domains: do not return secret keys in api responses

part of #615
2019-02-08 20:35:05 -08:00
parent 139a2bac1a
commit dada79cf65
2 changed files with 26 additions and 2 deletions
--- a/src/asyncif.js
+++ b/src/asyncif.js
@@ -0,0 +1,16 @@
+'use strict';
+
+exports = module.exports = asyncIf;
+
+let assert = require('assert');
+
+function asyncIf(condition, func, callback) {
+    assert.strictEqual(typeof condition, 'boolean');
+    assert.strictEqual(typeof func, 'function');
+    assert.strictEqual(typeof callback, 'function');
+
+    if (!condition) return callback();
+
+    func(callback);
+}
+
--- a/src/domains.js
+++ b/src/domains.js
@@ -33,6 +33,7 @@ module.exports = exports = {

 var assert = require('assert'),
    async = require('async'),
+    asyncIf = require('./asyncif.js'),
    config = require('./config.js'),
    constants = require('./constants.js'),
    DatabaseError = require('./databaseerror.js'),
@@ -307,10 +308,13 @@ function update(domain, data, auditSource, callback) {
        error = validateTlsConfig(tlsConfig, provider);
        if (error) return callback(error);

-        verifyDnsConfig(config, domain, zoneName, provider, function (error, sanitizedConfig) {
+        asyncIf(!!config, (done) => verifyDnsConfig(config, domain, zoneName, provider, done), function (error, sanitizedConfig) {
            if (error) return callback(error);

-            domaindb.update(domain, { zoneName: zoneName, provider: provider, config: sanitizedConfig, tlsConfig: tlsConfig }, function (error) {
+            let newData = { zoneName: zoneName, provider: provider, tlsConfig: tlsConfig };
+            if (config) newData.config = sanitizedConfig;
+
+            domaindb.update(domain, newData, function (error) {
                if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new DomainsError(DomainsError.NOT_FOUND));
                if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));

@@ -454,6 +458,10 @@ function waitForDnsRecord(location, domain, type, value, options, callback) {
 function removePrivateFields(domain) {
    var result = _.pick(domain, 'domain', 'zoneName', 'provider', 'config', 'tlsConfig', 'fallbackCertificate', 'locked');
    if (result.fallbackCertificate) delete result.fallbackCertificate.key;  // do not return the 'key'. in caas, this is private
+
+    // remove 'apiSecret' and 'secretAccessKey'. not remove 'apiKey' and 'accessKeyId' as these are meant to be user visible
+    result.config = _.omit(result.config, (v, k) => k === 'token' || k === 'credentials' || k.toLowerCase().includes('secret'));
+
    return result;
 }