nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

miniflux: Mark secret strings in privileged actions

Browse Source 
Fixes: #2435

Tests:

- Run affected privileged actions through UI and notice that secret strings are
not logged.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2024-08-04 11:00:15 -07:00 committed by James Valleroy
parent 7dda5455d8
commit bec5e593b3
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
plinth/modules/miniflux/privileged.py
View File

@ -10,7 +10,7 @@ from urllib.parse import urlparse
import pexpect
from plinth import action_utils, db
from plinth.actions import privileged
from plinth.actions import privileged, secret_str
from plinth.utils import is_non_empty_file
STATIC_SETTINGS = {
@ -83,7 +83,7 @@ def _run_miniflux_interactively(command: str, username: str,
@privileged
def create_admin_user(username: str, password: str):
def create_admin_user(username: str, password: secret_str):
"""Create a new admin user for Miniflux CLI.
Raise exception if a user with the name already exists or otherwise fails.
@ -96,7 +96,7 @@ def create_admin_user(username: str, password: str):
@privileged
def reset_user_password(username: str, password: str):
def reset_user_password(username: str, password: secret_str):
"""Reset a user password using Miniflux CLI.
Raise exception if the user does not exist or otherwise fails.