search

splunk / splunk-sdk-python

Splunk Software Development Kit for Python
http://dev.splunk.com
Apache License 2.0
687 stars 369 forks source link

Remove clear_password assertions for storage/passwords tests #291

Closed dgao1029 closed 2 years ago

dgao1029 commented 4 years ago

POST requests to the /storage/passwords endpoint should not return the clear_password back in plaintext. The POST response should mask the clear_password but the Python SDK tests specifically check for the created or updated password. I removed those assertion checks.

fantavlik commented 4 years ago

Hey @dgao1029 I think the change that we actually want that will ensure that the clear_password is available as it was before to end-users is to force a state refresh after password creation. Following the Java SDK which you were just investigating this will update our StoragePassword model using the GET response.

So if you revert your testing changes and change this line: https://github.com/splunk/splunk-sdk-python/blob/develop/splunklib/client.py#L1847

to

storage_password = StoragePassword(self.service, self._entity_path(state))

I believe that will allow users to retrieve the password.clear_password as they were before without removing functionality.

ashah-splunk commented 2 years ago

@dgao1029 thank you for the PR, closing the PR as the change is not required.