Resolve obfuscated password warnings, merge use of the field

2025-04-21 10:29:29 -05:00 · 2024-11-30 10:48:07 -08:00 · 2024-11-30 10:48:07 -08:00 · 880dc7b34c
commit 880dc7b34c
parent 627d0ac9cf
3 changed files with 7 additions and 18 deletions
--- a/src/paperless/serialisers.py
+++ b/src/paperless/serialisers.py
@ -11,22 +11,11 @@ from rest_framework import serializers
 from rest_framework.authtoken.serializers import AuthTokenSerializer

 from paperless.models import ApplicationConfiguration
+from paperless_mail.serialisers import ObfuscatedPasswordField

 logger = logging.getLogger("paperless.settings")


-class ObfuscatedUserPasswordField(serializers.Field):
-    """
-    Sends *** string instead of password in the clear
-    """
-
-    def to_representation(self, value):
-        return "**********" if len(value) > 0 else ""
-
-    def to_internal_value(self, data):
-        return data
-
-
 class PaperlessAuthTokenSerializer(AuthTokenSerializer):
    code = serializers.CharField(
        label="MFA Code",
@ -58,7 +47,7 @@ class PaperlessAuthTokenSerializer(AuthTokenSerializer):


 class UserSerializer(serializers.ModelSerializer):
-    password = ObfuscatedUserPasswordField(required=False)
+    password = ObfuscatedPasswordField(required=False)
    user_permissions = serializers.SlugRelatedField(
        many=True,
        queryset=Permission.objects.exclude(content_type__app_label="admin"),
@ -163,7 +152,7 @@ class SocialAccountSerializer(serializers.ModelSerializer):

 class ProfileSerializer(serializers.ModelSerializer):
    email = serializers.EmailField(allow_null=False)
-    password = ObfuscatedUserPasswordField(required=False, allow_null=False)
+    password = ObfuscatedPasswordField(required=False, allow_null=False)
    auth_token = serializers.SlugRelatedField(read_only=True, slug_field="key")
    social_accounts = SocialAccountSerializer(
        many=True,
--- a/src/paperless_mail/serialisers.py
+++ b/src/paperless_mail/serialisers.py
@ -8,13 +8,13 @@ from paperless_mail.models import MailAccount
 from paperless_mail.models import MailRule


-class ObfuscatedPasswordField(serializers.Field):
+class ObfuscatedPasswordField(serializers.CharField):
    """
    Sends *** string instead of password in the clear
    """

-    def to_representation(self, value):
-        return "*" * len(value)
+    def to_representation(self, value) -> str:
+        return "*" * max(10, len(value))

    def to_internal_value(self, data):
        return data
--- a/src/paperless_mail/tests/test_api.py
+++ b/src/paperless_mail/tests/test_api.py
@ -64,7 +64,7 @@ class TestAPIMailAccounts(DirectoriesMixin, APITestCase):
        self.assertEqual(returned_account1["username"], account1.username)
        self.assertEqual(
            returned_account1["password"],
-            "*" * len(account1.password),
+            "**********",
        )
        self.assertEqual(returned_account1["imap_server"], account1.imap_server)
        self.assertEqual(returned_account1["imap_port"], account1.imap_port)