1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

onepassword lookup - Make section and field case insensitive (#7564)

* onepassword lookup: Make section and field case insensitive

This was a regression in behavior when adding support for op v2.

* Return a string by default to avoid an exception if a field is missing

* Use a helper function to lower a value if possible

* Update changelog
This commit is contained in:
Sam Doran 2023-12-01 11:47:49 -05:00 committed by GitHub
parent 096d36adc5
commit 241cc02fa8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 21 additions and 6 deletions

View file

@ -0,0 +1,4 @@
bugfixes:
- >-
onepassword lookup plugin - field and section titles are now case insensitive when using
op CLI version two or later. This matches the behavior of version one (https://github.com/ansible-collections/community.general/pull/7564).

View file

@ -96,6 +96,14 @@ from ansible.module_utils.six import with_metaclass
from ansible_collections.community.general.plugins.module_utils.onepassword import OnePasswordConfig
def _lower_if_possible(value):
"""Return the lower case version value, otherwise return the value"""
try:
return value.lower()
except AttributeError:
return value
class OnePassCLIBase(with_metaclass(abc.ABCMeta, object)):
bin = "op"
@ -457,6 +465,7 @@ class OnePassCLIv2(OnePassCLIBase):
}
"""
data = json.loads(data_json)
field_name = _lower_if_possible(field_name)
for field in data.get("fields", []):
if section_title is None:
# If the field name exists in the section, return that value
@ -465,17 +474,19 @@ class OnePassCLIv2(OnePassCLIBase):
# If the field name doesn't exist in the section, match on the value of "label"
# then "id" and return "value"
if field.get("label") == field_name:
if field.get("label", "").lower() == field_name:
return field.get("value", "")
if field.get("id") == field_name:
if field.get("id", "").lower() == field_name:
return field.get("value", "")
# Look at the section data and get an identifier. The value of 'id' is either a unique ID
# or a human-readable string. If a 'label' field exists, prefer that since
# it is the value visible in the 1Password UI when both 'id' and 'label' exist.
section = field.get("section", {})
current_section_title = section.get("label", section.get("id"))
section_title = _lower_if_possible(section_title)
current_section_title = section.get("label", section.get("id", "")).lower()
if section_title == current_section_title:
# In the correct section. Check "label" then "id" for the desired field_name
if field.get("label") == field_name:

View file

@ -107,7 +107,7 @@ MOCK_ENTRIES = {
"queries": ["Omitted values"],
"kwargs": {
"field": "section-label-without-value",
"section": "section-without-values"
"section": "Section-Without-Values"
},
"expected": [""],
"output": load_file("v2_out_04.json")

View file

@ -13,10 +13,10 @@
"additional_information": "Jan 18, 2015, 08:13:38",
"fields": [
{
"id": "password",
"id": "Password",
"type": "CONCEALED",
"purpose": "PASSWORD",
"label": "password",
"label": "Password",
"value": "OctoberPoppyNuttyDraperySabbath",
"reference": "op://Test Vault/Authy Backup/password",
"password_details": {