Fixes #36591 - Fix the parameter value masking #9778
Conversation
|
Issues: #36591 |
|
Can one of the admins verify this patch? |
2 similar comments
|
Can one of the admins verify this patch? |
|
Can one of the admins verify this patch? |
There was a problem hiding this comment.
@girijaasoni Your changes also affect the common_parameters page. The value column for parameters with hidden_value shows true instead of asterisks.
That was because i changed the parameters model, fixed it now :) |
|
It is working for me now. Just one small note, I think it would be nicer to hide the parameter's value if the |
as per the acceptance criteria in the bz: https://bugzilla.redhat.com/show_bug.cgi?id=2172394, the expected results are mentioned as "The value should be visible even after hide and unhide." |
I believe their intention was that when you hide and unhide the value, you would see the original value again instead of asterisks. |
Thanks @nofaralfasi , fixed it :) |
screen-capture.3.webm |
fixed it but for all types of input except for the boolean type as it is a dropdown in that case and the component we have used is "Select" and it doesn't have a parameter for masking a value and IMHO it's not required as well. |
|
ok to test |
There was a problem hiding this comment.
If I understand it correctly, we are masking the value of the parameter while editing it, right?
My question is, what's the point of hiding value while editing it? If users have permission for editing parameters, then there is no reason to hide the value for them.
IMHO it's a security feature with low to no impact that can be removed, but please feel free to correct me if I miss something.
| attributes :id, :name, :parameter_type, :associated_type, :hidden_value? | ||
|
|
||
| node do | ||
| partial("api/v2/common/show_hidden", :locals => { :value => :value }, :object => @object) |
There was a problem hiding this comment.
What was the reason to remove this node? We should not change the API,
customers can have their own infra on the top pf our API and this is a breaking change
| @@ -135,7 +134,7 @@ export const EditParametersTableRow = ({ | |||
| <SelectOption value="false" /> | |||
| </Select> | |||
| ) : ( | |||
| <TextArea | |||
| <TextInput | |||
There was a problem hiding this comment.
I don't think this is a good change. For short strings, yeah, but what if you'll have a parameter with let's say public SSH key, which is a common use case:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDLLfFKVRh3XWCZBhFZ9VTHk1dnjDAYuyPpGxXUdyaMBEA0mBk7xNW1vP3zikdo4rdn4lg4q1sLeh2MkkmZnBiV+AcetaQ3iceNfRKjCL7hML4fAyKqIC2FuO7zAFWbe1jqHDYz7TiOEIqmfJFCPnHHw2XyqKhLiMjsRqjLuTPeGeDmOOo1aI7KwTM1iyrrJsjKtuBT4navog5TNaTyR+E9KC+KPcTWSG61nA0HyOE/UD2jSVI+8Q13E6H2RfbMmbRzIJPUrxuS5B8Io2LxEr56YZuKeQhsYWJBqtpmvhKQULQo4WdPu+1nyApInXbF25jx0FieBROJ1D+KLl/Uj4Tp4O9ihPAwiUo3F6qK0aJFt01YvxEERFmqFdyI7+z/bOXlj0yO1qnFDphBd0s0uk/3FHcGZRqLtKXywv9aDbprjdNJzDAW6/j93n8yn1aaaaaaaaaaaaaaaaAAAAAAAAAAAAAAAAAAAAMgGLeQIAsWvU6PLwfHq8polj6xntR9XDv3/9mkNBgU= [email protected]
That's not something you want to have in the input field.
So the BZ was ideally filed for the scenario when you add a parameter and click on the hide button and again unclick it, the value vanished, in the context of editing a parameter the user can surely unmask and change the value and again mask it if it's a critical parameter based on the scenario. |
|
Thanks @girijaasoni @nofaralfasi |
No description provided.