From 0d112d7901983a568f6a803f59f240afd434db61 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Thu, 12 Mar 2020 19:45:23 +0100 Subject: Use placeholder values for password fields in external storage webui This prevents the password from being sent to the webui. While an admin will always be able to retrieve the passwords (as they can do arbitrairy code execution by design) this prevents casual password snooping Signed-off-by: Robin Appelman --- apps/files_external/lib/Lib/Auth/AuthMechanism.php | 1 - apps/files_external/lib/Lib/DefinitionParameter.php | 3 +++ apps/files_external/lib/Lib/FrontendDefinitionTrait.php | 1 - 3 files changed, 3 insertions(+), 2 deletions(-) (limited to 'apps/files_external/lib/Lib') diff --git a/apps/files_external/lib/Lib/Auth/AuthMechanism.php b/apps/files_external/lib/Lib/Auth/AuthMechanism.php index 891719eebb1..cd8f8242e30 100644 --- a/apps/files_external/lib/Lib/Auth/AuthMechanism.php +++ b/apps/files_external/lib/Lib/Auth/AuthMechanism.php @@ -51,7 +51,6 @@ use OCA\Files_External\Lib\VisibilityTrait; * Object can affect storage mounting */ class AuthMechanism implements \JsonSerializable { - /** Standard authentication schemes */ const SCHEME_NULL = 'null'; const SCHEME_BUILTIN = 'builtin'; diff --git a/apps/files_external/lib/Lib/DefinitionParameter.php b/apps/files_external/lib/Lib/DefinitionParameter.php index e1f8ed733a1..7250a77e6c1 100644 --- a/apps/files_external/lib/Lib/DefinitionParameter.php +++ b/apps/files_external/lib/Lib/DefinitionParameter.php @@ -27,6 +27,9 @@ namespace OCA\Files_External\Lib; * Parameter for an external storage definition */ class DefinitionParameter implements \JsonSerializable { + // placeholder value for password fields, when the client updates a storage configuration + // placeholder values are ignored and the field is left unmodified + const UNMODIFIED_PLACEHOLDER = '__unmodified__'; /** Value constants */ const VALUE_TEXT = 0; diff --git a/apps/files_external/lib/Lib/FrontendDefinitionTrait.php b/apps/files_external/lib/Lib/FrontendDefinitionTrait.php index c1f6e5ce1f3..58e2d5ffdcf 100644 --- a/apps/files_external/lib/Lib/FrontendDefinitionTrait.php +++ b/apps/files_external/lib/Lib/FrontendDefinitionTrait.php @@ -154,5 +154,4 @@ trait FrontendDefinitionTrait { } return true; } - } -- cgit v1.2.3