From 13acb19e9fcde2e6bfa6cd41474d4cf00d71161a Mon Sep 17 00:00:00 2001
From: Tuan Dang <tony@infisical.com>
Date: Fri, 27 Jan 2023 22:07:56 +0700
Subject: [PATCH] Allow empty values for secrets

---
 .../src/controllers/v2/secretsController.ts   | 28 ++++++++++---------
 backend/src/helpers/database.ts               |  5 +++-
 backend/src/routes/v2/secrets.ts              |  2 +-
 3 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/backend/src/controllers/v2/secretsController.ts b/backend/src/controllers/v2/secretsController.ts
index 828a4e8e1a..4a5a919fdf 100644
--- a/backend/src/controllers/v2/secretsController.ts
+++ b/backend/src/controllers/v2/secretsController.ts
@@ -105,19 +105,21 @@ export const createSecrets = async (req: Request, res: Response) => {
             secretValueCiphertext: string;
             secretValueIV: string;
             secretValueTag: string;
-        }) => ({
-            version: 1,
-            workspace: new Types.ObjectId(workspaceId),
-            type,
-            user: type === SECRET_PERSONAL ? req.user : undefined,
-            environment,
-            secretKeyCiphertext,
-            secretKeyIV,
-            secretKeyTag,
-            secretValueCiphertext,
-            secretValueIV,
-            secretValueTag
-        }))
+        }) => {
+            return ({
+                version: 1,
+                workspace: new Types.ObjectId(workspaceId),
+                type,
+                user: type === SECRET_PERSONAL ? req.user : undefined,
+                environment,
+                secretKeyCiphertext,
+                secretKeyIV,
+                secretKeyTag,
+                secretValueCiphertext,
+                secretValueIV,
+                secretValueTag
+            });
+        })
     );
 
     setTimeout(async () => {
diff --git a/backend/src/helpers/database.ts b/backend/src/helpers/database.ts
index 1ba3bb9114..9ba592ea33 100644
--- a/backend/src/helpers/database.ts
+++ b/backend/src/helpers/database.ts
@@ -1,5 +1,4 @@
 import mongoose from 'mongoose';
-import { ISecret, Secret } from '../models';
 import { EESecretService } from '../ee/services';
 import { getLogger } from '../utils/logger';
 
@@ -16,6 +15,10 @@ const initDatabaseHelper = async ({
 }) => {
     try {
         await mongoose.connect(mongoURL);
+    
+        // allow empty strings to pass the required validator
+        mongoose.Schema.Types.String.checkRequired(v => typeof v === 'string');
+
         getLogger("database").info("Database connection established");
         
         await EESecretService.initSecretVersioning();
diff --git a/backend/src/routes/v2/secrets.ts b/backend/src/routes/v2/secrets.ts
index 45a273d351..9fca3039a2 100644
--- a/backend/src/routes/v2/secrets.ts
+++ b/backend/src/routes/v2/secrets.ts
@@ -32,7 +32,7 @@ router.post(
                         !secret.secretKeyCiphertext ||
                         !secret.secretKeyIV ||
                         !secret.secretKeyTag ||
-                        !secret.secretValueCiphertext ||
+                        (typeof secret.secretValueCiphertext !== 'string') ||
                         !secret.secretValueIV ||
                         !secret.secretValueTag
                     ) {