From a430cfffe04bba6a51e7b214c4b89afef1003c32 Mon Sep 17 00:00:00 2001
From: Keenan Brock <keenan@thebrocks.net>
Date: Fri, 22 Sep 2023 09:45:24 -0400
Subject: [PATCH] Merge pull request #1239 from
 agrare/allow_configuration_script_payloads_credentials_to_be_shown

Allow configuration_script_payloads#credentials to be shown

(cherry picked from commit 39e5ed90a731afc22919cf17cb81f4dd2e17fb5d)
---
 .../configuration_script_payloads_controller.rb | 12 ++++++++++++
 .../configuration_script_payloads_spec.rb       | 17 ++++++++++++++++-
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/app/controllers/api/configuration_script_payloads_controller.rb b/app/controllers/api/configuration_script_payloads_controller.rb
index 98caf498ed..50e315430b 100644
--- a/app/controllers/api/configuration_script_payloads_controller.rb
+++ b/app/controllers/api/configuration_script_payloads_controller.rb
@@ -2,6 +2,18 @@ module Api
   class ConfigurationScriptPayloadsController < BaseController
     include Subcollections::Authentications
 
+    def api_resource_action_options
+      # ConfigurationScriptPayloads do not have any passwords stored directly
+      # in the record, they reference the Authentication model via the
+      # credentials jsonb mapping.  The names of these mappings are user defined
+      # and can include e.g. "api_password" => {"credential_ref" => ..} and this
+      # entire key would be removed from the payload.
+      #
+      # Since there aren't any encrypted attributes in this record it is safe
+      # to include encrypted attributes in the payload response.
+      %w[include_encrypted_attributes]
+    end
+
     def edit_resource(type, id, data)
       resource = resource_search(id, type)
 
diff --git a/spec/requests/configuration_script_payloads_spec.rb b/spec/requests/configuration_script_payloads_spec.rb
index 3871b0f157..2dd5b6fea0 100644
--- a/spec/requests/configuration_script_payloads_spec.rb
+++ b/spec/requests/configuration_script_payloads_spec.rb
@@ -105,7 +105,22 @@
         it "adds the authentication to the configuration_script_payload.authentications" do
           api_basic_authorize collection_action_identifier(:configuration_script_payloads, :edit, :post)
 
-          post(api_configuration_script_payloads_url, :params => {:action => 'edit', :resources => [{:id => script_payload.id, :name => 'foo', :credentials => {"my-cred" => {"credential_ref" => "my-credential", "credential_field" => "userid"}}}]})
+          expected_credentials = {
+            "my-cred-user"     => {"credential_ref" => "my-credential", "credential_field" => "userid"},
+            "my-cred-password" => {"credential_ref" => "my-credential", "credential_field" => "password"},
+          }
+
+          resource = {
+            :id          => script_payload.id,
+            :name        => 'foo',
+            :credentials => expected_credentials
+          }
+
+          post(api_configuration_script_payloads_url, :params => {:action => 'edit', :resources => [resource]})
+
+          expect(response.parsed_body["results"].first).to include(
+            "credentials" => expected_credentials
+          )
           expect(script_payload.reload.authentications).to include(authentication)
         end