extension: fix update registered extension resource

Author: weizhouapache

framework/extensions/src/main/java/org/apache/cloudstack/framework/extensions/manager/ExtensionsManagerImpl.java

@@ -370,6 +370,39 @@ protected Pair<Boolean, String> getChecksumForExtensionPathOnMSPeer(Extension ex
         return getResultFromAnswersString(answersStr, extension, msHost, "get path checksum");
     }
 
+    protected List<ExtensionResourceMapDetailsVO> buildExtensionResourceDetailsArray(long extensionResourceMapId,
+            Map<String, String> details) {
+        List<ExtensionResourceMapDetailsVO> detailsList = new ArrayList<>();
+        if (MapUtils.isEmpty(details)) {
+            return detailsList;
+        }
+        for (Map.Entry<String, String> entry : details.entrySet()) {
+            boolean display = !SENSITIVE_DETAIL_KEYS.contains(entry.getKey().toLowerCase());
+            detailsList.add(new ExtensionResourceMapDetailsVO(extensionResourceMapId, entry.getKey(),
+                    entry.getValue(), display));
+        }
+        return detailsList;
+    }
+
+    protected void appendHiddenExtensionResourceDetails(long extensionResourceMapId,
+            List<ExtensionResourceMapDetailsVO> detailsList) {
+        if (CollectionUtils.isEmpty(detailsList)) {
+            return;
+        }
+        Map<String, String> hiddenDetails = extensionResourceMapDetailsDao.listDetailsKeyPairs(extensionResourceMapId, false);
+        if (MapUtils.isEmpty(hiddenDetails)) {
+            return;
+        }
+        Set<String> requestedKeys = detailsList.stream()
+                .map(ExtensionResourceMapDetailsVO::getName)
+                .collect(Collectors.toSet());
+        hiddenDetails.forEach((key, value) -> {
+            if (!requestedKeys.contains(key)) {
+                detailsList.add(new ExtensionResourceMapDetailsVO(extensionResourceMapId, key, value, false));
+            }
+        });
+    }
+
     protected List<ExtensionCustomAction.Parameter> getParametersListFromMap(String actionName, Map parametersMap) {
         if (MapUtils.isEmpty(parametersMap)) {
             return Collections.emptyList();
@@ -1021,31 +1054,18 @@ public Extension updateRegisteredExtensionWithResource(UpdateRegisteredExtension
 
         if (Boolean.TRUE.equals(cleanupDetails)) {
             extensionResourceMapDetailsDao.removeDetails(targetMapping.getId());
-        }
-        if (MapUtils.isNotEmpty(details)) {
-            // For sensitive keys (password, sshkey): if the caller explicitly
-            // passes a non-blank value → update; passes null/blank → remove the
-            // stored entry; omits the key entirely → leave existing value intact.
-            Map<String, String> nonSensitive = new HashMap<>();
-            for (Map.Entry<String, String> entry : details.entrySet()) {
-                String key = entry.getKey();
-                String value = entry.getValue();
-                if (SENSITIVE_DETAIL_KEYS.contains(key.toLowerCase())) {
-                    if (StringUtils.isNotBlank(value)) {
-                        // Explicit non-blank value: update the stored secret.
-                        extensionResourceMapDetailsDao.addDetail(
-                                targetMapping.getId(), key, value, false);
-                    } else {
-                        // Explicit null / blank value: remove the stored secret.
-                        extensionResourceMapDetailsDao.removeDetail(
-                                targetMapping.getId(), key);
-                    }
-                } else {
-                    nonSensitive.put(key, value);
-                }
-            }
-            if (MapUtils.isNotEmpty(nonSensitive)) {
-                updateExtensionResourceMapDetails(targetMapping.getId(), nonSensitive);
+        } else {
+            List<ExtensionResourceMapDetailsVO> detailsList = buildExtensionResourceDetailsArray(targetMapping.getId(), details);
+            if (CollectionUtils.isNotEmpty(detailsList)) {
+                appendHiddenExtensionResourceDetails(targetMapping.getId(), detailsList);
+            }
+            detailsList = detailsList.stream()
+                    .filter(detail -> detail.getValue() != null)
+                    .collect(Collectors.toList());
+            if (CollectionUtils.isNotEmpty(detailsList)) {
+                extensionResourceMapDetailsDao.saveDetails(detailsList);
+            } else {
+                extensionResourceMapDetailsDao.removeDetails(targetMapping.getId());
             }
         }
 
@@ -1080,8 +1100,9 @@ public ExtensionResourceMap registerExtensionWithCluster(Cluster cluster, Extens
             List<ExtensionResourceMapDetailsVO> detailsVOList = new ArrayList<>();
             if (MapUtils.isNotEmpty(details)) {
                 for (Map.Entry<String, String> entry : details.entrySet()) {
+                    boolean display = !SENSITIVE_DETAIL_KEYS.contains(entry.getKey().toLowerCase());
                     detailsVOList.add(new ExtensionResourceMapDetailsVO(savedExtensionMap.getId(),
-                            entry.getKey(), entry.getValue()));
+                            entry.getKey(), entry.getValue(), display));
                 }
                 extensionResourceMapDetailsDao.saveDetails(detailsVOList);
             }
@@ -2152,11 +2173,8 @@ public void updateExtensionResourceMapDetails(long extensionResourceMapId, Map<S
         if (MapUtils.isEmpty(details)) {
             return;
         }
-        List<ExtensionResourceMapDetailsVO> detailsList = new ArrayList<>();
-        for (Map.Entry<String, String> entry : details.entrySet()) {
-            detailsList.add(new ExtensionResourceMapDetailsVO(extensionResourceMapId, entry.getKey(),
-                    entry.getValue()));
-        }
+        List<ExtensionResourceMapDetailsVO> detailsList =
+                buildExtensionResourceDetailsArray(extensionResourceMapId, details);
         extensionResourceMapDetailsDao.saveDetails(detailsList);
     }
 

framework/extensions/src/test/java/org/apache/cloudstack/framework/extensions/manager/ExtensionsManagerImplTest.java

@@ -87,12 +87,14 @@
 import org.apache.cloudstack.framework.extensions.dao.ExtensionResourceMapDetailsDao;
 import org.apache.cloudstack.framework.extensions.vo.ExtensionCustomActionDetailsVO;
 import org.apache.cloudstack.framework.extensions.vo.ExtensionCustomActionVO;
+import org.apache.cloudstack.framework.extensions.vo.ExtensionResourceMapDetailsVO;
 import org.apache.cloudstack.framework.extensions.vo.ExtensionResourceMapVO;
 import org.apache.cloudstack.framework.extensions.vo.ExtensionVO;
 import org.apache.cloudstack.utils.identity.ManagementServerNode;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.MockedStatic;
@@ -1124,6 +1126,102 @@ public void updateRegisteredExtensionWithResourceUpdatesDetailsForExistingMappin
         verify(extensionResourceMapDetailsDao).saveDetails(any());
     }
 
+    @Test
+    public void updateRegisteredExtensionWithResourceCleanupDetailsFirstThenSaveRequested() {
+        UpdateRegisteredExtensionCmd cmd = mock(UpdateRegisteredExtensionCmd.class);
+        when(cmd.getResourceType()).thenReturn(ExtensionResourceMap.ResourceType.PhysicalNetwork.name());
+        when(cmd.getResourceId()).thenReturn("physnet-uuid");
+        when(cmd.getExtensionId()).thenReturn(1L);
+        when(cmd.getDetails()).thenReturn(Map.of("username", "root", "password", "secret"));
+        when(cmd.isCleanupDetails()).thenReturn(true);
+
+        ExtensionVO extension = mock(ExtensionVO.class);
+        when(extensionDao.findById(1L)).thenReturn(extension);
+
+        PhysicalNetworkVO physicalNetwork = mock(PhysicalNetworkVO.class);
+        when(physicalNetwork.getId()).thenReturn(42L);
+        when(physicalNetworkDao.findByUuid("physnet-uuid")).thenReturn(physicalNetwork);
+
+        ExtensionResourceMapVO existing = mock(ExtensionResourceMapVO.class);
+        when(existing.getExtensionId()).thenReturn(1L);
+        when(existing.getId()).thenReturn(100L);
+        when(extensionResourceMapDao.listByResourceIdAndType(42L, ExtensionResourceMap.ResourceType.PhysicalNetwork))
+                .thenReturn(List.of(existing));
+
+        extensionsManager.updateRegisteredExtensionWithResource(cmd);
+
+        verify(extensionResourceMapDetailsDao).removeDetails(100L);
+        verify(extensionResourceMapDetailsDao, never()).saveDetails(any());
+    }
+
+    @Test
+    @SuppressWarnings("unchecked")
+    public void updateRegisteredExtensionWithResourceStoresSensitiveDetailsWithDisplayFalse() {
+        UpdateRegisteredExtensionCmd cmd = mock(UpdateRegisteredExtensionCmd.class);
+        when(cmd.getResourceType()).thenReturn(ExtensionResourceMap.ResourceType.PhysicalNetwork.name());
+        when(cmd.getResourceId()).thenReturn("physnet-uuid");
+        when(cmd.getExtensionId()).thenReturn(1L);
+        when(cmd.getDetails()).thenReturn(Map.of("username", "root", "password", "newSecret"));
+        when(cmd.isCleanupDetails()).thenReturn(false);
+
+        ExtensionVO extension = mock(ExtensionVO.class);
+        when(extensionDao.findById(1L)).thenReturn(extension);
+
+        PhysicalNetworkVO physicalNetwork = mock(PhysicalNetworkVO.class);
+        when(physicalNetwork.getId()).thenReturn(42L);
+        when(physicalNetworkDao.findByUuid("physnet-uuid")).thenReturn(physicalNetwork);
+
+        ExtensionResourceMapVO existing = mock(ExtensionResourceMapVO.class);
+        when(existing.getExtensionId()).thenReturn(1L);
+        when(existing.getId()).thenReturn(100L);
+        when(extensionResourceMapDao.listByResourceIdAndType(42L, ExtensionResourceMap.ResourceType.PhysicalNetwork))
+                .thenReturn(List.of(existing));
+        extensionsManager.updateRegisteredExtensionWithResource(cmd);
+
+        ArgumentCaptor<List<ExtensionResourceMapDetailsVO>> captor = ArgumentCaptor.forClass(List.class);
+        verify(extensionResourceMapDetailsDao).saveDetails(captor.capture());
+        verify(extensionResourceMapDetailsDao, never()).removeDetails(anyLong());
+        List<ExtensionResourceMapDetailsVO> savedDetails = captor.getValue();
+
+        ExtensionResourceMapDetailsVO passwordDetail = savedDetails.stream()
+                .filter(detail -> "password".equals(detail.getName()))
+                .findFirst()
+                .orElse(null);
+        assertNotNull(passwordDetail);
+        assertFalse(passwordDetail.isDisplay());
+        assertEquals("newSecret", passwordDetail.getValue());
+    }
+
+    @Test
+    @SuppressWarnings("unchecked")
+    public void registerExtensionWithClusterStoresSensitiveDetailsWithDisplayFalse() {
+        Cluster cluster = mock(Cluster.class);
+        when(cluster.getId()).thenReturn(12L);
+        when(cluster.getName()).thenReturn("cluster-12");
+        when(cluster.getHypervisorType()).thenReturn(Hypervisor.HypervisorType.External);
+
+        Extension extension = mock(Extension.class);
+        when(extension.getId()).thenReturn(5L);
+
+        ExtensionResourceMapVO persistedMap = mock(ExtensionResourceMapVO.class);
+        when(persistedMap.getId()).thenReturn(120L);
+        when(extensionResourceMapDao.persist(any())).thenReturn(persistedMap);
+
+        extensionsManager.registerExtensionWithCluster(cluster, extension,
+                Map.of("username", "admin", "password", "s3cr3t"));
+
+        ArgumentCaptor<List<ExtensionResourceMapDetailsVO>> captor = ArgumentCaptor.forClass(List.class);
+        verify(extensionResourceMapDetailsDao).saveDetails(captor.capture());
+        List<ExtensionResourceMapDetailsVO> savedDetails = captor.getValue();
+
+        ExtensionResourceMapDetailsVO passwordDetail = savedDetails.stream()
+                .filter(detail -> "password".equals(detail.getName()))
+                .findFirst()
+                .orElse(null);
+        assertNotNull(passwordDetail);
+        assertFalse(passwordDetail.isDisplay());
+    }
+
     @Test
     public void testCreateExtensionResponse_BasicFields() {
         Extension extension = mock(Extension.class);

ui/src/views/extension/ExtensionResourcesTab.vue

@@ -77,7 +77,7 @@
       <update-registered-extension
         :resource="resource"
         :extension-resource="selectedResource"
-        @refresh-data="$emit('refresh-data')"
+        @refresh-data="handleRefreshData"
         @close-action="closeUpdateModal" />
     </a-modal>
   </div>
@@ -97,6 +97,7 @@ export default {
     TooltipButton,
     UpdateRegisteredExtension
   },
+  inject: ['parentFetchData'],
   props: {
     resource: {
       type: Object,
@@ -145,6 +146,11 @@ export default {
       this.updateModalVisible = false
       this.selectedResource = null
     },
+    handleRefreshData () {
+      if (this.parentFetchData) {
+        this.parentFetchData()
+      }
+    },
     unregisterExtension (record) {
       const params = {
         extensionid: this.resource.id,