Skip to content

Commit e9bef84

Browse files
committed
fix(api): hide nested server secrets in database responses
Prevent database detail responses from exposing log drain and Sentinel settings when callers lack sensitive read access.
1 parent 99f6022 commit e9bef84

1 file changed

Lines changed: 42 additions & 2 deletions

File tree

app/Http/Controllers/Api/DatabasesController.php

Lines changed: 42 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ private function exposeFileStorageContentIfAllowed(LocalFileVolume|LocalPersiste
3737
return $storage;
3838
}
3939

40-
private function removeSensitiveData($database)
40+
private function removeSensitiveData($database, bool $loadNestedServerSecrets = false)
4141
{
4242
$database->makeHidden([
4343
'id',
@@ -60,11 +60,51 @@ private function removeSensitiveData($database)
6060
'mariadb_root_password',
6161
]);
6262
$this->exposeNestedServerSecrets($database);
63+
} else {
64+
$this->hideNestedServerSecrets($database, $loadNestedServerSecrets);
6365
}
6466

6567
return serializeApiResponse($database);
6668
}
6769

70+
private function hideNestedServerSecrets(Model $model, bool $loadRelations = false): void
71+
{
72+
if ($loadRelations) {
73+
$server = data_get($model, 'destination.server');
74+
} else {
75+
if (! $model->relationLoaded('destination')) {
76+
return;
77+
}
78+
79+
$destination = $model->getRelation('destination');
80+
if (! $destination || ! $destination->relationLoaded('server')) {
81+
return;
82+
}
83+
84+
$server = $destination->getRelation('server');
85+
}
86+
87+
if (! $server) {
88+
return;
89+
}
90+
91+
$server->makeHidden([
92+
'logdrain_axiom_api_key',
93+
'logdrain_newrelic_license_key',
94+
]);
95+
96+
if ($loadRelations || $server->relationLoaded('settings')) {
97+
$server->settings->makeHidden([
98+
'sentinel_token',
99+
'sentinel_custom_url',
100+
'logdrain_newrelic_license_key',
101+
'logdrain_axiom_api_key',
102+
'logdrain_custom_config',
103+
'logdrain_custom_config_parser',
104+
]);
105+
}
106+
}
107+
68108
/**
69109
* Expose sensitive fields on eager-loaded nested Server + ServerSetting
70110
* relations for callers with the `read:sensitive` or `root` token ability.
@@ -276,7 +316,7 @@ public function database_by_uuid(Request $request)
276316

277317
$this->authorize('view', $database);
278318

279-
return response()->json($this->removeSensitiveData($database));
319+
return response()->json($this->removeSensitiveData($database, loadNestedServerSecrets: true));
280320
}
281321

282322
#[OA\Patch(

0 commit comments

Comments
 (0)