mirror of
https://github.com/grafana/grafana.git
synced 2025-02-20 11:48:34 -06:00
722c414fef
* Encryption: Add support to encrypt/decrypt sjd * Add datasources.Service as a proxy to datasources db operations * Encrypt ds.SecureJsonData before calling SQLStore * Move ds cache code into ds service * Fix tlsmanager tests * Fix pluginproxy tests * Remove some securejsondata.GetEncryptedJsonData usages * Add pluginsettings.Service as a proxy for plugin settings db operations * Add AlertNotificationService as a proxy for alert notification db operations * Remove some securejsondata.GetEncryptedJsonData usages * Remove more securejsondata.GetEncryptedJsonData usages * Fix lint errors * Minor fixes * Remove encryption global functions usages from ngalert * Fix lint errors * Minor fixes * Minor fixes * Remove securejsondata.DecryptedValue usage * Refactor the refactor * Remove securejsondata.DecryptedValue usage * Move securejsondata to migrations package * Move securejsondata to migrations package * Minor fix * Fix integration test * Fix integration tests * Undo undesired changes * Fix tests * Add context.Context into encryption methods * Fix tests * Fix tests * Fix tests * Trigger CI * Fix test * Add names to params of encryption service interface * Remove bus from CacheServiceImpl * Add logging * Add keys to logger Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Add missing key to logger Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Undo changes in markdown files * Fix formatting * Add context to secrets service * Rename decryptSecureJsonData to decryptSecureJsonDataFn * Name args in GetDecryptedValueFn * Add template back to NewAlertmanagerNotifier * Copy GetDecryptedValueFn to ngalert * Add logging to pluginsettings * Fix pluginsettings test Co-authored-by: Tania B <yalyna.ts@gmail.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
93 lines
2.4 KiB
Go
93 lines
2.4 KiB
Go
package pluginsettings
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/grafana/grafana/pkg/bus"
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"github.com/grafana/grafana/pkg/services/encryption/ossencryption"
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestService_DecryptedValuesCache(t *testing.T) {
|
|
t.Run("When plugin settings hasn't been updated, encrypted JSON should be fetched from cache", func(t *testing.T) {
|
|
ctx := context.Background()
|
|
|
|
encryptionService := ossencryption.ProvideService()
|
|
psService := ProvideService(bus.New(), nil, encryptionService)
|
|
|
|
encryptedJsonData, err := encryptionService.EncryptJsonData(
|
|
ctx,
|
|
map[string]string{
|
|
"password": "password",
|
|
}, setting.SecretKey)
|
|
require.NoError(t, err)
|
|
|
|
ps := models.PluginSetting{
|
|
Id: 1,
|
|
JsonData: map[string]interface{}{},
|
|
SecureJsonData: encryptedJsonData,
|
|
}
|
|
|
|
// Populate cache
|
|
password, ok := psService.DecryptedValues(&ps)["password"]
|
|
require.Equal(t, "password", password)
|
|
require.True(t, ok)
|
|
|
|
encryptedJsonData, err = encryptionService.EncryptJsonData(
|
|
ctx,
|
|
map[string]string{
|
|
"password": "",
|
|
}, setting.SecretKey)
|
|
require.NoError(t, err)
|
|
|
|
ps.SecureJsonData = encryptedJsonData
|
|
|
|
password, ok = psService.DecryptedValues(&ps)["password"]
|
|
require.Equal(t, "password", password)
|
|
require.True(t, ok)
|
|
})
|
|
|
|
t.Run("When plugin settings is updated, encrypted JSON should not be fetched from cache", func(t *testing.T) {
|
|
ctx := context.Background()
|
|
|
|
encryptionService := ossencryption.ProvideService()
|
|
psService := ProvideService(bus.New(), nil, encryptionService)
|
|
|
|
encryptedJsonData, err := encryptionService.EncryptJsonData(
|
|
ctx,
|
|
map[string]string{
|
|
"password": "password",
|
|
}, setting.SecretKey)
|
|
require.NoError(t, err)
|
|
|
|
ps := models.PluginSetting{
|
|
Id: 1,
|
|
JsonData: map[string]interface{}{},
|
|
SecureJsonData: encryptedJsonData,
|
|
}
|
|
|
|
// Populate cache
|
|
password, ok := psService.DecryptedValues(&ps)["password"]
|
|
require.Equal(t, "password", password)
|
|
require.True(t, ok)
|
|
|
|
encryptedJsonData, err = encryptionService.EncryptJsonData(
|
|
ctx,
|
|
map[string]string{
|
|
"password": "",
|
|
}, setting.SecretKey)
|
|
require.NoError(t, err)
|
|
|
|
ps.SecureJsonData = encryptedJsonData
|
|
ps.Updated = time.Now()
|
|
|
|
password, ok = psService.DecryptedValues(&ps)["password"]
|
|
require.Empty(t, password)
|
|
require.True(t, ok)
|
|
})
|
|
}
|