Merge branch 'integrations-secret-fields-naming' into 'master'

Align naming for "secret" fields in integrations See merge request gitlab-org/gitlab!84154

Merge branch 'integrations-secret-fields-naming' into 'master'
Align naming for "secret" fields in integrations See merge request gitlab-org/gitlab!84154
6ece097e · Kerri Miller · 2863c625 · b8c82b9a · 6ece097e · 6ece097e
Commit 6ece097e authored Apr 04, 2022 by Kerri Miller
6 changed files
--- a/app/controllers/concerns/integrations/params.rb
+++ b/app/controllers/concerns/integrations/params.rb
@@ -89,7 +89,7 @@ module Integrations
      param_values = return_value[:integration]

      if param_values.is_a?(ActionController::Parameters)
-        integration.password_fields.each do |param|
+        integration.secret_fields.each do |param|
          param_values.delete(param) if param_values[param].blank?
        end
      end

--- a/app/models/integration.rb
+++ b/app/models/integration.rb
@@ -428,7 +428,9 @@ class Integration < ApplicationRecord
    []
  end

-  def password_fields
+  # TODO: Once all integrations use `Integrations::Field` we can
+  # use `#secret?` here.
+  def secret_fields
    fields.select { |f| f[:type] == 'password' }.pluck(:name)
  end


--- a/app/models/integrations/field.rb
+++ b/app/models/integrations/field.rb
@@ -2,7 +2,7 @@

 module Integrations
  class Field
-    SENSITIVE_NAME = %r/token|key|password|passphrase|secret/.freeze
+    SECRET_NAME = %r/token|key|password|passphrase|secret/.freeze

    ATTRIBUTES = %i[
      section type placeholder required choices value checkbox_label
@@ -17,7 +17,7 @@ module Integrations
    def initialize(name:, type: 'text', api_only: false, **attributes)
      @name = name.to_s.freeze

-      attributes[:type] = SENSITIVE_NAME.match?(@name) ? 'password' : type
+      attributes[:type] = SECRET_NAME.match?(@name) ? 'password' : type
      attributes[:api_only] = api_only
      @attributes = attributes.freeze
    end
@@ -31,7 +31,7 @@ module Integrations
      value
    end

-    def sensitive?
+    def secret?
      @attributes[:type] == 'password'
    end


--- a/spec/models/integration_spec.rb
+++ b/spec/models/integration_spec.rb
@@ -720,7 +720,7 @@ RSpec.describe Integration do

  describe '#api_field_names' do
    shared_examples 'api field names' do
-      it 'filters out sensitive fields' do
+      it 'filters out secret fields' do
        safe_fields = %w[some_safe_field safe_field url trojan_gift]

        expect(fake_integration.new).to have_attributes(
@@ -857,7 +857,7 @@ RSpec.describe Integration do
    end
  end

-  describe '#password_fields' do
+  describe '#secret_fields' do
    it 'returns all fields with type `password`' do
      allow(subject).to receive(:fields).and_return([
        { name: 'password', type: 'password' },
@@ -865,11 +865,11 @@ RSpec.describe Integration do
        { name: 'public', type: 'text' }
      ])

-      expect(subject.password_fields).to match_array(%w[password secret])
+      expect(subject.secret_fields).to match_array(%w[password secret])
    end

-    it 'returns an empty array if no password fields exist' do
-      expect(subject.password_fields).to eq([])
+    it 'returns an empty array if no secret fields exist' do
+      expect(subject.secret_fields).to eq([])
    end
  end


--- a/spec/models/integrations/field_spec.rb
+++ b/spec/models/integrations/field_spec.rb
@@ -84,17 +84,17 @@ RSpec.describe ::Integrations::Field do
    end
  end

-  describe '#sensitive' do
+  describe '#secret?' do
    context 'when empty' do
-      it { is_expected.not_to be_sensitive }
+      it { is_expected.not_to be_secret }
    end

-    context 'when a password field' do
+    context 'when a secret field' do
      before do
        attrs[:type] = 'password'
      end

-      it { is_expected.to be_sensitive }
+      it { is_expected.to be_secret }
    end

    %w[token api_token api_key secret_key secret_sauce password passphrase].each do |name|
@@ -103,7 +103,7 @@ RSpec.describe ::Integrations::Field do
          attrs[:name] = name
        end

-        it { is_expected.to be_sensitive }
+        it { is_expected.to be_secret }
      end
    end

@@ -112,7 +112,7 @@ RSpec.describe ::Integrations::Field do
        attrs[:name] = :url
      end

-      it { is_expected.not_to be_sensitive }
+      it { is_expected.not_to be_secret }
    end
  end
 end
--- a/spec/requests/api/integrations_spec.rb
+++ b/spec/requests/api/integrations_spec.rb
@@ -378,15 +378,15 @@ RSpec.describe API::Integrations do

    def assert_correct_response_fields(response_keys, integration)
      assert_fields_match_integration(response_keys, integration)
-      assert_password_fields_filtered(response_keys, integration)
+      assert_secret_fields_filtered(response_keys, integration)
    end

    def assert_fields_match_integration(response_keys, integration)
      expect(response_keys).to match_array(integration.api_field_names)
    end

-    def assert_password_fields_filtered(response_keys, integration)
-      expect(response_keys).not_to include(*integration.password_fields)
+    def assert_secret_fields_filtered(response_keys, integration)
+      expect(response_keys).not_to include(*integration.secret_fields)
    end
  end
 end