hide the password in trigger output

Descriptive title for this enhancement

The password is visible in the trigger output when there is an error

Actual behavior

The password is visible

Expected behavior

It will be better to display a fixed number of * for hiding the password

Step by step description of new behaviour

1. Create a trigger with and error
2. Use %passwordClear% in the command as argument
3. The error display the command with the arguments

Benefits

No password is showed

Possible Drawbacks

None

Applicable Issues

https://gitlab.fusiondirectory.org/unamur/Automatisation-approvisionnement-des-annuaires/-/issues/69

assigned to @tdockx

By Jonathan Swaelens on 2022-05-19T09:02:26 (imported from GitLab)

marked this issue as related to #3227 (closed)

By Jonathan Swaelens on 2022-05-19T09:02:26 (imported from GitLab)

added PJ2106-0424 label

added 15m of time spent

By Jonathan Swaelens on 2022-05-19T09:02:41 (imported from GitLab)

created branch 6212-hide-the-password-in-trigger-output to address this issue

By dockx thibault on 2022-05-19T15:11:46 (imported from GitLab)

mentioned in merge request !955

By dockx thibault on 2022-05-19T15:12:17 (imported from GitLab)

Hi @jswaelens,

I could indeed reproduce the problem. I have added a method within callHook to obscure the password during a hook script result.

Let me know if this resolve this issue.

Before After

By dockx thibault on 2022-05-19T15:32:10 (imported from GitLab)

hello @tdockx

thank you for the fix we will test this, can you open a ticket to create a test in automated testing

Cheers

By bmortier on 2022-05-19T15:35:46 (imported from GitLab)

added 5m of time spent

By bmortier on 2022-05-19T15:35:46 (imported from GitLab)

Hello @bmortier,

My pleasure, the automated-test ticket is open here

Kind regards.

By dockx thibault on 2022-05-19T15:49:16 (imported from GitLab)

added 3h of time spent

By dockx thibault on 2022-05-19T15:57:57 (imported from GitLab)

mentioned in commit 502d2e91

By Jonathan Swaelens on 2022-05-20T07:33:49 (imported from GitLab)

closed

I tested it locally and it's working like expected

By Jonathan Swaelens on 2022-05-20T07:34:08 (imported from GitLab)

added 15m of time spent

By Jonathan Swaelens on 2022-05-20T07:34:10 (imported from GitLab)

Hello @tdockx

The selenium test found a strpos php error when the userPassword is not changed

https://gitlab.fusiondirectory.org/debian/buster-fusiondirectory-dev/-/jobs/65782

You must display the php errors to be able to see it

By Jonathan Swaelens on 2022-05-20T16:52:18 (imported from GitLab)

added 30m of time spent

By Jonathan Swaelens on 2022-05-20T16:52:19 (imported from GitLab)

@jswaelens Ho ok, thanks. I will look into this.

By dockx thibault on 2022-05-20T17:02:25 (imported from GitLab)

reopened

created branch 6212-hide-the-password-in-trigger-output to address this issue

By dockx thibault on 2022-05-20T18:08:25 (imported from GitLab)

mentioned in merge request !956

By dockx thibault on 2022-05-20T18:08:49 (imported from GitLab)

@jswaelens I made sure that if the $_POST var is empty, it would not continue to "strpos" method. I don't have the issue anymore if the password is not "updated".

My selenium seems happy as well : Hook

 ✔ Password postmodify script test admin
 ✔ Password postmodify script error admin
 ✔ Password postmodify script test user
 ✔ Password postmodify script error user
 ✔ Two hooks on user
 ✔ Hook with vars
 ✔ Hook postlock

Hope it is ok now !

By dockx thibault on 2022-05-20T18:52:02 (imported from GitLab)

added 45m of time spent

By dockx thibault on 2022-05-20T18:51:41 (imported from GitLab)

mentioned in commit aeb2ac31

By Jonathan Swaelens on 2022-05-23T07:33:20 (imported from GitLab)

closed