nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-03-11 09:04:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

actions: Add error when likely parameters are not marked as secret

Browse Source 
This is to ensure that secret parameter which must likely be marked as secret
are not marked as secret. The partially mitigates the biggest disadvantage of
printing all the parameters by default and marking exception, that is,
forgetting to mark.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2024-08-04 17:07:34 -07:00 committed by James Valleroy
parent 601d04f47c
commit 96cbd0ef7f
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
plinth/actions.py
View File

@ -272,6 +272,13 @@ def _check_privileged_action_arguments(func):
if arg not in argspec.annotations:
raise SyntaxError('All arguments must be annotated')
for arg_name, arg_value in argspec.annotations.items():
for keyword in ('password', 'passphrase', 'secret'):
if keyword in arg_name:
if arg_value not in [secret_str, secret_str | None]:
raise SyntaxError(
f'Argument {arg_name} should likely be a "secret_str"')
def _get_privileged_action_module_name(func):
"""Figure out the module name of a privileged action."""