Add client-side scrubbing of passwords. Fixes #34

2018-11-22 00:36:35 +08:00 · 2018-11-22 00:36:35 +08:00 · a72f84f17d
parent f9c9ddbf59
commit a72f84f17d
4 changed files with 34 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -82,7 +82,7 @@ $ pytest

 ## Privacy Policy
 - No personal data is ever stored or transmitted by this application.
- During beta, crash reports are sent to [Sentry](https://sentry.io) to quickly find bugs. You can disable this by setting the env variable `NO_SENTRY=1`. Your repo password will be scrubbed before the test report is transmitted, as detailed [here](https://docs.sentry.io/data-management/sensitive-data/#server-side-scrubbing)
+- During beta, crash reports are sent to [Sentry](https://sentry.io) to quickly find bugs. You can disable this by setting the env variable `NO_SENTRY=1`. Your repo password will be scrubbed *before* the test report is transmitted.

 ## Author
 (C) 2018 Manuel Riel for [BorgBase.com](https://www.borgbase.com)
--- a/src/vorta/main.py
+++ b/src/vorta/main.py
@ -6,15 +6,12 @@ import vorta.models
 from vorta.application import VortaApp
 from vorta.config import SETTINGS_DIR
 import vorta.updater
-from vorta._version import __version__


 def main():
-    # Send crashes to Sentry
+    # Send crashes to Sentry.
    if not os.environ.get('NO_SENTRY', False):
-        import sentry_sdk
-        sentry_sdk.init("https://a4a23df3e44743d5b5c5f06417a9a809@sentry.io/1311799",
-                        release=__version__)
+        import vorta.sentry

    # Init database
    sqlite_db = peewee.SqliteDatabase(os.path.join(SETTINGS_DIR, 'settings.db'))
--- a/src/vorta/borg/borg_thread.py
+++ b/src/vorta/borg/borg_thread.py
@ -47,6 +47,8 @@ class BorgThread(QtCore.QThread, BackupProfileMixin):
        if params.get('ssh_key') and params['ssh_key'] is not None:
            env['BORG_RSH'] += f' -i ~/.ssh/{params["ssh_key"]}'

+        raise Exception
+
        self.env = env
        self.cmd = cmd
        self.params = params
--- a/src/vorta/sentry.py
+++ b/src/vorta/sentry.py
@ -0,0 +1,29 @@
+import sentry_sdk
+from vorta._version import __version__
+
+
+def scrub_sensitive_data(event, hint):
+    """Adapted from https://stackoverflow.com/questions/9807634/
+            find-all-occurrences-of-a-key-in-nested-python-dictionaries-and-lists/29652561"""
+    def gen_dict_extract(key, var):
+        if hasattr(var, 'items'):
+            for k, v in var.items():
+                if k == key:
+                    var[k] = 'FILTERED'
+                    yield v
+                if isinstance(v, dict):
+                    for result in gen_dict_extract(key, v):
+                        yield result
+                elif isinstance(v, list):
+                    for d in v:
+                        for result in gen_dict_extract(key, d):
+                            yield result
+
+    list(gen_dict_extract('BORG_PASSPHRASE', event))
+    list(gen_dict_extract('password', event))
+    return event
+
+
+sentry_sdk.init("https://a4a23df3e44743d5b5c5f06417a9a809@sentry.io/1311799",
+                release=__version__,
+                before_send=scrub_sensitive_data)