paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-04-02 13:45:10 -05:00
Code Issues Packages Projects Releases Wiki Activity

Enhancement / fix: include social accounts and api tokens in export (#8016)

Browse Source
This commit is contained in:
shamoon 2024-10-26 06:51:22 -07:00 committed by GitHub
parent 53aa216a4a
commit 7649903d3c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 39 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/documents/management/commands/document_exporter.py
View File

@ -8,6 +8,9 @@ from pathlib import Path
from typing import TYPE_CHECKING
import tqdm
from allauth.socialaccount.models import SocialAccount
from allauth.socialaccount.models import SocialApp
from allauth.socialaccount.models import SocialToken
from django.conf import settings
from django.contrib.auth.models import Group
from django.contrib.auth.models import Permission
@ -21,6 +24,7 @@ from django.utils import timezone
from filelock import FileLock
from guardian.models import GroupObjectPermission
from guardian.models import UserObjectPermission
from rest_framework.authtoken.models import Token
if TYPE_CHECKING:
from django.db.models import QuerySet
@ -264,6 +268,10 @@ class Command(CryptMixin, BaseCommand):
"app_configs": ApplicationConfiguration.objects.all(),
"notes": Note.objects.all(),
"documents": Document.objects.order_by("id").all(),
"social_accounts": SocialAccount.objects.all(),
"social_apps": SocialApp.objects.all(),
"social_tokens": SocialToken.objects.all(),
"auth_tokens": Token.objects.all(),
}
if settings.AUDIT_LOG_ENABLED:
@ -557,15 +565,18 @@ class Command(CryptMixin, BaseCommand):
crypt_fields = crypt_config["fields"]
for manifest_record in manifest[exporter_key]:
for field in crypt_fields:
manifest_record["fields"][field] = self.encrypt_string(
value=manifest_record["fields"][field],
)
if manifest_record["fields"][field]:
manifest_record["fields"][field] = self.encrypt_string(
value=manifest_record["fields"][field],
)
elif MailAccount.objects.count() > 0:
elif (
MailAccount.objects.count() > 0
or SocialToken.objects.count() > 0
or Token.objects.count() > 0
):
self.stdout.write(
self.style.NOTICE(
"You have configured mail accounts, "
"but no passphrase was given. "
"Passwords will be in plaintext",
"No passphrase was given, sensitive fields will be in plaintext",
),
)

7
src/documents/management/commands/document_importer.py
View File

@ -414,9 +414,10 @@ class Command(CryptMixin, BaseCommand):
):
had_at_least_one_record = True
for field in crypt_fields:
record["fields"][field] = self.decrypt_string(
value=record["fields"][field],
)
if record["fields"][field]:
record["fields"][field] = self.decrypt_string(
value=record["fields"][field],
)
if had_at_least_one_record:
# It's annoying, but the DB is loaded from the JSON directly

16
src/documents/management/commands/mixins.py
View File

@ -97,6 +97,22 @@ class CryptMixin:
"model_name": "paperless_mail.mailaccount",
"fields": [
"password",
"refresh_token",
],
},
{
"exporter_key": "social_tokens",
"model_name": "socialaccount.socialtoken",
"fields": [
"token",
"token_secret",
],
},
{
"exporter_key": "auth_tokens",
"model_name": "authtoken.token",
"fields": [
"key",
],
},
]

6
src/documents/tests/test_management_exporter.py
View File

@ -971,10 +971,6 @@ class TestCryptExportImport(
)
stdout.seek(0)
self.assertIn(
(
"You have configured mail accounts, "
"but no passphrase was given. "
"Passwords will be in plaintext"
),
("No passphrase was given, sensitive fields will be in plaintext"),
stdout.read(),
)