refactor(datasource): refactoring datasource secure json fields handling, #6697, #6692

pkg/api/datasources.go

@@ -206,17 +206,12 @@ func convertModelToDtos(ds *m.DataSource) dtos.DataSource {
 		WithCredentials:   ds.WithCredentials,
 		IsDefault:         ds.IsDefault,
 		JsonData:          ds.JsonData,
-	}
-
-	if len(ds.SecureJsonData) > 0 {
-		dto.TLSAuth.CACertSet = len(ds.SecureJsonData["tlsCACert"]) > 0
-		dto.TLSAuth.ClientCertSet = len(ds.SecureJsonData["tlsClientCert"]) > 0
-		dto.TLSAuth.ClientKeySet = len(ds.SecureJsonData["tlsClientKey"]) > 0
+		SecureJsonFields:  map[string]bool{},
 	}
 
 	for k, v := range ds.SecureJsonData {
 		if len(v) > 0 {
-			dto.EncryptedFields = append(dto.EncryptedFields, k)
+			dto.SecureJsonFields[k] = true
 		}
 	}
 

pkg/api/dtos/models.go

@@ -81,15 +81,7 @@ type DataSource struct {
 	WithCredentials   bool             `json:"withCredentials"`
 	IsDefault         bool             `json:"isDefault"`
 	JsonData          *simplejson.Json `json:"jsonData,omitempty"`
-	TLSAuth           TLSAuth          `json:"tlsAuth,omitempty"`
-	EncryptedFields   []string         `json:"encryptedFields"`
-}
-
-// TLSAuth is used to show if TLS certs have been uploaded already
-type TLSAuth struct {
-	CACertSet     bool `json:"tlsCACertSet"`
-	ClientCertSet bool `json:"tlsClientCertSet"`
-	ClientKeySet  bool `json:"tlsClientKeySet"`
+	SecureJsonFields  map[string]bool  `json:"secureJsonFields"`
 }
 
 type DataSourceList []DataSource

public/app/features/plugins/ds_edit_ctrl.ts

@@ -14,7 +14,7 @@ var defaults = {
   url: '',
   access: 'proxy',
   jsonData: {},
-  encryptedFields: []
+  secureJsonFields: {},
 };
 
 var datasourceCreated = false;

public/app/features/plugins/partials/ds_http_settings.html

@@ -89,13 +89,13 @@
       <div class="gf-form gf-form--v-stretch">
         <label class="gf-form-label width-7">CA Cert</label>
       </div>
-      <div class="gf-form gf-form--grow" ng-if="!current.tlsAuth.tlsCACertSet">
+      <div class="gf-form gf-form--grow" ng-if="!current.secureJsonFields.tlsCACert">
         <textarea rows="7" class="gf-form-input gf-form-textarea" ng-model="current.secureJsonData.tlsCACert" placeholder="Begins with -----BEGIN CERTIFICATE-----. The CA Certificate is necessary if you are using self-signed certificates."></textarea>
       </div>
 
-      <div class="gf-form" ng-if="current.tlsAuth.tlsCACertSet">
+      <div class="gf-form" ng-if="current.secureJsonFields.tlsCACert">
         <input type="text" class="gf-form-input max-width-12" disabled="disabled" value="configured">
-        <a class="btn btn-secondary gf-form-btn" href="#" ng-if="current.tlsAuth.tlsCACertSet" ng-click="current.tlsAuth.tlsCACertSet = false">reset</a>
+        <a class="btn btn-secondary gf-form-btn" href="#" ng-click="current.secureJsonFields.tlsCACert = false">reset</a>
       </div>
     </div>
   </div>
@@ -104,12 +104,12 @@
     <div class="gf-form gf-form--v-stretch">
       <label class="gf-form-label width-7">Client Cert</label>
     </div>
-    <div class="gf-form gf-form--grow" ng-if="!current.tlsAuth.tlsClientCertSet">
+    <div class="gf-form gf-form--grow" ng-if="!current.secureJsonFields.tlsClientCert">
       <textarea rows="7" class="gf-form-input gf-form-textarea" ng-model="current.secureJsonData.tlsClientCert" placeholder="Begins with -----BEGIN CERTIFICATE-----" required></textarea>
     </div>
-    <div class="gf-form" ng-if="current.tlsAuth.tlsClientCertSet">
+    <div class="gf-form" ng-if="current.secureJsonFields.tlsClientCert">
       <input type="text" class="gf-form-input max-width-12" disabled="disabled" value="configured">
-      <a class="btn btn-secondary gf-form-btn" href="#" ng-if="current.tlsAuth.tlsClientCertSet" ng-click="current.tlsAuth.tlsClientCertSet = false">reset</a>
+      <a class="btn btn-secondary gf-form-btn" href="#" ng-click="current.secureJsonFields.tlsClientCert = false">reset</a>
     </div>
   </div>
 
@@ -117,12 +117,12 @@
     <div class="gf-form gf-form--v-stretch">
       <label class="gf-form-label width-7">Client Key</label>
     </div>
-    <div class="gf-form gf-form--grow" ng-if="!current.tlsAuth.tlsClientKeySet">
+    <div class="gf-form gf-form--grow" ng-if="!current.secureJsonFields.tlsClientKey">
       <textarea rows="7" class="gf-form-input gf-form-textarea" ng-model="current.secureJsonData.tlsClientKey" placeholder="Begins with -----BEGIN RSA PRIVATE KEY-----" required></textarea>
     </div>
-    <div class="gf-form" ng-if="current.tlsAuth.tlsClientKeySet">
+    <div class="gf-form" ng-if="current.secureJsonFields.tlsClientKey">
       <input type="text" class="gf-form-input max-width-12" disabled="disabled" value="configured">
-      <a class="btn btn-secondary gf-form-btn" href="#" ng-if="current.tlsAuth.tlsClientKeySet" ng-click="current.tlsAuth.tlsClientKeySet = false">reset</a>
+      <a class="btn btn-secondary gf-form-btn" href="#" ng-click="current.secureJsonFields.tlsClientKey = false">reset</a>
     </div>
   </div>
 </div>

public/app/plugins/datasource/cloudwatch/config_ctrl.ts

@@ -15,14 +15,8 @@ export class CloudWatchConfigCtrl {
     this.current.jsonData.timeField = this.current.jsonData.timeField || '@timestamp';
     this.current.jsonData.authType = this.current.jsonData.authType || 'credentials';
 
-    for (let key of this.current.encryptedFields) {
-      if (key === "accessKey") {
-        this.accessKeyExist = true;
-      }
-      if (key === "secretKey") {
-        this.secretKeyExist = true;
-      }
-    }
+    this.accessKeyExist = this.current.secureJsonFields.accessKey;
+    this.secretKeyExist = this.current.secureJsonFields.secretKey;
   }
 
   resetAccessKey() {