Antonio-RiveroMartnez commented on code in PR #22513:
URL: https://github.com/apache/superset/pull/22513#discussion_r1062911708
##########
superset/databases/ssh_tunnel/dao.py:
##########
@@ -24,3 +26,27 @@
class SSHTunnelDAO(BaseDAO):
model_cls = SSHTunnel
+
+ @classmethod
+ def update(
+ cls,
+ model: SSHTunnel,
+ properties: Dict[str, Any],
+ commit: bool = True,
+ ) -> SSHTunnel:
+ """
+ Unmask ``password``, ``private_key`` and ``private_key_password``
before updating.
+
+ When a database is edited the user sees a masked version of
+ the aforementioned fields.
+
+ The masked values should be unmasked before the ssh tunnel is updated.
+ """
+ if properties.get("password") == PASSWORD_MASK:
+ properties["password"] = model.password
Review Comment:
The response of the GET already has the masked password thus it's stored in
the reducer, so when calling the API to update let's say the `server_port`, we
send the whole `ssh_tunnel` object, not just updated properties. Because of
that, the API would assume you're trying to update the password when you were
not. Pretty much like we are doing for other masked values in our forms.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
