update

galaxyproject · Dec 18, 2024 · 5cfd291 · 5cfd291
1 parent 0fa23cc
commit 5cfd291
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 17 deletions.
diff --git a/client/src/api/schema/schema.ts b/client/src/api/schema/schema.ts
@@ -7486,7 +7486,7 @@ export interface components {
              * Credential Value
              * @description Value of the credential
              */
-            value: string;
+            value?: string | null;
         };
         /**
          * CredentialType
@@ -17214,7 +17214,7 @@ export interface components {
              * Value
              * @description Value of the credential
              */
-            value: string;
+            value?: string | null;
         };
         /** UpdateCredentialsPayload */
         UpdateCredentialsPayload: {

diff --git a/lib/galaxy/schema/credentials.py b/lib/galaxy/schema/credentials.py
@@ -145,8 +145,8 @@ class CredentialPayload(Model):
         title="Type",
         description="Type of the credential(secret/variable)",
     )
-    value: str = Field(
-        ...,
+    value: Optional[str] = Field(
+        None,
         title="Credential Value",
         description="Value of the credential",
     )
@@ -186,8 +186,8 @@ class UpdateCredentialPayload(Model):
         title="ID",
         description="ID of the credential",
     )
-    value: str = Field(
-        ...,
+    value: Optional[str] = Field(
+        None,
         title="Value",
         description="Value of the credential",
     )

diff --git a/lib/galaxy/webapps/galaxy/services/credentials.py b/lib/galaxy/webapps/galaxy/services/credentials.py
@@ -269,6 +269,7 @@ def _create_user_credential(
         credentials_group.user_credentials_id = user_credentials_id
         session.add(credentials_group)
 
+        user_vault = UserVaultWrapper(self._app.vault, trans.user)
         provided_credentials_list: List[Credential] = []
         for credential_payload in payload.credentials:
             credential_name, credential_type, credential_value = (
@@ -285,12 +286,11 @@ def _create_user_credential(
             )
 
             if credential_type == "secret":
-                user_vault = UserVaultWrapper(self._app.vault, trans.user)
-                user_vault.write_secret(
-                    f"{source_type}|{source_id}|{reference}|{group_name}|{credential_name}", credential_value
-                )
+                vault_ref = f"{source_type}|{source_id}|{reference}|{group_name}|{credential_name}"
+                user_vault.write_secret(vault_ref, credential_value or "")
+                credential.value = "*" if credential_value else ""
             elif credential_type == "variable":
-                credential.value = credential_value
+                credential.value = credential_value or ""
             provided_credentials_list.append(credential)
             session.add(credential)
         with transaction(session):
@@ -310,7 +310,7 @@ def _create_user_credential(
             SecretResponse(
                 id=credential.id,
                 name=credential.name,
-                already_set=True,
+                already_set=True if credential.value else False,
             )
             for credential in provided_credentials_list
             if credential.type == "secret"
@@ -346,6 +346,7 @@ def _update_user_credential(
         if not existing_user_credentials:
             raise exceptions.ObjectNotFound("User credential not found.", type="error")
 
+        user_vault = UserVaultWrapper(self._app.vault, trans.user)
         session = trans.sa_session
         for provided_credential in payload.credentials:
             user_credentials, user_credentials_group, existing_credential = None, None, None
@@ -356,13 +357,20 @@ def _update_user_credential(
             if not existing_credential or not user_credentials or not user_credentials_group:
                 raise exceptions.ObjectNotFound("Credential not found.", type="error")
 
+            source_type, source_id, reference, group_name, credential_name = (
+                user_credentials.source_type,
+                user_credentials.source_id,
+                user_credentials.reference,
+                user_credentials_group.name,
+                existing_credential.name,
+            )
+
             if existing_credential and existing_credential.type == "secret":
-                user_vault = UserVaultWrapper(self._app.vault, trans.user)
-                vault_ref = f"{user_credentials.source_type}|{user_credentials.source_id}|{user_credentials.reference}|{user_credentials_group.name}|{existing_credential.name}"
-                user_vault.write_secret(vault_ref, provided_credential.value)
-                existing_credential.value = ""
+                vault_ref = f"{source_type}|{source_id}|{reference}|{group_name}|{credential_name}"
+                user_vault.write_secret(vault_ref, provided_credential.value or "")
+                existing_credential.value = "*" if provided_credential.value else ""
             elif existing_credential and existing_credential.type == "variable":
-                existing_credential.value = provided_credential.value
+                existing_credential.value = provided_credential.value or ""
             session.add(existing_credential)
 
         with transaction(session):