This is an automated email from the ASF dual-hosted git repository.
ericholguin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 16cffe1f26 Display secure parameters when role has proper perms (#7688)
16cffe1f26 is described below
commit 16cffe1f2601fe7b69f5af4a540e82172d696721
Author: Eric Holguin <[email protected]>
AuthorDate: Wed Aug 9 10:45:12 2023 -0600
Display secure parameters when role has proper perms (#7688)
* fix conditional for secure parameters
* add change
* handle v5 functionality
---
CHANGELOG.md | 1 +
traffic_ops/traffic_ops_golang/parameter/parameters.go | 16 ++++++++++++----
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 40e7cdb94c..f985538b42 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -145,6 +145,7 @@ The format is based on [Keep a
Changelog](http://keepachangelog.com/en/1.0.0/).
- [#7628](https://github.com/apache/trafficcontrol/pull/7628) *Traffic Ops*
Fixes an issue where certificate chain validation failed based on leading or
trailing whitespace.
- [#7596](https://github.com/apache/trafficcontrol/pull/7596) *Traffic Ops*
Fixes `federation_resolvers` v5 apis to respond with `RFC3339` date/time Format.
- [#7660](https://github.com/apache/trafficcontrol/pull/7660) *Traffic Ops*
Fixes `deliveryServices` v5 apis to respond with `RFC3339` date/time Format.
+- [#7686](https://github.com/apache/trafficcontrol/pull/7686) *Traffic Ops*
Fixes secured parameters being visible when role has proper permissions.
- [#7697](https://github.com/apache/trafficcontrol/pull/7697) *Traffic Ops*
Fixes `iloPassword` and `xmppPassword` checking for priv-level instead of using
permissions.
### Removed
diff --git a/traffic_ops/traffic_ops_golang/parameter/parameters.go
b/traffic_ops/traffic_ops_golang/parameter/parameters.go
index 167019fbc3..3595ced557 100644
--- a/traffic_ops/traffic_ops_golang/parameter/parameters.go
+++ b/traffic_ops/traffic_ops_golang/parameter/parameters.go
@@ -176,10 +176,18 @@ func (param *TOParameter) Read(h http.Header, useIMS
bool) ([]interface{}, error
return nil, nil, errors.New("scanning " +
param.GetType() + ": " + err.Error()), http.StatusInternalServerError, nil
}
if p.Secure != nil && *p.Secure {
- if param.ReqInfo.Version.Major >= 4 &&
- param.ReqInfo.Config.RoleBasedPermissions &&
-
!param.ReqInfo.User.Can("PARAMETER-SECURE:READ") {
- p.Value = &HiddenField
+ if param.ReqInfo.Version.Major >= 5 {
+ if
!param.ReqInfo.User.Can("PARAMETER-SECURE:READ") {
+ p.Value = &HiddenField
+ }
+ } else if param.ReqInfo.Version.Major == 4 {
+ if param.ReqInfo.Config.RoleBasedPermissions {
+ if
!param.ReqInfo.User.Can("PARAMETER-SECURE:READ") {
+ p.Value = &HiddenField
+ }
+ } else if param.ReqInfo.User.PrivLevel <
auth.PrivLevelAdmin {
+ p.Value = &HiddenField
+ }
} else if param.ReqInfo.User.PrivLevel <
auth.PrivLevelAdmin {
p.Value = &HiddenField
}
