External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-07 09:27:36 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #605 from ryanpetrello/release_3.2.2

Browse Source 
fix another survey encryption-related bug
This commit is contained in:
Ryan Petrello
2017-12-01 17:30:43 -05:00
committed by GitHub
parent 1ff0591553 6c7851b51f
commit b987b7daa0
2 changed files with 34 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
awx/main/models/mixins.py
View File

@@ -310,8 +310,8 @@ class SurveyJobMixin(models.Model):
if self.survey_passwords: if self.survey_passwords:
extra_vars = json.loads(self.extra_vars) extra_vars = json.loads(self.extra_vars)
for key in self.survey_passwords: for key in self.survey_passwords:
if key in extra_vars: value = extra_vars.get(key)
value = extra_vars[key] if value and isinstance(value, basestring) and value.startswith('$encrypted$'):
extra_vars[key] = decrypt_value(get_encryption_key('value', pk=None), value) extra_vars[key] = decrypt_value(get_encryption_key('value', pk=None), value)
return json.dumps(extra_vars) return json.dumps(extra_vars)
else: else:

32
awx/main/tests/functional/api/test_survey_spec.py
View File

@@ -134,6 +134,38 @@ def test_survey_spec_passwords_are_encrypted_on_launch(job_template_factory, pos
assert "for 'secret_value' expected to be a string." in json.dumps(resp.data) assert "for 'secret_value' expected to be a string." in json.dumps(resp.data)
@mock.patch('awx.api.views.feature_enabled', lambda feature: True)
@pytest.mark.django_db
def test_survey_spec_passwords_with_empty_default(job_template_factory, post, admin_user):
objects = job_template_factory('jt', organization='org1', project='prj',
inventory='inv', credential='cred')
job_template = objects.job_template
job_template.survey_enabled = True
job_template.save()
input_data = {
'description': 'A survey',
'spec': [{
'index': 0,
'question_name': 'What is your password?',
'required': False,
'variable': 'secret_value',
'type': 'password',
'default': ''
}],
'name': 'my survey'
}
post(url=reverse('api:job_template_survey_spec', kwargs={'pk': job_template.id}),
data=input_data, user=admin_user, expect=200)
resp = post(reverse('api:job_template_launch', kwargs={'pk': job_template.pk}),
{}, admin_user, expect=201)
job = Job.objects.get(pk=resp.data['id'])
assert json.loads(job.extra_vars)['secret_value'] == ''
assert json.loads(job.decrypted_extra_vars()) == {
'secret_value': ''
}
@mock.patch('awx.api.views.feature_enabled', lambda feature: True) @mock.patch('awx.api.views.feature_enabled', lambda feature: True)
@pytest.mark.django_db @pytest.mark.django_db
@pytest.mark.parametrize('default, status', [ @pytest.mark.parametrize('default, status', [