Encrypt the value for *password type attributes (update)

engine/attributes.go

@@ -163,16 +163,6 @@ func (alS *AttributeS) processEvent(ctx *context.Context, tnt string, args *util
 				continue
 			}
 		}
-		if attribute.Type == utils.MetaPassword {
-			password := attribute.Value.GetRule(config.CgrConfig().GeneralCfg().RSRSep)
-			if password, err = utils.ComputeHash(password); err != nil {
-				return
-			}
-			if attribute.Value, err = config.NewRSRParsers(password, config.CgrConfig().GeneralCfg().RSRSep); err != nil {
-				return
-			}
-			attribute.Type = utils.MetaConstant
-		}
 		var out interface{}
 		if out, err = ParseAttribute(dynDP, utils.FirstNonEmpty(attribute.Type, utils.MetaVariable), utils.DynamicDataPrefix+attribute.Path, attribute.Value, alS.cfg.GeneralCfg().RoundingDecimals, alS.cfg.GeneralCfg().DefaultTimezone, time.RFC3339, alS.cfg.GeneralCfg().RSRSep); err != nil {
 			rply = nil

engine/datamanager.go

@@ -1393,6 +1393,18 @@ func (dm *DataManager) SetAttributeProfile(ctx *context.Context, ap *AttributePr
 	if err != nil && err != utils.ErrNotFound {
 		return err
 	}
+	for _, attribute := range ap.Attributes {
+		if attribute.Type == utils.MetaPassword {
+			password := attribute.Value.GetRule(config.CgrConfig().GeneralCfg().RSRSep)
+			if password, err = utils.ComputeHash(password); err != nil {
+				return
+			}
+			if attribute.Value, err = config.NewRSRParsers(password, config.CgrConfig().GeneralCfg().RSRSep); err != nil {
+				return
+			}
+			attribute.Type = utils.MetaConstant
+		}
+	}
 	if err = dm.DataDB().SetAttributeProfileDrv(ctx, ap); err != nil {
 		return err
 	}

engine/z_attributes_test.go

@@ -4804,3 +4804,60 @@ func TestAttributesProcessEventPasswordAttribute(t *testing.T) {
 		t.Errorf("expected: <%+v>, \nreceived: <%+v>", utils.ToJSON(expAttrPrf), utils.ToJSON(rcvAttrPrf))
 	}
 }
+
+func TestAttributesSetAttributeProfilePasswordAttr(t *testing.T) {
+	tmp := Cache
+	tmpC := config.CgrConfig()
+	defer func() {
+		Cache = tmp
+		config.SetCgrConfig(tmpC)
+	}()
+
+	cfg := config.NewDefaultCGRConfig()
+	data := NewInternalDB(nil, nil, cfg.DataDbCfg().Items)
+	dm := NewDataManager(data, cfg.CacheCfg(), nil)
+	Cache = NewCacheS(cfg, dm, nil)
+
+	value := config.NewRSRParsersMustCompile("abcd123", config.CgrConfig().GeneralCfg().RSRSep)
+	attrPrf := &AttributeProfile{
+		Tenant: "cgrates.org",
+		ID:     "ATTR_TEST",
+		Attributes: []*Attribute{
+			{
+				Path:  "*req.Password",
+				Type:  utils.MetaPassword,
+				Value: value,
+			},
+		},
+		Weight: 10,
+	}
+
+	if err := dm.SetAttributeProfile(context.Background(), attrPrf, true); err != nil {
+		t.Fatal(err)
+	}
+
+	exp := &AttributeProfile{
+		Tenant: "cgrates.org",
+		ID:     "ATTR_TEST",
+		Attributes: []*Attribute{
+			{
+				Path: "*req.Password",
+				Type: utils.MetaConstant,
+			},
+		},
+		Weight: 10,
+	}
+
+	if rcv, err := dm.GetAttributeProfile(context.Background(), attrPrf.Tenant, attrPrf.ID, true, true,
+		utils.NonTransactional); err != nil {
+		t.Error(err)
+	} else if hashedPw := rcv.Attributes[0].Value.GetRule(cfg.GeneralCfg().RSRSep); !utils.VerifyHash(hashedPw, "abcd123") {
+		t.Errorf("Received an incorrect password")
+	} else {
+		rcv.Attributes[0].Value = nil
+		if !reflect.DeepEqual(rcv, exp) {
+			t.Errorf("expected: <%+v>, \nreceived: <%+v>",
+				utils.ToJSON(exp), utils.ToJSON(rcv))
+		}
+	}
+}