From 8b180e131e2b34db975d5b02da55bb599fcf5527 Mon Sep 17 00:00:00 2001 From: Emmanuel Garette Date: Thu, 13 Feb 2025 22:09:15 +0100 Subject: [PATCH] fix: bitwarden key could be an invalid username/secret --- src/rougail/user_data_bitwarden/annotator.py | 18 ++++++++++-------- src/rougail/user_data_bitwarden/data.py | 4 ++-- .../errors/bitwarden.json | 4 ++++ .../makedict/bitwarden.json | 4 ++++ .../2_username_secret_invalid/00-base.yml | 14 ++++++++++++++ tests/test_load.py | 5 +++++ 6 files changed, 39 insertions(+), 10 deletions(-) create mode 100644 tests/results/2_username_secret_invalid/errors/bitwarden.json create mode 100644 tests/results/2_username_secret_invalid/makedict/bitwarden.json create mode 100644 tests/structures/2_username_secret_invalid/00-base.yml diff --git a/src/rougail/user_data_bitwarden/annotator.py b/src/rougail/user_data_bitwarden/annotator.py index 5853627..925fc5d 100644 --- a/src/rougail/user_data_bitwarden/annotator.py +++ b/src/rougail/user_data_bitwarden/annotator.py @@ -42,23 +42,25 @@ class Annotator(Walk): for variable in self.get_variables(): if not variable.bitwarden: continue + path = variable.path if variable.type not in ["unix_user", "secret"]: msg = _('only "unix_user" or "secret" variable type can have "bitwarden" attribute, but "{0}" has type "{1}"') - raise DictConsistencyError(msg.format(variable.path, variable.type), 301, variable.xmlfiles) - if variable.multi and variable.path not in self.objectspace.leaders: + raise DictConsistencyError(msg.format(path, variable.type), 301, variable.xmlfiles) + if variable.multi and path not in self.objectspace.leaders: msg = _('the variable "{0}" has attribute "bitwarden" but is a multi variable') - raise DictConsistencyError(msg.format(variable.path), 302, variable.xmlfiles) + raise DictConsistencyError(msg.format(path), 302, variable.xmlfiles) check_default_value = True - if variable.path in self.objectspace.followers: - leadership = variable.path.rsplit('.', 1)[0] + if path in self.objectspace.followers: + leadership = path.rsplit('.', 1)[0] leader_path = self.objectspace.parents[leadership][0] leader = self.objectspace.paths[leader_path] if leader.bitwarden: if variable.default: msg = _('the variable "{0}" is a follower and leader variable ("{1}") is also in Bitwarden so this variable could not have default value') - raise DictConsistencyError(msg.format(variable.path, leader_path), 303, variable.xmlfiles) + raise DictConsistencyError(msg.format(path, leader_path), 303, variable.xmlfiles) check_default_value = False if check_default_value and not variable.default: msg = _('the variable "{0}" is in Bitwarden so should have default value') - raise DictConsistencyError(msg.format(variable.path), 304, variable.xmlfiles) - self.objectspace.informations.add(variable.path, "bitwarden", True) + raise DictConsistencyError(msg.format(path), 304, variable.xmlfiles) + self.objectspace.informations.add(path, "bitwarden", True) + self.objectspace.properties.add(path, "novalidator", True) diff --git a/src/rougail/user_data_bitwarden/data.py b/src/rougail/user_data_bitwarden/data.py index d3b4043..9b09e0a 100644 --- a/src/rougail/user_data_bitwarden/data.py +++ b/src/rougail/user_data_bitwarden/data.py @@ -75,9 +75,9 @@ class RougailUserDataBitwarden: if option.isleader(): leader_values = [] self.leader_informations[path] = [] - for val in option.value.get(): + values = option.value.get() + for val in values: names, values = self.get_values(path, type_, val, allow_multiple=True) - print(names, values) if isinstance(values, list): leader_values.extend(values) self.leader_informations[path].extend(names) diff --git a/tests/results/2_username_secret_invalid/errors/bitwarden.json b/tests/results/2_username_secret_invalid/errors/bitwarden.json new file mode 100644 index 0000000..217db0a --- /dev/null +++ b/tests/results/2_username_secret_invalid/errors/bitwarden.json @@ -0,0 +1,4 @@ +{ + "errors": [], + "warnings": [] +} \ No newline at end of file diff --git a/tests/results/2_username_secret_invalid/makedict/bitwarden.json b/tests/results/2_username_secret_invalid/makedict/bitwarden.json new file mode 100644 index 0000000..cceb2bd --- /dev/null +++ b/tests/results/2_username_secret_invalid/makedict/bitwarden.json @@ -0,0 +1,4 @@ +{ + "rougail.username": "up_secret_error_1", + "rougail.secret": "up_secret_error_pass_1" +} diff --git a/tests/structures/2_username_secret_invalid/00-base.yml b/tests/structures/2_username_secret_invalid/00-base.yml new file mode 100644 index 0000000..80b617e --- /dev/null +++ b/tests/structures/2_username_secret_invalid/00-base.yml @@ -0,0 +1,14 @@ +--- +version: 1.1 + +username: + description: the username + type: unix_user + default: UP SECRET 1 + bitwarden: true + +secret: + description: the secret + type: secret + default: UP SECRET 1 + bitwarden: true diff --git a/tests/test_load.py b/tests/test_load.py index f3fbcad..b3e2aae 100644 --- a/tests/test_load.py +++ b/tests/test_load.py @@ -60,6 +60,11 @@ def test_dictionaries_2_username_secret(): _test_dictionaries(test_dir / '2_username_secret') +def test_dictionaries_2_username_secret_invalid(): + "tests the output" + _test_dictionaries(test_dir / '2_username_secret_invalid') + + def test_dictionaries_3_leadership_secret(): "tests the output" _test_dictionaries(test_dir / '3_leadership_secret')