Do not expose which backend was used

MarcialRosales · MarcialRosales · commit 20c39e8d4908 · 2024-06-20T10:58:46.000+02:00
instead just indicate if the user is internal or not
diff --git a/deps/rabbitmq_management/priv/www/js/global.js b/deps/rabbitmq_management/priv/www/js/global.js
@@ -698,9 +698,6 @@ function DisplayControl() {
 
 }
 
-function is_internal_user(user) {
-  return user.backends.includes("rabbit_auth_backend_internal");
-}
 
 // Set up the above vars
 function setup_global_vars(overview) {
@@ -717,9 +714,9 @@ function setup_global_vars(overview) {
       '<li>Cluster ' + (user_administrator ?  '<a href="#/cluster-name">' + cluster_name + '</a>' : cluster_name) + '</li>'
     );
 
-    user_name = fmt_escape_html(user.name);
+    user_name = fmt_escape_html(user.name); 
     $('#header #logout').prepend(
-      'User ' + (user_administrator && is_internal_user(user) ?  '<a href="#/users/' + user_name + '">' + user_name + '</a>' : user_name)
+      'User ' + (user_administrator && user.is_internal_user ?  '<a href="#/users/' + user_name + '">' + user_name + '</a>' : user_name)
     );
 
     var product = overview.rabbitmq_version;
diff --git a/deps/rabbitmq_management/src/rabbit_mgmt_oauth_bootstrap.erl b/deps/rabbitmq_management/src/rabbit_mgmt_oauth_bootstrap.erl
@@ -20,31 +20,38 @@ bootstrap_oauth(Req0, State) ->
     Dependencies = oauth_dependencies(),
     JSContent = import_dependencies(Dependencies) ++ 
                 set_oauth_settings(AuthSettings) ++ 
-                case proplists:get_value(oauth_enabled, AuthSettings, false) of             
-                    true -> set_token_auth(Req0) ++ export_dependencies(oauth_dependencies());
-                    false -> export_dependencies(["oauth_initialize_if_required", "set_oauth_settings"])
-                end,
-    {ok, cowboy_req:reply(200, #{<<"content-type">> => <<"text/javascript; charset=utf-8">>}, JSContent, Req0), State}.
+                set_token_auth(AuthSettings, Req0) ++ 
+                export_dependencies(Dependencies),                
+    {ok, cowboy_req:reply(200, #{<<"content-type">> => <<"text/javascript; charset=utf-8">>}, 
+        JSContent, Req0), State}.
 
 set_oauth_settings(AuthSettings) ->    
     JsonAuthSettings = rabbit_json:encode(rabbit_mgmt_format:format_nulls(AuthSettings)),
     ["set_oauth_settings(", JsonAuthSettings, ");"].
-
-set_token_auth(Req0) ->
-    case application:get_env(rabbitmq_management, oauth_enabled, false) of
-        true ->
+    
+set_token_auth(AuthSettings, Req0) ->
+    case proplists:get_value(oauth_enabled, AuthSettings, false) of      
+        true ->       
             case cowboy_req:parse_header(<<"authorization">>, Req0) of
                 {bearer, Token} ->  ["set_token_auth('", Token, "');"];
                 _ -> []
             end;
-        false -> []
+        false -> 
+            []
     end.
 
 import_dependencies(Dependencies) ->
     ["import {", string:join(Dependencies, ","), "} from './helper.js';"].
 
 oauth_dependencies() ->
-    ["oauth_initialize_if_required", "hasAnyResourceServerReady", "oauth_initialize", "oauth_initiate", "oauth_initiateLogin", "oauth_initiateLogout", "oauth_completeLogin", "oauth_completeLogout", "set_oauth_settings"].
+    ["oauth_initialize_if_required",
+        "hasAnyResourceServerReady", 
+        "oauth_initialize", "oauth_initiate", 
+        "oauth_initiateLogin",
+        "oauth_initiateLogout", 
+        "oauth_completeLogin", 
+        "oauth_completeLogout", 
+        "set_oauth_settings"].
 
 export_dependencies(Dependencies) ->
     [ io_lib:format("window.~s = ~s;", [Dep, Dep]) || Dep <- Dependencies ].
diff --git a/deps/rabbitmq_management_agent/src/rabbit_mgmt_format.erl b/deps/rabbitmq_management_agent/src/rabbit_mgmt_format.erl
@@ -263,10 +263,11 @@ internal_user(User) ->
      {tags,              tags_as_binaries(internal_user:get_tags(User))},
      {limits,            internal_user:get_limits(User)}].
 
-user(User) ->
+user(User) ->    
     [{name, User#user.username},
      {tags, tags_as_binaries(User#user.tags)},
-     {backends, [ Module || {Module, _} <- User#user.authz_backends]}].
+     {is_internal_user, lists:any(fun({Module,_}) -> Module == rabbit_auth_backend_internal  end, 
+                                    User#user.authz_backends)}].
 
 tags_as_binaries(Tags) ->
     [to_binary(T) || T <- Tags].
