Project

Profile

Help

Issue #4083

Non-sensitive information is not being displayed for last_override_config

Added by daviddavis almost 2 years ago. Updated over 1 year ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

In #3521, we redacted all information for last_override_config. We should add back (via whitelist) the non-sensitive fields.

Steps to reproduce:

1. Sync a repo and pass in an override config (phttp POST https://localhost/pulp/api/v2/repositories/zoo/actions/sync/ override_config:="{\"max_speed\": 1000}")
2. Observe in the database that last_override_config is set
3. View the repository details and observe that the Last Override Config field is empty


Related issues

Related to Pulp - Issue #3521: last_override_config exposes sensitive infoCLOSED - CURRENTRELEASE<a title="Actions" class="icon-only icon-actions js-contextmenu" href="#">Actions</a>

History

#1 Updated by daviddavis almost 2 years ago

  • Related to Issue #3521: last_override_config exposes sensitive info added

#2 Updated by CodeHeeler almost 2 years ago

  • Triaged changed from No to Yes

#3 Updated by amacdona@redhat.com almost 2 years ago

It may be necessary for plugins to extend the whitelist.

#4 Updated by bmbouter over 1 year ago

  • Status changed from NEW to CLOSED - WONTFIX

#5 Updated by bmbouter over 1 year ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF