIKI = '/etc/ikiwiki/plinth-wiki.setup'
 SETUP_BLOG = '/etc/ikiwiki/plinth-blog.setup'
@ -57,7 +57,7 @@ def get_sites() -> list[tuple[str, str]]:
@privileged
-def create_wiki(wiki_name: str, admin_name: str, admin_password: str):
+def create_wiki(wiki_name: str, admin_name: str, admin_password: secret_str):
    """Create a wiki."""
    pw_bytes = admin_password.encode()
    input_ = pw_bytes + b'\n' + pw_bytes
@ -68,7 +68,7 @@ def create_wiki(wiki_name: str, admin_name: str, admin_password: str):
@privileged
-def create_blog(blog_name: str, admin_name: str, admin_password: str):
+def create_blog(blog_name: str, admin_name: str, admin_password: secret_str):
    """Create a blog."""
    pw_bytes = admin_password.encode()
    input_ = pw_bytes + b'\n' + pw_bytes