[IMP] server_environment: hide SMTP passwords

server_environment/server_env.py

@@ -312,7 +312,7 @@ def _is_secret(self, key):
         should be secret.
         :return: list of secret keywords
         """
-        secret_keys = ["passw", "key", "secret", "token"]
+        secret_keys = ["_pass", "passw", "key", "secret", "token"]
         return any(secret_key in key for secret_key in secret_keys)
 
     @api.model

server_environment/tests/test_server_environment.py

@@ -9,6 +9,17 @@
 from .. import server_env
 from . import common
 
+NO_DEFAULT = [
+    "id",
+    "create_uid",
+    "create_date",
+    "write_uid",
+    "write_date",
+    "display_name",
+    "config",
+    "__last_update",
+]
+
 
 class TestEnv(common.ServerEnvironmentCase):
     def test_view(self):
@@ -20,17 +31,20 @@ def _test_default(self, hidden_pwd=False):
         model = self.env["server.config"]
         rec = model.create({})
         fields = model.fields_get()
-        self.assertTrue(fields)
         defaults = rec.default_get(list(fields))
-        self.assertTrue(defaults)
+        fields_with_default = {fld for fld in fields if fld not in NO_DEFAULT}
+        self.assertTrue(fields_with_default)
         self.assertIsInstance(defaults, dict)
+        self.assertEqual(fields_with_default, set(defaults))
+        # Check secrets
         pass_checked = False
         for default in defaults:
-            if "passw" in default:
+            if "passw" in default or "_pass" in default:
                 check = self.assertEqual if hidden_pwd else self.assertNotEqual
                 check(defaults[default], "**********")
                 pass_checked = True
         self.assertTrue(pass_checked)
+        return defaults
 
     @patch.dict(odoo_config.options, {"running_env": "dev"})
     def test_default_dev(self):
@@ -54,10 +68,24 @@ def test_odoosh_dev_from_environ(self):
         self._test_default()
 
     @patch.dict(odoo_config.options, {"running_env": "testing"})
-    def test_value_retrival(self):
+    def test_value_retrieval(self):
         with self.set_config_dir("testfiles"):
             parser = server_env._load_config()
             val = parser.get("external_service.ftp", "user")
             self.assertEqual(val, "testing")
             val = parser.get("external_service.ftp", "host")
             self.assertEqual(val, "sftp.example.com")
+
+    @patch.dict(odoo_config.options, {"running_env": "testing"})
+    def test_default_hidden_password(self):
+        with self.load_config(config_dir="testfiles"):
+            model = self.env["server.config"]
+            model._add_columns()
+            del self.env.registry.model_cache[model._model_classes]
+            self.env.registry.setup_models(self.env.cr)
+        defaults = self._test_default(hidden_pwd=True)
+
+        self.assertIn("odoo_I_admin_passwd", defaults)
+        self.assertIn("odoo_I_db_password", defaults)
+        self.assertIn("odoo_I_smtp_password", defaults)
+        self.assertIn("outgoing_mail_provider_promail_I_smtp_pass", defaults)

server_environment/tests/testfiles/testing/outmail.conf

@@ -0,0 +1,6 @@
+[outgoing_mail.provider_promail]
+smtp_encryption	= ssl
+smtp_host = email.server.invalid
+smtp_pass = THISISNOTPUBLIC
+smtp_port = 912
+smtp_user = user_abc