server/router/api/v1 · 9d3a74bcccf934aa2fa95ee240b56cc3b3a25776 · Vũ Hoàng Anh / canifa_note

fix(api): make credentials write-only and restrict sensitive settings to admins · 9d3a74bc

memoclaw authored Mar 28, 2026

Security fixes for credential leakage across three resources:

- NOTIFICATION setting: restrict GetInstanceSetting to admin-only
  (was publicly accessible, exposing SMTP credentials)
- SMTP password: never return SmtpPassword in API responses (write-only)
- S3 secret: never return AccessKeySecret in API responses (write-only)
- OAuth2 ClientSecret: never return in API responses for any role
  (was previously returned to admins); remove redactIdentityProviderResponse
  in favor of omitting the field at the conversion layer
- Preserve-on-empty: when updating settings with an empty credential
  field, preserve the existing stored value instead of overwriting
  (applies to SmtpPassword, AccessKeySecret, and ClientSecret)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

9d3a74bc

Name	Last commit	Last update
..
test		Loading commit data...
acl_config.go		Loading commit data...
acl_config_test.go		Loading commit data...
attachment_exif_test.go		Loading commit data...
attachment_service.go		Loading commit data...
auth_service.go		Loading commit data...
auth_service_client_info_test.go		Loading commit data...
common.go		Loading commit data...
connect_handler.go		Loading commit data...
connect_interceptors.go		Loading commit data...
connect_services.go		Loading commit data...
header_carrier.go		Loading commit data...
health_service.go		Loading commit data...
idp_service.go		Loading commit data...
instance_service.go		Loading commit data...
memo_attachment_service.go		Loading commit data...
memo_relation_service.go		Loading commit data...
memo_service.go		Loading commit data...
memo_service_converter.go		Loading commit data...
memo_service_filter.go		Loading commit data...
memo_share_service.go		Loading commit data...
reaction_service.go		Loading commit data...
resource_name.go		Loading commit data...
shortcut_service.go		Loading commit data...
sse_event_helpers.go		Loading commit data...
sse_handler.go		Loading commit data...
sse_hub.go		Loading commit data...
sse_hub_test.go		Loading commit data...
sse_service_test.go		Loading commit data...
user_resource_name.go		Loading commit data...
user_service.go		Loading commit data...
user_service_stats.go		Loading commit data...
v1.go		Loading commit data...