From 31cd82f402634762a61a4f9ca95ef3d8d06c116a Mon Sep 17 00:00:00 2001
From: Chase Granberry <chase@logflare.app>
Date: Tue, 29 Oct 2024 08:12:02 -0700
Subject: [PATCH] fix: all configs with `password` field should respond with
 `REDACTED` value

---
 VERSION                                       |  2 +-
 lib/logflare/backends/backend.ex              |  2 +-
 .../api/backend_controller_test.exs           | 30 +++++++++++++++++++
 3 files changed, 32 insertions(+), 2 deletions(-)

diff --git a/VERSION b/VERSION
index ee672d89a..6f2d3653d 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.9.1
\ No newline at end of file
+1.9.2
\ No newline at end of file
diff --git a/lib/logflare/backends/backend.ex b/lib/logflare/backends/backend.ex
index 8a1df4891..1428fbb6b 100644
--- a/lib/logflare/backends/backend.ex
+++ b/lib/logflare/backends/backend.ex
@@ -98,7 +98,7 @@ defmodule Logflare.Backends.Backend do
           config when type == :datadog ->
             Map.put(config, :api_key, "REDACTED")
 
-          %{password: pass} = config when pass != nil and type == :elastic ->
+          %{password: pass} = config when pass != nil ->
             Map.put(config, :password, "REDACTED")
 
           cfg ->
diff --git a/test/logflare_web/controllers/api/backend_controller_test.exs b/test/logflare_web/controllers/api/backend_controller_test.exs
index d843b3a7c..86469bdee 100644
--- a/test/logflare_web/controllers/api/backend_controller_test.exs
+++ b/test/logflare_web/controllers/api/backend_controller_test.exs
@@ -169,6 +169,36 @@ defmodule LogflareWeb.Api.BackendControllerTest do
              } = json_response(conn, 201)
     end
 
+    test "creates a loki backend for an authenticated user", %{conn: conn, user: user} do
+      name = TestUtils.random_string()
+
+      conn =
+        conn
+        |> add_access_token(user, "private")
+        |> post("/api/backends", %{
+          name: name,
+          type: "loki",
+          config: %{url: "https://example.com", username: "someuser", password: "12345"},
+          metadata: %{
+            some: "data"
+          }
+        })
+
+      assert %{
+               "id" => _,
+               "token" => _,
+               "name" => ^name,
+               "config" => %{
+                 "url" => "https://" <> _,
+                 "password" => "REDACTED",
+                 "username" => "someuser"
+               },
+               "metadata" => %{
+                 "some" => "data"
+               }
+             } = json_response(conn, 201)
+    end
+
     test "returns 422 on missing arguments", %{conn: conn, user: user} do
       resp =
         conn