Skip to content

Commit

Permalink
Fix user preferences secret without vault
Browse files Browse the repository at this point in the history 
When the secret is not stored in the vault, the secret was lost when the user
updated their preferences.
  • Loading branch information
@davelopez
davelopez committed Feb 13, 2025
1 parent 937645c commit c719f5a
Showing 1 changed file with 12 additions and 2 deletions.
14 changes: 12 additions & 2 deletions lib/galaxy/webapps/galaxy/api/users.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -962,6 +962,7 @@ def set_information(self, trans, id, payload=None, **kwd):
extra_user_pref_data = dict()
extra_pref_keys = self._get_extra_user_preferences(trans)
user_vault = UserVaultWrapper(trans.app.vault, user)
current_extra_user_pref_data = json.loads(user.preferences.get("extra_user_preferences", "{}"))
if extra_pref_keys is not None:
for key in extra_pref_keys:
key_prefix = f"{key}|"
Expand All @@ -974,8 +975,17 @@ def set_information(self, trans, id, payload=None, **kwd):
input = matching_input[0]
if input.get("required") and payload[item] == "":
raise exceptions.ObjectAttributeMissingException("Please fill the required field")
if not (input.get("type") == "secret" and payload[item] == "__SECRET_PLACEHOLDER__"):
if input.get("store") == "vault":
input_type = input.get("type")
is_secret_value_unchanged = (
input_type == "secret" and payload[item] == "__SECRET_PLACEHOLDER__"
)
is_stored_in_vault = input.get("store") == "vault"
if is_secret_value_unchanged:
if not is_stored_in_vault:
# If the value is unchanged, keep the current value
extra_user_pref_data[item] = current_extra_user_pref_data.get(item, "")
else:
if is_stored_in_vault:
user_vault.write_secret(f"preferences/{keys[0]}/{keys[1]}", str(payload[item]))
else:
extra_user_pref_data[item] = payload[item]
Expand Down

0 comments on commit c719f5a

Please sign in to comment.