WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Allow search() to request user/group attributes #56

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wlupton wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Allow search() to request user/group attributes #56

wlupton wants to merge 3 commits into from

Conversation

@wlupton
Copy link

@wlupton wlupton commented Feb 26, 2021

Also prevent repr() from including the password.

tinvaan
tinvaan reviewed Nov 29, 2023
View reviewed changes
crowd.py
Comment on lines +58 to +59
return "<CrowdServer('%s', '%s', '********')>" % \
(self.crowd_url, self.app_name)
Copy link

@tinvaan tinvaan Nov 29, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think instead of a static string, we can maybe mask the password string matching it's length?

I know this gives away the length of the password but that could still be useful for users to know which password was used to configure the server.

Suggested change
return "<CrowdServer('%s', '%s', '********')>" % \
(self.crowd_url, self.app_name)
return "<CrowdServer('%s', '%s', '%s')>" % (
self.crowd_url, self.app_name, '*' * len(self.app_pass))

Optionally, we could add a private method that returns the raw password (probably out of scope for this PR).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@tinvaan tinvaan tinvaan left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wlupton @tinvaan