-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Setting does not encrypt value #222
Comments
unit test: it("Should decrypt secrets", (done) => {
try {
let item = C_COMPONENT.items[0];
item.secrets.map((secret) => {
return secret.decrypt();
}).forEach((secret) => {
console.log("Secret", secret);
});
done();
} catch (err) {
done(err)
}
}); C_COMPONENT.add({
_id,
name: "Test credentials",
identifier: "TEST",
secrets: [{
name: "Username",
key: "USERNAME",
value: "marc.stirner@example.com"
}, {
name: "Password",
key: "PASSWORD",
value: "Pa$$w0rd"
}]
}, (err, item) => {
try {
// check event arguments
event.args.forEach((args) => {
assert.equal(args[0] instanceof Vault, true);
});
assert.ok(err === null);
assert.equal(item instanceof Vault, true);
done(err);
} catch (err) {
done(err);
}
});
|
Change the set handler: Object.defineProperty(this, "value", {
set(value) {
// check if value is allready encrypted
if (value?.split(":")?.length === 1) {
value = encrypt(value);
}
// ignore usless set
// related to #219
if (value == obj.value) {
return;
}
obj.value = value;
process.nextTick(changed);
},
get() {
return obj.value;
},
// NOTE: Make value field not enumarble?
configurable: false
}); Hide the 👎 Better would be to keep the encrypt/decrypt methods, encrypt the value on pre add hook, and assume/ensure that only the set on value is done with already encrypted data. For that i would say hide the // check if value is allready encrypted
if (value?.split(":")?.length === 1) {
value = encrypt(value);
} This would be better practice in my opinion. |
Closed due to the available fix. |
When new item is added, the provided secret values are not encrypted, just plain stored in the database.
The text was updated successfully, but these errors were encountered: