mssql: encrypt password in database

2025-02-25 18:55:37 -06:00 · 2018-03-19 17:32:51 +01:00 · 2018-03-19 17:32:51 +01:00 · 8f6626e805
commit 8f6626e805
parent 6044b3aeeb
2 changed files with 32 additions and 16 deletions
--- a/pkg/tsdb/mssql/mssql.go
+++ b/pkg/tsdb/mssql/mssql.go
@ -38,20 +38,7 @@ func NewMssqlQueryEndpoint(datasource *models.DataSource) (tsdb.TsdbQueryEndpoin
 		MacroEngine: NewMssqlMacroEngine(),
 	}

-	hostParts := strings.Split(datasource.Url, ":")
-	if len(hostParts) < 2 {
-		hostParts = append(hostParts, "1433")
-	}
-
-	server, port := hostParts[0], hostParts[1]
-	endpoint.log.Debug("cnnstr", "hostParts len", len(hostParts))
-	cnnstr := fmt.Sprintf("server=%s;port=%s;database=%s;user id=%s;password=%s;",
-		server,
-		port,
-		datasource.Database,
-		datasource.User,
-		datasource.Password,
-	)
+	cnnstr := generateConnectionString(datasource)
 	endpoint.log.Debug("getEngine", "connection", cnnstr)

 	if err := endpoint.sqlEngine.InitEngine("mssql", datasource, cnnstr); err != nil {
@ -61,6 +48,30 @@ func NewMssqlQueryEndpoint(datasource *models.DataSource) (tsdb.TsdbQueryEndpoin
 	return endpoint, nil
 }

+func generateConnectionString(datasource *models.DataSource) string {
+	password := ""
+	for key, value := range datasource.SecureJsonData.Decrypt() {
+		if key == "password" {
+			password = value
+			break
+		}
+	}
+
+	hostParts := strings.Split(datasource.Url, ":")
+	if len(hostParts) < 2 {
+		hostParts = append(hostParts, "1433")
+	}
+
+	server, port := hostParts[0], hostParts[1]
+	return fmt.Sprintf("server=%s;port=%s;database=%s;user id=%s;password=%s;",
+		server,
+		port,
+		datasource.Database,
+		datasource.User,
+		password,
+	)
+}
+
 // Query is the main function for the MssqlQueryEndpoint
 func (e *MssqlQueryEndpoint) Query(ctx context.Context, dsInfo *models.DataSource, tsdbQuery *tsdb.TsdbQuery) (*tsdb.Response, error) {
 	return e.sqlEngine.Query(ctx, dsInfo, tsdbQuery, e.transformToTimeSeries, e.transformToTable)
--- a/public/app/plugins/datasource/mssql/partials/config.html
+++ b/public/app/plugins/datasource/mssql/partials/config.html
@ -17,9 +17,14 @@
 			<span class="gf-form-label width-7">User</span>
 			<input type="text" class="gf-form-input" ng-model='ctrl.current.user' placeholder="user"></input>
 		</div>
-		<div class="gf-form max-width-15">
+		<div class="gf-form max-width-15" ng-if="!ctrl.current.secureJsonFields.password">
 			<span class="gf-form-label width-7">Password</span>
-			<input type="password" class="gf-form-input" ng-model='ctrl.current.password' placeholder="password"></input>
+			<input type="password" class="gf-form-input" ng-model='ctrl.current.secureJsonData.password' placeholder="password"></input>
+		</div>
+		<div class="gf-form max-width-19" ng-if="ctrl.current.secureJsonFields.password">
+			<span class="gf-form-label width-7">Password</span>
+			<input type="text" class="gf-form-input" disabled="disabled" value="configured">
+			<a class="btn btn-secondary gf-form-btn" href="#" ng-click="ctrl.current.secureJsonFields.password = false">reset</a>
 		</div>
 	</div>
 </div>