From 4dda63564ecfd1427c2f7e959e133666b9a095f6 Mon Sep 17 00:00:00 2001 From: Daniel Beck <1831569+daniel-beck@users.noreply.github.com> Date: Mon, 2 Jan 2023 19:10:06 +0100 Subject: [PATCH] Hide potentially sensitive values (system properties and environment variables) by default (#6843) Co-authored-by: Alexander Brandes Co-authored-by: Daniel Beck Co-authored-by: Tim Jacomb Co-authored-by: Tim Jacomb Co-authored-by: Alexander Brandes --- .../jenkins/model/Jenkins/systemInfo.jelly | 4 +- .../EnvVarsSlaveInfo/systemInfo.jelly | 4 +- .../SystemPropertySlaveInfo/systemInfo.jelly | 4 +- .../resources/lib/hudson/property-table.css | 11 ++++ .../resources/lib/hudson/property-table.js | 54 +++++++++++++++++++ .../resources/lib/hudson/propertyTable.jelly | 47 ++++++++++++++-- .../lib/hudson/propertyTable.properties | 25 +++++++++ .../images/symbols/eye-off-outline.svg | 1 + 8 files changed, 140 insertions(+), 10 deletions(-) create mode 100644 core/src/main/resources/lib/hudson/property-table.css create mode 100644 core/src/main/resources/lib/hudson/property-table.js create mode 100644 core/src/main/resources/lib/hudson/propertyTable.properties create mode 100644 war/src/main/resources/images/symbols/eye-off-outline.svg diff --git a/core/src/main/resources/jenkins/model/Jenkins/systemInfo.jelly b/core/src/main/resources/jenkins/model/Jenkins/systemInfo.jelly index 8259991aca..49afa0799a 100644 --- a/core/src/main/resources/jenkins/model/Jenkins/systemInfo.jelly +++ b/core/src/main/resources/jenkins/model/Jenkins/systemInfo.jelly @@ -35,13 +35,13 @@ THE SOFTWARE. - + - + diff --git a/core/src/main/resources/jenkins/slaves/systemInfo/EnvVarsSlaveInfo/systemInfo.jelly b/core/src/main/resources/jenkins/slaves/systemInfo/EnvVarsSlaveInfo/systemInfo.jelly index 9525653a7b..ba98241956 100644 --- a/core/src/main/resources/jenkins/slaves/systemInfo/EnvVarsSlaveInfo/systemInfo.jelly +++ b/core/src/main/resources/jenkins/slaves/systemInfo/EnvVarsSlaveInfo/systemInfo.jelly @@ -29,5 +29,5 @@ THE SOFTWARE. --> - - \ No newline at end of file + + diff --git a/core/src/main/resources/jenkins/slaves/systemInfo/SystemPropertySlaveInfo/systemInfo.jelly b/core/src/main/resources/jenkins/slaves/systemInfo/SystemPropertySlaveInfo/systemInfo.jelly index db3658c3a1..9221f571d9 100644 --- a/core/src/main/resources/jenkins/slaves/systemInfo/SystemPropertySlaveInfo/systemInfo.jelly +++ b/core/src/main/resources/jenkins/slaves/systemInfo/SystemPropertySlaveInfo/systemInfo.jelly @@ -29,5 +29,5 @@ THE SOFTWARE. --> - - \ No newline at end of file + + diff --git a/core/src/main/resources/lib/hudson/property-table.css b/core/src/main/resources/lib/hudson/property-table.css new file mode 100644 index 0000000000..6675e9b7f4 --- /dev/null +++ b/core/src/main/resources/lib/hudson/property-table.css @@ -0,0 +1,11 @@ +.app-table-full-width-column { + width: 100%; +} + +.app-hidden-info-hide > button { + text-align: left; +} + +span.jenkins-\!-color-blue > svg { + vertical-align: text-top; +} diff --git a/core/src/main/resources/lib/hudson/property-table.js b/core/src/main/resources/lib/hudson/property-table.js new file mode 100644 index 0000000000..db63eb6a4a --- /dev/null +++ b/core/src/main/resources/lib/hudson/property-table.js @@ -0,0 +1,54 @@ +(function () { + document.addEventListener("DOMContentLoaded", function () { + document + .querySelectorAll(".app-hidden-info-reveal .jenkins-button") + .forEach(function (elem) { + elem.addEventListener("click", function () { + elem.parentElement.classList.add("jenkins-hidden"); + elem.parentElement.nextSibling.classList.remove("jenkins-hidden"); + }); + }); + document + .querySelectorAll(".app-hidden-info-hide .jenkins-button") + .forEach(function (elem) { + elem.addEventListener("click", function () { + elem.parentElement.classList.add("jenkins-hidden"); + elem.parentElement.previousSibling.classList.remove("jenkins-hidden"); + }); + }); + + document + .querySelectorAll(".app-all-hidden-reveal-all") + .forEach(function (elem) { + elem.addEventListener("click", function () { + elem.classList.add("jenkins-hidden"); + elem.nextSibling.classList.remove("jenkins-hidden"); + let tableId = elem.getAttribute("data-table-id"); + document + .getElementById(tableId) + .querySelectorAll(".app-hidden-info-reveal .jenkins-button") + .forEach(function (elem) { + elem.parentElement.classList.add("jenkins-hidden"); + elem.parentElement.nextSibling.classList.remove("jenkins-hidden"); + }); + }); + }); + + document + .querySelectorAll(".app-all-hidden-hide-all") + .forEach(function (elem) { + elem.addEventListener("click", function () { + elem.classList.add("jenkins-hidden"); + elem.previousSibling.classList.remove("jenkins-hidden"); + let tableId = elem.getAttribute("data-table-id"); + document + .getElementById(tableId) + .querySelectorAll(".app-hidden-info-reveal .jenkins-button") + .forEach(function (elem) { + elem.parentElement.classList.remove("jenkins-hidden"); + elem.parentElement.nextSibling.classList.add("jenkins-hidden"); + }); + }); + }); + }); +})(); diff --git a/core/src/main/resources/lib/hudson/propertyTable.jelly b/core/src/main/resources/lib/hudson/propertyTable.jelly index 67a5438ff3..2c6e54140c 100644 --- a/core/src/main/resources/lib/hudson/propertyTable.jelly +++ b/core/src/main/resources/lib/hudson/propertyTable.jelly @@ -30,12 +30,31 @@ THE SOFTWARE. A Map object that gets rendered as a table. + + Set to true if the information shown in the table is sensitive and should be hidden by default. Since TODO. + - + + + + + +
+ + +
+ +
- + @@ -44,8 +63,28 @@ THE SOFTWARE. - diff --git a/core/src/main/resources/lib/hudson/propertyTable.properties b/core/src/main/resources/lib/hudson/propertyTable.properties new file mode 100644 index 0000000000..96681fcca4 --- /dev/null +++ b/core/src/main/resources/lib/hudson/propertyTable.properties @@ -0,0 +1,25 @@ +# The MIT License +# +# Copyright (c) 2022, Daniel Beck +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +revealAll = Show values +reveal = Hidden value, click to show this value +hideAll = Hide values diff --git a/war/src/main/resources/images/symbols/eye-off-outline.svg b/war/src/main/resources/images/symbols/eye-off-outline.svg new file mode 100644 index 0000000000..b9350bf959 --- /dev/null +++ b/war/src/main/resources/images/symbols/eye-off-outline.svg @@ -0,0 +1 @@ +Eye Off \ No newline at end of file -- GitLab
${%Name}${%Value}${%Value}
- + + + +
+ +
+
+ +
+ + +
+ +
+ +