Adding a check to make sure that encryption does not execute upon directories, as well as adding copy to warn that attachments are not encrypted.
This commit is contained in:
parent
a6d59e9ea0
commit
3dcb3062f5
|
@ -73,6 +73,9 @@ export async function encryptFile(
|
||||||
const outputFileName = `${filename}.enc`
|
const outputFileName = `${filename}.enc`
|
||||||
|
|
||||||
const filePath = join(dir, filename)
|
const filePath = join(dir, filename)
|
||||||
|
if (fs.lstatSync(filePath).isDirectory()) {
|
||||||
|
throw new Error("Unable to encrypt directory")
|
||||||
|
}
|
||||||
const inputFile = fs.createReadStream(filePath)
|
const inputFile = fs.createReadStream(filePath)
|
||||||
const outputFile = fs.createWriteStream(join(dir, outputFileName))
|
const outputFile = fs.createWriteStream(join(dir, outputFileName))
|
||||||
|
|
||||||
|
@ -110,6 +113,9 @@ export async function decryptFile(
|
||||||
outputPath: string,
|
outputPath: string,
|
||||||
secret: string
|
secret: string
|
||||||
) {
|
) {
|
||||||
|
if (fs.lstatSync(inputPath).isDirectory()) {
|
||||||
|
throw new Error("Unable to encrypt directory")
|
||||||
|
}
|
||||||
const { salt, iv } = await getSaltAndIV(inputPath)
|
const { salt, iv } = await getSaltAndIV(inputPath)
|
||||||
const inputFile = fs.createReadStream(inputPath, {
|
const inputFile = fs.createReadStream(inputPath, {
|
||||||
start: SALT_LENGTH + IV_LENGTH,
|
start: SALT_LENGTH + IV_LENGTH,
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
export let app
|
export let app
|
||||||
export let published
|
export let published
|
||||||
let includeInternalTablesRows = true
|
let includeInternalTablesRows = true
|
||||||
let encypt = true
|
let encrypt = true
|
||||||
|
|
||||||
let password = null
|
let password = null
|
||||||
const validation = createValidationStore()
|
const validation = createValidationStore()
|
||||||
|
@ -27,9 +27,9 @@
|
||||||
$: stepConfig = {
|
$: stepConfig = {
|
||||||
[Step.CONFIG]: {
|
[Step.CONFIG]: {
|
||||||
title: published ? "Export published app" : "Export latest app",
|
title: published ? "Export published app" : "Export latest app",
|
||||||
confirmText: encypt ? "Continue" : exportButtonText,
|
confirmText: encrypt ? "Continue" : exportButtonText,
|
||||||
onConfirm: () => {
|
onConfirm: () => {
|
||||||
if (!encypt) {
|
if (!encrypt) {
|
||||||
exportApp()
|
exportApp()
|
||||||
} else {
|
} else {
|
||||||
currentStep = Step.SET_PASSWORD
|
currentStep = Step.SET_PASSWORD
|
||||||
|
@ -109,14 +109,14 @@
|
||||||
text="Export rows from internal tables"
|
text="Export rows from internal tables"
|
||||||
bind:value={includeInternalTablesRows}
|
bind:value={includeInternalTablesRows}
|
||||||
/>
|
/>
|
||||||
<Toggle text="Encrypt my export" bind:value={encypt} />
|
<Toggle text="Encrypt my export" bind:value={encrypt} />
|
||||||
</Body>
|
</Body>
|
||||||
{#if !encypt}
|
|
||||||
<InlineAlert
|
<InlineAlert
|
||||||
header="Do not share your budibase application exports publicly as they may contain sensitive information such as database credentials or secret keys."
|
header={encrypt
|
||||||
|
? "Please note Budibase does not encrypt the files during the export process to ensure efficient export of large attachments."
|
||||||
|
: "Do not share your Budibase application exports publicly as they may contain sensitive information such as database credentials or secret keys."}
|
||||||
/>
|
/>
|
||||||
{/if}
|
{/if}
|
||||||
{/if}
|
|
||||||
{#if currentStep === Step.SET_PASSWORD}
|
{#if currentStep === Step.SET_PASSWORD}
|
||||||
<Input
|
<Input
|
||||||
type="password"
|
type="password"
|
||||||
|
|
Loading…
Reference in New Issue