fix: BI-5901 dict secrets deserializer fix (#774)

* dict secrets deserializer fix * type annotation * missing secret key fix * swap deserialization and decryption in us manager * mypy fix
datalens-tech · Jan 10, 2025 · 53279bc · 53279bc
1 parent 2271964
commit 53279bc
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 11 deletions.
diff --git a/lib/dl_core/dl_core/us_manager/us_entry_serializer.py b/lib/dl_core/dl_core/us_manager/us_entry_serializer.py
@@ -4,7 +4,6 @@
 from collections import ChainMap
 import copy
 from functools import reduce
-import json
 import logging
 from typing import (
     ClassVar,
@@ -131,8 +130,7 @@ def deserialize(
         for secret_key in declared_secret_keys:
             if secret_source_addressable.contains(secret_key):
                 sec_val = secret_source_addressable.pop(secret_key)
-                sec_val_str = json.dumps(sec_val)
-                raw_addressable.set(secret_key, sec_val_str)
+                raw_addressable.set(secret_key, sec_val)
 
         if secret_source_addressable.data:
             LOGGER.warning("Undeclared secrets found")

diff --git a/lib/dl_core/dl_core/us_manager/us_manager.py b/lib/dl_core/dl_core/us_manager/us_manager.py
@@ -2,7 +2,6 @@
 
 from collections import ChainMap
 from contextlib import contextmanager
-import json
 import logging
 from typing import (
     ClassVar,
@@ -342,6 +341,9 @@ def _entry_dict_to_obj(self, us_resp: dict, expected_type: Optional[Type[USEntry
                 secrets=us_resp.get("unversionedData"),  # type: ignore  # 2024-01-30 # TODO: Argument "secrets" to "USDataPack" has incompatible type "Any | None"; expected "dict[str, str | EncryptedData | None]"  [arg-type]
             )
 
+            for key, secret in data_pack.secrets.items():
+                data_pack.secrets[key] = self._crypto_controller.decrypt(secret)  # type: ignore # TODO: Argument 1 to "decrypt" of "CryptoController" has incompatible type "str | EncryptedData | None"; expected "EncryptedData | None"  [arg-type]
+
             entry = serializer.deserialize(
                 entry_cls,
                 data_pack,
@@ -350,11 +352,6 @@ def _entry_dict_to_obj(self, us_resp: dict, expected_type: Optional[Type[USEntry
                 common_properties=common_properties,
                 data_strict=False,
             )
-            secret_keys = serializer.get_secret_keys(entry_cls)
-            for key in secret_keys:
-                old_data = serializer.get_data_attr(entry, key)
-                decrypted_data = self._crypto_controller.decrypt(json.loads(old_data)) if old_data is not None else None
-                serializer.set_data_attr(entry, key, decrypted_data)
 
         entry.stored_in_db = True
         entry._us_resp = us_resp
@@ -433,8 +430,6 @@ def _get_entry_save_params(self, entry: USEntry) -> dict:
                 data_pack = USDataPack(data=data_dict)
 
             for key, secret in data_pack.secrets.items():
-                if isinstance(secret, dict):
-                    secret = json.dumps(secret)
                 assert secret is None or isinstance(secret, str)
                 data_pack.secrets[key] = self._crypto_controller.encrypt_with_actual_key(secret)