Commit cb4ddb0b authored by ale's avatar ale

Sanitize CreateUserResponse in logs

parent ae4ca335
......@@ -165,6 +165,13 @@ type CreateUserResponse struct {
Password string `json:"password"`
}
// Sanitize the response.
func (r *CreateUserResponse) Sanitize() {
if r.Password != "" {
r.Password = sanitizedValue
}
}
// Serve the request
func (r *CreateUserRequest) Serve(rctx *RequestContext) (interface{}, error) {
var resp CreateUserResponse
......@@ -187,9 +194,13 @@ func (r *CreateUserRequest) Serve(rctx *RequestContext) (interface{}, error) {
}
resp.Password = newPassword
//s.audit.Log(ctx, ResourceID{}, "user created")
// Fake a RawUser in the RequestContext just for the purpose
// of audit logging.
rctx.User = &RawUser{User: *r.User}
rctx.audit.Log(rctx, ResourceID{}, "user created")
for _, rsrc := range r.User.Resources {
//rctx.audit.Log(ctx, r.ID, "resource created")
rctx.audit.Log(rctx, rsrc.ID, "resource created")
if resourceHasPassword(rsrc) {
if _, err := doResetResourcePassword(rctx.Context, rctx.TX, rsrc); err != nil {
// Just log, don't fail.
......
......@@ -230,7 +230,7 @@ func (r *CreateApplicationSpecificPasswordRequest) Validate(_ *RequestContext) e
if r.Service == "" {
err = newValidationError(err, "service", "mandatory field")
}
return err
return err.orNil()
}
// Serve the request.
......@@ -292,7 +292,7 @@ func (r *EnableOTPRequest) Validate(_ *RequestContext) error {
if r.TOTPSecret == "" && len(r.TOTPSecret) != 16 {
err = newValidationError(err, "totp_secret", "bad value")
}
return err
return err.orNil()
}
// EnableOTPResponse is the response type for AccountService.EnableOTP().
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment