Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug report] UI: Some password field is still plaintext #4506

Closed
danhuawang opened this issue Aug 13, 2024 · 7 comments · Fixed by #4561
Closed

[Bug report] UI: Some password field is still plaintext #4506

danhuawang opened this issue Aug 13, 2024 · 7 comments · Fixed by #4561
Assignees
@featherchen
Labels
0.6.0 Release v0.6.0 bug Something isn't working

Comments

@danhuawang
Copy link
Contributor

Version

main branch

Describe what's wrong

image image

Error message and/or stacktrace

N/A

How to reproduce

  1. Create a catalog with password field
  2. See the password on details pages

Additional context

No response
@danhuawang danhuawang added the bug Something isn't working label Aug 13, 2024
@danhuawang
Copy link
Contributor Author

@LauraXia123 Would you like to take a look at this issue ? Thanks!

@jerryshao jerryshao added the 0.6.0 Release v0.6.0 label Aug 14, 2024
@LauraXia123
Copy link
Collaborator

@featherchen hi, can you help fix this issue?

@featherchen
Copy link
Member

@LauraXia123 Okey, I'll take a look at it.

@featherchen
Copy link
Member

featherchen commented Aug 14, 2024
edited
Loading

@LauraXia123 @danhuawang This is a related but different issue with #4384, the latter deals with password input, and the former wants to hide password display in detail.

Just hiding the password is trivial, but I think the crucial problem is if we hide it in the detail page, where can the users see their jdbc-password.

@LauraXia123
Copy link
Collaborator

@featherchen In the future, we will open up viewing access to those who have it. Hide it for now.

@featherchen featherchen mentioned this issue Aug 16, 2024
Merged
@featherchen
Copy link
Member

featherchen commented Aug 16, 2024
edited
Loading

@LauraXia123 I have hidden it in frontend via #4561, however the password is still plaintext in the http response from backend
Screenshot from 2024-08-16 15-34-29
I think this issue is related to the backend api design, and maybe need to open a new issue to discuss it ?

@LauraXia123
Copy link
Collaborator

yeah, we can create new issue to follow it.

@featherchen featherchen mentioned this issue Aug 19, 2024
Merged
jerryshao pushed a commit that referenced this issue Aug 19, 2024
@featherchen
[#4506] fix(UI): Hide jdbc-password value in details page (#4577)
7875ba6 
### What changes were proposed in this pull request?

Hide jdbc-password value in details page.

### Why are the changes needed?

Fix: #4506 

### Does this PR introduce _any_ user-facing change?

Jdbc-password value is not palintext now.

### How was this patch tested?

![Screenshot from 2024-08-16
15-31-53](https://github.com/user-attachments/assets/75cb2a83-8145-41be-9be5-19a7a4add336)
![Screenshot from 2024-08-16
15-21-04](https://github.com/user-attachments/assets/63e34fee-fef1-4fa6-a93c-ac028b2d04b3)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@featherchen featherchen

Labels
0.6.0 Release v0.6.0 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[#4506] fix(UI): Hide jdbc-password value in details page featherchen/gravitino
4 participants
@jerryshao @LauraXia123 @featherchen @danhuawang