Hide project variables values by default
Add a button to reveal/hide the values to help prevent accidental disclosure of sensitive information from wandering on a page. Closes #21358
This commit is contained in:
parent
f70a6f3dca
commit
a43f71ec14
|
@ -208,6 +208,9 @@
|
|||
new gl.ProtectedBranchCreate();
|
||||
new gl.ProtectedBranchEditList();
|
||||
break;
|
||||
case 'projects:variables:index':
|
||||
new gl.ProjectVariables();
|
||||
break;
|
||||
}
|
||||
switch (path.first()) {
|
||||
case 'admin':
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
/* eslint-disable */
|
||||
((global) => {
|
||||
const HIDDEN_VALUE_TEXT = '******';
|
||||
|
||||
class ProjectVariables {
|
||||
constructor() {
|
||||
this.$reveal = $('.js-btn-toggle-reveal-values');
|
||||
|
||||
this.$reveal.on('click', this.toggleRevealState.bind(this));
|
||||
}
|
||||
|
||||
toggleRevealState(event) {
|
||||
event.preventDefault();
|
||||
|
||||
const $btn = $(event.currentTarget);
|
||||
const oldStatus = $btn.attr('data-status');
|
||||
|
||||
if (oldStatus == 'hidden') {
|
||||
[newStatus, newAction] = ['revealed', 'Hide Values'];
|
||||
} else {
|
||||
[newStatus, newAction] = ['hidden', 'Reveal Values'];
|
||||
}
|
||||
|
||||
$btn.attr('data-status', newStatus);
|
||||
|
||||
$variables = $('.variable-value');
|
||||
|
||||
for (let variable of $variables) {
|
||||
let $variable = $(variable);
|
||||
let newText = HIDDEN_VALUE_TEXT;
|
||||
|
||||
if (newStatus == 'revealed') {
|
||||
newText = $variable.attr('data-value');
|
||||
}
|
||||
|
||||
$variable.text(newText);
|
||||
}
|
||||
|
||||
$btn.text(newAction);
|
||||
}
|
||||
}
|
||||
|
||||
global.ProjectVariables = ProjectVariables;
|
||||
})(window.gl || (window.gl = {}));
|
|
@ -876,3 +876,11 @@ pre.light-well {
|
|||
pointer-events: none;
|
||||
}
|
||||
}
|
||||
|
||||
.variables-table {
|
||||
table-layout: fixed;
|
||||
|
||||
.variable-key {
|
||||
width: 30%;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -12,8 +12,8 @@
|
|||
- @project.variables.order_key_asc.each do |variable|
|
||||
- if variable.id?
|
||||
%tr
|
||||
%td= variable.key
|
||||
%td= variable.value
|
||||
%td.variable-key= variable.key
|
||||
%td.variable-value{ "data-value" => variable.value }******
|
||||
%td
|
||||
= link_to namespace_project_variable_path(@project.namespace, @project, variable), class: "btn btn-transparent btn-variable-edit" do
|
||||
%span.sr-only
|
||||
|
|
|
@ -15,3 +15,4 @@
|
|||
No variables found, add one with the form above.
|
||||
- else
|
||||
= render "table"
|
||||
%button.btn.btn-info.js-btn-toggle-reveal-values{"data-status" => 'hidden'} Reveal Values
|
||||
|
|
Loading…
Reference in New Issue