zowe · t1m0thyj · Jul 26, 2024 · Jul 24, 2024 · Jul 24, 2024 · Jul 24, 2024
diff --git a/packages/cli/__tests__/config/auto-init/__unit__/ApimlAutoInitHandler.unit.test.ts b/packages/cli/__tests__/config/auto-init/__unit__/ApimlAutoInitHandler.unit.test.ts
@@ -29,10 +29,10 @@ function mockConfigApi(properties: IConfig | undefined): any {
             },
             profiles: {
                 getProfilePathFromName: (name: string) => `profiles.${name}`,
-                get: jest.fn().mockReturnValue({})
+                get: jest.fn().mockReturnValue(properties.profiles.base?.properties)
             },
             secure: {
-                securePropsForProfile: jest.fn().mockReturnValue([])
+                securePropsForProfile: jest.fn().mockReturnValue(properties.profiles.base?.secure)
             }
         },
         exists: true,
@@ -195,21 +195,97 @@ describe("ApimlAutoInitHandler", () => {
         expect(response.profiles.base.properties.tokenValue).toEqual("fakeToken");
     });
 
+    it("should not have changed - secure fields with existing non-default base profile", async () => {
+        // NOTE: Token type and token value will be stored, but user and password will still be present in the base profile
+        const mockCreateZosmfSession = jest.fn();
+        const mockGetPluginApimlConfigs = jest.fn().mockReturnValue([]);
+        const mockGetServicesByConfig = jest.fn().mockResolvedValue([]);
+        jest.spyOn(ConfigUtils, "getActiveProfileName").mockReturnValueOnce("base");
+        const mockConfigValue: any = {
+            defaults: {},
+            profiles: {
+                "base": {
+                    properties: {
+                        host: "fake",
+                        port: 12345,
+                        user: "fake",
+                        password: "fake"
+                    },
+                    secure: [
+                        "host",
+                        "user",
+                        "password"
+                    ],
+                    profiles: {}
+                }
+            },
+            plugins: []
+        };
+        const mockConvertApimlProfileInfoToProfileConfig = jest.fn().mockReturnValue(mockConfigValue);
+        const mockLogin = jest.fn().mockResolvedValue("fakeToken");
+        jest.spyOn(ImperativeConfig.instance, "config", "get").mockReturnValue(mockConfigApi(mockConfigValue));
+
+        ZosmfSession.createSessCfgFromArgs = mockCreateZosmfSession;
+        Services.getPluginApimlConfigs = mockGetPluginApimlConfigs;
+        Services.getServicesByConfig = mockGetServicesByConfig;
+        Services.convertApimlProfileInfoToProfileConfig = mockConvertApimlProfileInfoToProfileConfig;
+        Login.apimlLogin = mockLogin;
+
+        const handler: any = new ApimlAutoInitHandler();
+        expect(handler.mProfileType).toBe("base");
+
+        handler.createSessCfgFromArgs();
+        expect(mockCreateZosmfSession).toHaveBeenCalledTimes(1);
+
+        const response = await handler.doAutoInit(
+            {
+                ISession: {
+                    hostname: "fake",
+                    port: 1234,
+                    user: "fake",
+                    password: "fake",
+                    type: SessConstants.AUTH_TYPE_BASIC,
+                    tokenType: undefined
+                }
+            }, {
+                arguments: {
+                    $0: "fake",
+                    _: ["fake"],
+                    "base-profile": "base"
+                }
+            });
+        expect(mockGetPluginApimlConfigs).toHaveBeenCalledTimes(1);
+        expect(mockGetServicesByConfig).toHaveBeenCalledTimes(1);
+        expect(mockConvertApimlProfileInfoToProfileConfig).toHaveBeenCalledTimes(1);
+        expect(mockLogin).toHaveBeenCalledTimes(1);
+        expect(response.profiles.base.secure).toEqual(["host", "tokenValue"]);
+        expect(response.profiles.base.properties.tokenType).toBeDefined();
+        expect(response.profiles.base.properties.tokenValue).toBeDefined();
+        expect(response.profiles.base.properties.user).toBeUndefined();
+        expect(response.profiles.base.properties.password).toBeUndefined();
+        expect(response.defaults.base).toBe("base");
+    });
+
     it("should not have changed - user & password with existing base profile", async () => {
         // NOTE: Token type and token value will be stored, but user and password will still be present in the base profile
         const mockCreateZosmfSession = jest.fn();
         const mockGetPluginApimlConfigs = jest.fn().mockReturnValue([]);
         const mockGetServicesByConfig = jest.fn().mockResolvedValue([]);
         jest.spyOn(ConfigUtils, "getActiveProfileName").mockReturnValueOnce("base");
         const mockConfigValue: any = {
-            defaults: { base: "base"},
+            defaults: { base: "base" },
             profiles: {
                 "base": {
                     properties: {
                         host: "fake",
-                        port: 12345
+                        port: 12345,
+                        user: "fake",
+                        password: "fake"
                     },
-                    secure: [],
+                    secure: [
+                        "user",
+                        "password"
+                    ],
                     profiles: {}
                 }
             },
@@ -254,6 +330,9 @@ describe("ApimlAutoInitHandler", () => {
         expect(response.profiles.base.secure).toContain("tokenValue");
         expect(response.profiles.base.properties.tokenType).toBeDefined();
         expect(response.profiles.base.properties.tokenValue).toBeDefined();
+        expect(response.profiles.base.properties.user).toBeUndefined();
+        expect(response.profiles.base.properties.password).toBeUndefined();
+        expect(response.defaults.base).toBe("base");
     });
 
     it("should not have changed - rejectUnauthorized flag true", async () => {

diff --git a/packages/imperative/src/cmd/__tests__/CommandProcessor.unit.test.ts b/packages/imperative/src/cmd/__tests__/CommandProcessor.unit.test.ts
@@ -26,6 +26,8 @@ import { ImperativeConfig } from "../../utilities/src/ImperativeConfig";
 import { setupConfigToLoad } from "../../../__tests__/src/TestUtil";
 import { EnvFileUtils, NextVerFeatures } from "../../utilities";
 import { join } from "path";
+import { Config } from "../../config";
+import { LoggerUtils } from "../..";
 
 jest.mock("../src/syntax/SyntaxValidator");
 jest.mock("../src/utils/SharedOptions");
@@ -1785,7 +1787,7 @@ describe("Command Processor", () => {
     });
 
 
-    it("should mask input value for a secure parm when --show-inputs-only flag is set", async () => {
+    it("should mask input value for a default secure parm when --show-inputs-only flag is set", async () => {
 
         // values to test
         const parm1Key = `user`;
@@ -1831,6 +1833,67 @@ describe("Command Processor", () => {
         expect(commandResponse.stderr.toString()).toContain(`Some inputs are not displayed`);
     });
 
+    it.each(LoggerUtils.SECURE_PROMPT_OPTIONS)("should mask input value for secure parm %s when --show-inputs-only flag is set", async (propName) => {
+
+        // values to test
+        const parm1Key = CliUtils.getOptionFormat(propName).kebabCase;
+        const parm1Value = `secret`;
+        const secure = `(secure value)`;
+        jest.spyOn(ImperativeConfig, "instance", "get").mockReturnValue({
+            config: {
+                api: {
+                    secure: {
+                        securePropsForProfile: jest.fn(() => [propName])
+                    }
+                },
+                layers: [{ exists: true, path: "zowe.config.json" }],
+                properties: Config.empty()
+            }
+        } as any);
+
+        // Allocate the command processor
+        const processor: CommandProcessor = new CommandProcessor({
+            envVariablePrefix: ENV_VAR_PREFIX,
+            fullDefinition: SAMPLE_COMPLEX_COMMAND, // `group action`
+            definition: { // `object`
+                name: "banana",
+                description: "The banana command",
+                type: "command",
+                handler: __dirname + "/__model__/TestCmdHandler",
+                options: [
+                    {
+                        name: parm1Key,
+                        type: "string",
+                        description: "The first parameter",
+                    }
+                ],
+                profile: {
+                    optional: ["fruit"]
+                }
+            },
+            helpGenerator: FAKE_HELP_GENERATOR,
+            profileManagerFactory: FAKE_PROFILE_MANAGER_FACTORY,
+            rootCommandName: SAMPLE_ROOT_COMMAND,
+            commandLine: "",
+            promptPhrase: "dummydummy",
+            config: ImperativeConfig.instance.config
+        });
+
+        const parms: any = {
+            arguments: {
+                _: ["check", "for", "banana"],
+                $0: "",
+                [parm1Key]: parm1Value,
+                valid: true,
+                showInputsOnly: true,
+            },
+            silent: true
+        };
+        const commandResponse: ICommandResponse = await processor.invoke(parms);
+        expect(commandResponse.data.commandValues[parm1Key]).toBe(secure);
+        expect(commandResponse.stderr.toString()).toContain(`Some inputs are not displayed`);
+    });
+
     it("should not mask input value for a secure parm when --show-inputs-only flag is set with env setting", async () => {
 
         // values to test