From 6c7ddb082df96249cf0c20b7e021b1ba2e8d48a2 Mon Sep 17 00:00:00 2001 From: f Date: Tue, 1 Nov 2022 13:08:06 -0300 Subject: [PATCH 1/2] fix: no guardar el valor en texto plano si estuvo cifrado MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit cuando un campo está cifrado y no fue modificado, al guardar se guardaba en texto plano y luego salían errores de decifrado. closes #1515 closes #1938 closes #1939 closes #1940 closes #1942 closes #1943 closes #1944 closes #8204 --- app/models/metadata_template.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/models/metadata_template.rb b/app/models/metadata_template.rb index c778e1b2..5de54be1 100644 --- a/app/models/metadata_template.rb +++ b/app/models/metadata_template.rb @@ -134,7 +134,11 @@ MetadataTemplate = Struct.new(:site, :document, :name, :label, :type, # En caso de que algún campo necesite realizar acciones antes de ser # guardado def save - return true unless changed? + if !changed? + self[:value] = document_value if private? + + return true + end self[:value] = sanitize value self[:value] = encrypt(value) if private? From 3d8c9b4031d4290a27c3faaecd02323f6b9c6a77 Mon Sep 17 00:00:00 2001 From: f Date: Tue, 1 Nov 2022 13:17:03 -0300 Subject: [PATCH 2/2] feat: implementar campo de tipo password #8342 --- app/models/metadata_password.rb | 25 +++++++++++++++++++++ app/views/posts/attribute_ro/_password.haml | 6 +++++ app/views/posts/attributes/_password.haml | 7 ++++++ config/locales/en.yml | 2 ++ config/locales/es.yml | 2 ++ 5 files changed, 42 insertions(+) create mode 100644 app/models/metadata_password.rb create mode 100644 app/views/posts/attribute_ro/_password.haml create mode 100644 app/views/posts/attributes/_password.haml diff --git a/app/models/metadata_password.rb b/app/models/metadata_password.rb new file mode 100644 index 00000000..1e0e2698 --- /dev/null +++ b/app/models/metadata_password.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +# Almacena una contraseña +class MetadataPassword < MetadataString + # Las contraseñas no son indexables + # + # @return [boolean] + def indexable? + false + end + + private + + alias_method :original_sanitize, :sanitize + + # Sanitizar la string y generar un hash Bcrypt + # + # @param :string [String] + # @return [String] + def sanitize(string) + string = original_sanitize string + + ::BCrypt::Password.create(string).to_s + end +end diff --git a/app/views/posts/attribute_ro/_password.haml b/app/views/posts/attribute_ro/_password.haml new file mode 100644 index 00000000..e55b021f --- /dev/null +++ b/app/views/posts/attribute_ro/_password.haml @@ -0,0 +1,6 @@ +%tr{ id: attribute } + %th= post_label_t(attribute, post: post) + %td{ dir: dir, lang: locale } + = metadata.value + %br/ + %small= t('.safety') diff --git a/app/views/posts/attributes/_password.haml b/app/views/posts/attributes/_password.haml new file mode 100644 index 00000000..0aace30f --- /dev/null +++ b/app/views/posts/attributes/_password.haml @@ -0,0 +1,7 @@ +.form-group + = label_tag "#{base}_#{attribute}", post_label_t(attribute, post: post) + = password_field base, attribute, value: metadata.value, + dir: dir, lang: locale, + **field_options(attribute, metadata) + = render 'posts/attribute_feedback', + post: post, attribute: attribute, metadata: metadata diff --git a/config/locales/en.yml b/config/locales/en.yml index 530a9381..b9d4d8f9 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -414,6 +414,8 @@ en: attribute_ro: file: download: Download file + password: + safety: Passwords are stored safely show: front_matter: Post metadata submit: diff --git a/config/locales/es.yml b/config/locales/es.yml index eaa23137..b737f5c2 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -422,6 +422,8 @@ es: attribute_ro: file: download: Descargar archivo + password: + safety: Las contraseñas se almacenan de forma segura show: front_matter: Metadatos del artículo submit: