1354526 – Downstream password filtering functionality in foreman-tasks and dynflow

Bug 1354526 - Downstream password filtering functionality in foreman-tasks and dynflow

Summary: Downstream password filtering functionality in foreman-tasks and dynflow

Keywords:
Status:	CLOSED DEFERRED
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Tasks Plugin
Sub Component:
Version:	Unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	Unspecified
Assignee:	Ivan Necas
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	rhci-common-installer 1352929
TreeView+	depends on / blocked

Reported:	2016-07-11 13:41 UTC by Derek Whatley
Modified:	2019-09-26 18:41 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-08-02 12:40:47 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	15624	0	None	None	None	2016-07-11 16:08:26 UTC

Description Derek Whatley 2016-07-11 13:41:14 UTC

Description of problem:
-----------------------
Quickstart Cloud Installer BZ 1352929 (https://bugzilla.redhat.com/show_bug.cgi?id=1352929) is blocked by inability to remove plaintext passwords from DynFlow Web UI.

Code has been written, but needs to be brought into a future downstream release. 

foreman-tasks PR 192 (https://github.com/theforeman/foreman-tasks/pull/192) dynflow PR 190 (https://github.com/Dynflow/dynflow/pull/190)


Version-Release number of selected component (if applicable):
-------------------------------------------------------------
N/A


How reproducible:
-----------------
100%


Steps to Reproduce:
-------------------
1. Perform DynFlow task with sensitive data as part of the input params
2. Allow task to fail, so that input parameters are included in output


Actual results:
---------------
When task fails, output on Web UI includes sensitive params in plaintext


Expected results:
-----------------
API is provided to allow for filtering of sensitive data from the WebUI.
When task fails, output on Web UI obscures designated sensitive params.


Additional info:
----------------

Comment 1 Bryan Kearney 2016-07-11 18:15:34 UTC

Upstream bug assigned to inecas

Comment 2 Bryan Kearney 2016-07-11 18:15:36 UTC

Upstream bug assigned to inecas

Comment 4 Bryan Kearney 2016-07-22 14:16:24 UTC

Moving to POST since upstream bug http://projects.theforeman.org/issues/15624 has been closed

Note You need to log in before you can comment on or make changes to this bug.