mirror of
https://github.com/ansible/awx.git
synced 2024-10-31 06:51:10 +03:00
redact sensitive URLs from stdout at /api/v2/project_updates/N/events/
see: https://github.com/ansible/tower/issues/2805
This commit is contained in:
parent
5f0b34de38
commit
d95f1283b5
@ -57,7 +57,7 @@ from awx.main.utils import (
|
||||
has_model_field_prefetched, extract_ansible_vars, encrypt_dict,
|
||||
prefetch_page_capabilities, get_external_account)
|
||||
from awx.main.utils.filters import SmartFilter
|
||||
from awx.main.redact import REPLACE_STR
|
||||
from awx.main.redact import UriCleaner, REPLACE_STR
|
||||
|
||||
from awx.main.validators import vars_validate_or_raise
|
||||
|
||||
@ -4023,6 +4023,8 @@ class JobEventWebSocketSerializer(JobEventSerializer):
|
||||
|
||||
|
||||
class ProjectUpdateEventSerializer(JobEventSerializer):
|
||||
stdout = serializers.SerializerMethodField()
|
||||
event_data = serializers.SerializerMethodField()
|
||||
|
||||
class Meta:
|
||||
model = ProjectUpdateEvent
|
||||
@ -4036,6 +4038,20 @@ class ProjectUpdateEventSerializer(JobEventSerializer):
|
||||
)
|
||||
return res
|
||||
|
||||
def get_stdout(self, obj):
|
||||
return UriCleaner.remove_sensitive(obj.stdout)
|
||||
|
||||
def get_event_data(self, obj):
|
||||
try:
|
||||
return json.loads(
|
||||
UriCleaner.remove_sensitive(
|
||||
json.dumps(obj.event_data)
|
||||
)
|
||||
)
|
||||
except Exception:
|
||||
logger.exception("Failed to sanitize event_data")
|
||||
return {}
|
||||
|
||||
|
||||
class ProjectUpdateEventWebSocketSerializer(ProjectUpdateEventSerializer):
|
||||
created = serializers.SerializerMethodField()
|
||||
|
Loading…
Reference in New Issue
Block a user