Commit 32f78d46 by Anthony Woods

add secureJsonData to appSettings model.

- adds the new column to the DB table.
- data stored in the DB is encrypted
- update appRouteHeaders templates to use the jsonData and
decrypted secureJsonData
parent ab3b5868
...@@ -94,8 +94,15 @@ func NewApiPluginProxy(ctx *middleware.Context, proxyPath string, route *plugins ...@@ -94,8 +94,15 @@ func NewApiPluginProxy(ctx *middleware.Context, proxyPath string, route *plugins
ctx.JsonApiErr(500, "failed to get AppSettings.", err) ctx.JsonApiErr(500, "failed to get AppSettings.", err)
return return
} }
type templateData struct {
err = t.Execute(&contentBuf, query.Result.JsonData) JsonData map[string]interface{}
SecureJsonData map[string]string
}
data := templateData{
JsonData: query.Result.JsonData,
SecureJsonData: query.Result.SecureJsonData.Decrypt(),
}
err = t.Execute(&contentBuf, data)
if err != nil { if err != nil {
ctx.JsonApiErr(500, fmt.Sprintf("failed to execute header content template for header %s.", header.Name), err) ctx.JsonApiErr(500, fmt.Sprintf("failed to execute header content template for header %s.", header.Name), err)
return return
......
...@@ -3,6 +3,9 @@ package models ...@@ -3,6 +3,9 @@ package models
import ( import (
"errors" "errors"
"time" "time"
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/util"
) )
var ( var (
...@@ -10,25 +13,37 @@ var ( ...@@ -10,25 +13,37 @@ var (
) )
type AppSettings struct { type AppSettings struct {
Id int64 Id int64
AppId string AppId string
OrgId int64 OrgId int64
Enabled bool Enabled bool
Pinned bool Pinned bool
JsonData map[string]interface{} JsonData map[string]interface{}
SecureJsonData SecureJsonData
Created time.Time Created time.Time
Updated time.Time Updated time.Time
} }
type SecureJsonData map[string][]byte
func (s SecureJsonData) Decrypt() map[string]string {
decrypted := make(map[string]string)
for key, data := range s {
decrypted[key] = string(util.Decrypt(data, setting.SecretKey))
}
return decrypted
}
// ---------------------- // ----------------------
// COMMANDS // COMMANDS
// Also acts as api DTO // Also acts as api DTO
type UpdateAppSettingsCmd struct { type UpdateAppSettingsCmd struct {
Enabled bool `json:"enabled"` Enabled bool `json:"enabled"`
Pinned bool `json:"pinned"` Pinned bool `json:"pinned"`
JsonData map[string]interface{} `json:"jsonData"` JsonData map[string]interface{} `json:"jsonData"`
SecureJsonData map[string]string `json:"secureJsonData"`
AppId string `json:"-"` AppId string `json:"-"`
OrgId int64 `json:"-"` OrgId int64 `json:"-"`
......
...@@ -5,6 +5,8 @@ import ( ...@@ -5,6 +5,8 @@ import (
"github.com/grafana/grafana/pkg/bus" "github.com/grafana/grafana/pkg/bus"
m "github.com/grafana/grafana/pkg/models" m "github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/util"
) )
func init() { func init() {
...@@ -40,18 +42,27 @@ func UpdateAppSettings(cmd *m.UpdateAppSettingsCmd) error { ...@@ -40,18 +42,27 @@ func UpdateAppSettings(cmd *m.UpdateAppSettingsCmd) error {
sess.UseBool("enabled") sess.UseBool("enabled")
sess.UseBool("pinned") sess.UseBool("pinned")
if !exists { if !exists {
// encrypt secureJsonData
secureJsonData := make(map[string][]byte)
for key, data := range cmd.SecureJsonData {
secureJsonData[key] = util.Encrypt([]byte(data), setting.SecretKey)
}
app = m.AppSettings{ app = m.AppSettings{
AppId: cmd.AppId, AppId: cmd.AppId,
OrgId: cmd.OrgId, OrgId: cmd.OrgId,
Enabled: cmd.Enabled, Enabled: cmd.Enabled,
Pinned: cmd.Pinned, Pinned: cmd.Pinned,
JsonData: cmd.JsonData, JsonData: cmd.JsonData,
Created: time.Now(), SecureJsonData: secureJsonData,
Updated: time.Now(), Created: time.Now(),
Updated: time.Now(),
} }
_, err = sess.Insert(&app) _, err = sess.Insert(&app)
return err return err
} else { } else {
for key, data := range cmd.SecureJsonData {
app.SecureJsonData[key] = util.Encrypt([]byte(data), setting.SecretKey)
}
app.Updated = time.Now() app.Updated = time.Now()
app.Enabled = cmd.Enabled app.Enabled = cmd.Enabled
app.JsonData = cmd.JsonData app.JsonData = cmd.JsonData
......
...@@ -13,6 +13,7 @@ func addAppSettingsMigration(mg *Migrator) { ...@@ -13,6 +13,7 @@ func addAppSettingsMigration(mg *Migrator) {
{Name: "enabled", Type: DB_Bool, Nullable: false}, {Name: "enabled", Type: DB_Bool, Nullable: false},
{Name: "pinned", Type: DB_Bool, Nullable: false}, {Name: "pinned", Type: DB_Bool, Nullable: false},
{Name: "json_data", Type: DB_Text, Nullable: true}, {Name: "json_data", Type: DB_Text, Nullable: true},
{Name: "secure_json_data", Type: DB_Text, Nullable: true},
{Name: "created", Type: DB_DateTime, Nullable: false}, {Name: "created", Type: DB_DateTime, Nullable: false},
{Name: "updated", Type: DB_DateTime, Nullable: false}, {Name: "updated", Type: DB_DateTime, Nullable: false},
}, },
......
...@@ -24,6 +24,7 @@ export class AppEditCtrl { ...@@ -24,6 +24,7 @@ export class AppEditCtrl {
enabled: this.appModel.enabled, enabled: this.appModel.enabled,
pinned: this.appModel.pinned, pinned: this.appModel.pinned,
jsonData: this.appModel.jsonData, jsonData: this.appModel.jsonData,
secureJsonData: this.appModel.secureJsonData,
}, options); }, options);
this.backendSrv.post(`/api/org/apps/${this.$routeParams.appId}/settings`, updateCmd).then(function() { this.backendSrv.post(`/api/org/apps/${this.$routeParams.appId}/settings`, updateCmd).then(function() {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment