From d900b2c9b14f7d10552dffaafa2cdf16fce5ff9c Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa <sunil@medhas.org>
Date: Sun, 4 Aug 2024 09:35:19 -0700
Subject: [PATCH] bepasty: Mark secret strings in privileged actions

Tests:

- Perform effected actions and ensure that secrets are not logged on the
console.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
---
 plinth/modules/bepasty/privileged.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plinth/modules/bepasty/privileged.py b/plinth/modules/bepasty/privileged.py
index c9ddd7b63..7e6a186b2 100644
--- a/plinth/modules/bepasty/privileged.py
+++ b/plinth/modules/bepasty/privileged.py
@@ -15,7 +15,7 @@ import subprocess
 import augeas
 
 from plinth import action_utils
-from plinth.actions import privileged
+from plinth.actions import privileged, secret_str
 from plinth.modules import bepasty
 
 DATA_DIR = '/var/lib/bepasty'
@@ -137,7 +137,7 @@ def add_password(permissions: list[str], comment: str | None = None):
 
 
 @privileged
-def remove_password(password: str):
+def remove_password(password: secret_str):
     """Remove a password and its permissions."""
     conf = conf_file_read()
     if password in conf['PERMISSIONS']: