Repository: incubator-brooklyn Updated Branches: refs/heads/master ddf0a44c8 -> 92e9d0bcc
obfuscate passwords and credentials in the gui (literal "shadow passwords!") applies text shadowing to blur keys that say obvious things like "password" and "credential", to config table and sensors table. clears up when you click it. this prevents people looking over your shoulder from seeing things they shouldn't, but it doesn't block REST access, and if you click on it you can still see it. (this is a common trick done at AWS & SL, btw.) a separate feature is to enforce visibility of sensors; this can be done with entitlements on a per-sensor basis but it might be nice to have an easy entitlements mode where "sensitive" info is not available, and options on config keys (similar to how i just did it with ConfigInheritance, in https://github.com/apache/incubator-brooklyn/pull/483) to allow ConfigSensitivity. Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/851f91ac Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/851f91ac Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/851f91ac Branch: refs/heads/master Commit: 851f91ac3df97fe82ab5ece2aca7ce70456b8ccc Parents: ecc62b0 Author: Alex Heneveld <[email protected]> Authored: Wed Jan 28 15:54:26 2015 +0000 Committer: Alex Heneveld <[email protected]> Committed: Wed Jan 28 16:04:04 2015 +0000 ---------------------------------------------------------------------- docs/_extra/deploying-yaml.md | 2 ++ usage/jsgui/src/main/webapp/assets/css/base.css | 17 +++++++++++++++++ .../main/webapp/assets/js/util/brooklyn-utils.js | 11 +++++++++++ .../main/webapp/assets/js/view/entity-config.js | 17 ++++++++++++++++- .../main/webapp/assets/js/view/entity-sensors.js | 14 +++++++++++++- 5 files changed, 59 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/851f91ac/docs/_extra/deploying-yaml.md ---------------------------------------------------------------------- diff --git a/docs/_extra/deploying-yaml.md b/docs/_extra/deploying-yaml.md index 265f496..73010dd 100644 --- a/docs/_extra/deploying-yaml.md +++ b/docs/_extra/deploying-yaml.md @@ -27,6 +27,8 @@ you can: $ curl -T ./blueprint.yaml -X POST http://localhost:8081/v1/applications {% endhighlight %} +You may also need a `-H "Content-Type: application/yaml"` depending on type configuration. +(Not usually for this, but often for other calls.) - In the web-console, select the "YAML" tab in the "Add Application" wizard: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/851f91ac/usage/jsgui/src/main/webapp/assets/css/base.css ---------------------------------------------------------------------- diff --git a/usage/jsgui/src/main/webapp/assets/css/base.css b/usage/jsgui/src/main/webapp/assets/css/base.css index 756f999..5d4fda2 100644 --- a/usage/jsgui/src/main/webapp/assets/css/base.css +++ b/usage/jsgui/src/main/webapp/assets/css/base.css @@ -1453,3 +1453,20 @@ textarea.param-value { #catalog-details-accordion { margin-top: 12px; } + +/* For secret things */ +tr.secret-info span.value { + display: none; +} +tr.secret-info.secret-revealed span.value { + display: inherit; +} +tr.secret-info.secret-revealed span.secret-indicator { + display: none; +} + +.secret-indicator { + /* blur */ + color: transparent; + text-shadow: 0 0 5px rgba(0,0,0,0.5); +} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/851f91ac/usage/jsgui/src/main/webapp/assets/js/util/brooklyn-utils.js ---------------------------------------------------------------------- diff --git a/usage/jsgui/src/main/webapp/assets/js/util/brooklyn-utils.js b/usage/jsgui/src/main/webapp/assets/js/util/brooklyn-utils.js index 6ec5472..94a1299 100644 --- a/usage/jsgui/src/main/webapp/assets/js/util/brooklyn-utils.js +++ b/usage/jsgui/src/main/webapp/assets/js/util/brooklyn-utils.js @@ -162,6 +162,17 @@ define([ return alternateMessage; } }; + + secretWords = [ "password", "passwd", "credential", "secret", "private", "access.cert", "access.key" ]; + + Util.isSecret = function (key) { + if (!key) return false; + key = key.toString().toLowerCase(); + for (secretWord in secretWords) + if (key.indexOf(secretWords[secretWord]) >= 0) + return true; + return false; + }; return Util; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/851f91ac/usage/jsgui/src/main/webapp/assets/js/view/entity-config.js ---------------------------------------------------------------------- diff --git a/usage/jsgui/src/main/webapp/assets/js/view/entity-config.js b/usage/jsgui/src/main/webapp/assets/js/view/entity-config.js index 6c3a964..b53b40a 100644 --- a/usage/jsgui/src/main/webapp/assets/js/view/entity-config.js +++ b/usage/jsgui/src/main/webapp/assets/js/view/entity-config.js @@ -45,6 +45,7 @@ define([ 'click .refresh':'updateConfigNow', 'click .filterEmpty':'toggleFilterEmpty', 'click .toggleAutoRefresh':'toggleAutoRefresh', + 'click #config-table tr.secret-info td.config-value':'toggleSecrecyVisibility', 'mouseup .valueOpen':'valueOpen', 'mouseover #config-table tbody tr':'noteFloatMenuActive', @@ -76,7 +77,10 @@ define([ "aoColumnDefs": [ { // name (with tooltip) "mRender": function ( data, type, row ) { + // name (column 1) should have tooltip title var actions = that.getConfigActions(data.name); + // if data.description or .type is absent we get an error in html rendering (js) + // unless we set it explicitly (there is probably a nicer way to do this however?) var context = _.extend(data, { description: data['description'], type: data['type']}); return configNameHtml(context); @@ -93,17 +97,24 @@ define([ configName = row[0], actions = that.getConfigActions(configName); + var $row = $('tr[id="'+configName+'"]'); + // datatables doesn't seem to expose any way to modify the html in place for a cell, // so we rebuild var result = "<span class='value'>"+(hasEscapedValue ? escapedValue : '')+"</span>"; + + if (Util.isSecret(configName)) { + $row.addClass("secret-info"); + result += "<span class='secret-indicator'>(hidden)</span>"; + } + if (actions.open) result = "<a href='"+actions.open+"'>" + result + "</a>"; if (escapedValue==null || escapedValue.length < 3) // include whitespace so we can click on it, if it's really small result += " "; - var $row = $('tr[id="'+configName+'"]'); var existing = $row.find('.dynamic-contents'); // for the json url, use the full url (relative to window.location.href) var jsonUrl = actions.json ? new URI(actions.json).resolve(new URI(window.location.href)).toString() : null; @@ -425,6 +436,10 @@ define([ return this; }, + toggleSecrecyVisibility: function(event) { + $(event.target).closest('tr.secret-info').toggleClass('secret-revealed'); + }, + /** * Loads current values for all config on an entity and updates config table. */ http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/851f91ac/usage/jsgui/src/main/webapp/assets/js/view/entity-sensors.js ---------------------------------------------------------------------- diff --git a/usage/jsgui/src/main/webapp/assets/js/view/entity-sensors.js b/usage/jsgui/src/main/webapp/assets/js/view/entity-sensors.js index c7a0070..f4369b0 100644 --- a/usage/jsgui/src/main/webapp/assets/js/view/entity-sensors.js +++ b/usage/jsgui/src/main/webapp/assets/js/view/entity-sensors.js @@ -48,6 +48,7 @@ define([ 'click .refresh': 'updateSensorsNow', 'click .filterEmpty':'toggleFilterEmpty', 'click .toggleAutoRefresh':'toggleAutoRefresh', + 'click #sensors-table tr.secret-info td.sensor-value':'toggleSecrecyVisibility', 'mouseup .valueOpen':'valueOpen', 'mouseover #sensors-table tbody tr':'noteFloatMenuActive', @@ -104,17 +105,24 @@ define([ sensorName = row[0], actions = that.getSensorActions(sensorName); + var $row = $('tr[id="'+sensorName+'"]'); + // datatables doesn't seem to expose any way to modify the html in place for a cell, // so we rebuild var result = "<span class='value'>"+(hasEscapedValue ? escapedValue : '')+"</span>"; + + if (Util.isSecret(sensorName)) { + $row.addClass("secret-info"); + result += "<span class='secret-indicator'>(hidden)</span>"; + } + if (actions.open) result = "<a href='"+actions.open+"'>" + result + "</a>"; if (escapedValue==null || escapedValue.length < 3) // include whitespace so we can click on it, if it's really small result += " "; - var $row = $('tr[id="'+sensorName+'"]'); var existing = $row.find('.dynamic-contents'); // for the json url, use the full url (relative to window.location.href) var jsonUrl = actions.json ? new URI(actions.json).resolve(new URI(window.location.href)).toString() : null; @@ -447,6 +455,10 @@ define([ return this; }, + toggleSecrecyVisibility: function(event) { + $(event.target).closest('tr.secret-info').toggleClass('secret-revealed'); + }, + /** * Loads current values for all sensors on an entity and updates sensors table. */
