CLOUDSTACK-9901 secure and hidden config values are returned as plaintext string

secure and hidden config values are first unencrypted before returning them in the api. This is not desired as they are secure configs returning encrypted strings for secure and hidden configs if encryption is enabled.
2016-11-03 10:56:53 +05:30 · 2016-11-03 10:56:53 +05:30 · fca41148b7
parent dcc7f4ce27
commit fca41148b7
3 changed files with 16 additions and 4 deletions
--- a/framework/config/src/org/apache/cloudstack/config/Configuration.java
+++ b/framework/config/src/org/apache/cloudstack/config/Configuration.java
@ -81,4 +81,10 @@ public interface Configuration {
     * parameter is no longer used and can be deleted.
     */
    Date getUpdated();
+
+    /**
+     *
+     * @return returns true if the configuration is encrypted else false.
+     */
+    boolean isEncrypted();
 }
--- a/framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigurationVO.java
+++ b/framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigurationVO.java
@ -122,7 +122,7 @@ public class ConfigurationVO implements Configuration {

    @Override
    public String getValue() {
-        if(isEncryptedConfig()) {
+        if(isEncrypted()) {
            return DBEncryptionUtil.decrypt(value);
        } else {
            return value;
@ -130,14 +130,15 @@ public class ConfigurationVO implements Configuration {
    }

    public void setValue(String value) {
-        if(isEncryptedConfig()) {
+        if(isEncrypted()) {
            this.value = DBEncryptionUtil.encrypt(value);
        } else {
            this.value = value;
        }
    }

-    private boolean isEncryptedConfig() {
+    @Override
+    public boolean isEncrypted() {
        return "Hidden".equals(getCategory()) || "Secure".equals(getCategory());
    }

--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@ -16,6 +16,7 @@
 // under the License.
 package com.cloud.api;

+import com.cloud.utils.crypt.DBEncryptionUtil;
 import com.cloud.agent.api.VgpuTypesInfo;
 import com.cloud.api.query.ViewResponseHelper;
 import com.cloud.api.query.vo.AccountJoinVO;
@ -455,7 +456,11 @@ public class ApiResponseHelper implements ResponseGenerator {
        cfgResponse.setCategory(cfg.getCategory());
        cfgResponse.setDescription(cfg.getDescription());
        cfgResponse.setName(cfg.getName());
-        cfgResponse.setValue(cfg.getValue());
+        if(cfg.isEncrypted()) {
+            cfgResponse.setValue(DBEncryptionUtil.encrypt(cfg.getValue()));
+        } else {
+            cfgResponse.setValue(cfg.getValue());
+        }
        cfgResponse.setObjectName("configuration");

        return cfgResponse;