From 545d1be266cc6c184d8243179ec8405b4fb7435f Mon Sep 17 00:00:00 2001 From: Han Qiao Date: Tue, 17 Sep 2024 13:06:10 +0800 Subject: [PATCH] fix: ignore masked smtp pass in auth config (#157) --- internal/provider/settings_resource.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/internal/provider/settings_resource.go b/internal/provider/settings_resource.go index bf9c4d6..065c20e 100644 --- a/internal/provider/settings_resource.go +++ b/internal/provider/settings_resource.go @@ -312,6 +312,14 @@ func readAuthConfig(ctx context.Context, state *SettingsResourceModel, client *a msg := fmt.Sprintf("Unable to read auth settings, got status %d: %s", httpResp.StatusCode(), httpResp.Body) return diag.Diagnostics{diag.NewErrorDiagnostic("Client Error", msg)} } + // API treats sensitive fields as write-only + var body api.AuthConfigResponse + if !state.Auth.IsNull() { + if diags := state.Auth.Unmarshal(&body); diags.HasError() { + return diags + } + } + httpResp.JSON200.SmtpPass = body.SmtpPass if state.Auth, err = parseConfig(state.Auth, *httpResp.JSON200); err != nil { msg := fmt.Sprintf("Unable to read auth settings, got error: %s", err) return diag.Diagnostics{diag.NewErrorDiagnostic("Client Error", msg)} @@ -334,6 +342,8 @@ func updateAuthConfig(ctx context.Context, plan *SettingsResourceModel, client * msg := fmt.Sprintf("Unable to update auth settings, got status %d: %s", httpResp.StatusCode(), httpResp.Body) return diag.Diagnostics{diag.NewErrorDiagnostic("Client Error", msg)} } + // Copy over sensitive fields from TF plan + httpResp.JSON200.SmtpPass = body.SmtpPass if plan.Auth, err = parseConfig(plan.Auth, *httpResp.JSON200); err != nil { msg := fmt.Sprintf("Unable to update auth settings, got error: %s", err)