From 821740828bdd50bf0a687abcbeb30ac8ad74dbdc Mon Sep 17 00:00:00 2001 From: Wouter Klein Heerenbrink Date: Wed, 13 Sep 2023 07:48:36 +0200 Subject: [PATCH] Use `get(..)` instead of [..] for safe lookup of value (Fixes #7240) (#7241) A OnePassword field item might not have a value (property) when the user has omitted it (on purpose). (cherry picked from commit 1beb38ceff80b9e1d1437cab2ba27deff6a73124) --- ...nt-key-error-when-value-does-not-exist.yml | 2 + plugins/lookup/onepassword.py | 8 +-- .../unit/plugins/lookup/onepassword_common.py | 42 ++++++++++++ .../onepassword_fixtures/v2_out_04.json | 67 +++++++++++++++++++ .../v2_out_04.json.license | 3 + 5 files changed, 118 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/7241-prevent-key-error-when-value-does-not-exist.yml create mode 100644 tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json create mode 100644 tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json.license diff --git a/changelogs/fragments/7241-prevent-key-error-when-value-does-not-exist.yml b/changelogs/fragments/7241-prevent-key-error-when-value-does-not-exist.yml new file mode 100644 index 00000000000..caf722cc6f5 --- /dev/null +++ b/changelogs/fragments/7241-prevent-key-error-when-value-does-not-exist.yml @@ -0,0 +1,2 @@ +bugfixes: + - onepassword - fix KeyError exception when trying to access value of a field that is not filled out in OnePassword item (https://github.com/ansible-collections/community.general/pull/7241). diff --git a/plugins/lookup/onepassword.py b/plugins/lookup/onepassword.py index 6254db4858a..624d19e48a9 100644 --- a/plugins/lookup/onepassword.py +++ b/plugins/lookup/onepassword.py @@ -462,10 +462,10 @@ def _parse_field(self, data_json, field_name, section_title=None): # If the field name doesn't exist in the section, match on the value of "label" # then "id" and return "value" if field.get("label") == field_name: - return field["value"] + return field.get("value", "") if field.get("id") == field_name: - return field["value"] + return field.get("value", "") # Look at the section data and get an indentifier. The value of 'id' is either a unique ID # or a human-readable string. If a 'label' field exists, prefer that since @@ -475,10 +475,10 @@ def _parse_field(self, data_json, field_name, section_title=None): if section_title == current_section_title: # In the correct section. Check "label" then "id" for the desired field_name if field.get("label") == field_name: - return field["value"] + return field.get("value", "") if field.get("id") == field_name: - return field["value"] + return field.get("value", "") return "" diff --git a/tests/unit/plugins/lookup/onepassword_common.py b/tests/unit/plugins/lookup/onepassword_common.py index 0929792251c..b99b46691fa 100644 --- a/tests/unit/plugins/lookup/onepassword_common.py +++ b/tests/unit/plugins/lookup/onepassword_common.py @@ -81,5 +81,47 @@ def load_file(file): "expected": ["first value"], "output": load_file("v2_out_03.json") }, + { + # Request data from an omitted value (label lookup, no section) + "vault_name": "Test Vault", + "queries": ["Omitted values"], + "kwargs": { + "field": "label-without-value", + }, + "expected": [""], + "output": load_file("v2_out_04.json") + }, + { + # Request data from an omitted value (id lookup, no section) + "vault_name": "Test Vault", + "queries": ["Omitted values"], + "kwargs": { + "field": "67890q7mspf4x6zrlw3qejn7m", + }, + "expected": [""], + "output": load_file("v2_out_04.json") + }, + { + # Request data from an omitted value (label lookup, with section) + "vault_name": "Test Vault", + "queries": ["Omitted values"], + "kwargs": { + "field": "section-label-without-value", + "section": "section-without-values" + }, + "expected": [""], + "output": load_file("v2_out_04.json") + }, + { + # Request data from an omitted value (id lookup, with section) + "vault_name": "Test Vault", + "queries": ["Omitted values"], + "kwargs": { + "field": "123345q7mspf4x6zrlw3qejn7m", + "section": "section-without-values", + }, + "expected": [""], + "output": load_file("v2_out_04.json") + }, ], } diff --git a/tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json b/tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json new file mode 100644 index 00000000000..13b6cc2aa27 --- /dev/null +++ b/tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json @@ -0,0 +1,67 @@ +{ + "id": "bgqegp3xcxnpfkb45olwigpkpi", + "title": "OmittedValues", + "version": 1, + "vault": { + "id": "stpebbaccrq72xulgouxsk4p7y", + "name": "Private" + }, + "category": "LOGIN", + "last_edited_by": "WOUTERRUYBH7BFPHMZ2KKGL6AU", + "created_at": "2023-09-12T08:30:07Z", + "updated_at": "2023-09-12T08:30:07Z", + "additional_information": "fluxility", + "sections": [ + { + "id": "7osqcvd43i75teocdzbb6d7mie", + "label": "section-without-values" + } + ], + "fields": [ + { + "id": "username", + "type": "STRING", + "purpose": "USERNAME", + "label": "username", + "value": "fluxility", + "reference": "op://Testcase/OmittedValues/username" + }, + { + "id": "password", + "type": "CONCEALED", + "purpose": "PASSWORD", + "label": "password", + "value": "j89Dyb7psat*hkbkyLUQyq@GR.a-g2pQH_V_xtMhrn37rQ_2uRYoRiozj6TjWVLy2pbfEvjnse", + "entropy": 427.01202392578125, + "reference": "op://Testcase/OmittedValues/password", + "password_details": { + "entropy": 427, + "generated": true, + "strength": "FANTASTIC" + } + }, + { + "id": "notesPlain", + "type": "STRING", + "purpose": "NOTES", + "label": "notesPlain", + "reference": "op://Testcase/OmittedValues/notesPlain" + }, + { + "id": "67890q7mspf4x6zrlw3qejn7m", + "type": "URL", + "label": "label-without-value", + "reference": "op://01202392578125/OmittedValues/section-without-values/section-without-value" + }, + { + "id": "123345q7mspf4x6zrlw3qejn7m", + "section": { + "id": "6hbtca5yrlmoptgy3nw74222", + "label": "section-without-values" + }, + "type": "URL", + "label": "section-label-without-value", + "reference": "op://01202392578125/OmittedValues/section-without-values/section-without-value" + } + ] +} diff --git a/tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json.license b/tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json.license new file mode 100644 index 00000000000..969b956c2e5 --- /dev/null +++ b/tests/unit/plugins/lookup/onepassword_fixtures/v2_out_04.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: 2022, Ansible Project