Hide sensitive data in telemetry in install/update process

glpi-project · Nov 6, 2024 · 7ebcdc9 · 7ebcdc9
1 parent 9aa47ed
commit 7ebcdc9
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 19 deletions.
diff --git a/ajax/telemetry.php b/ajax/telemetry.php
@@ -43,12 +43,16 @@
 
 if (!($_SESSION['telemetry_from_install'] ?? false)) {
     Session::checkRight("config", READ);
+    $hide_sensitive_data = false;
+} else {
+    $hide_sensitive_data = true;
 }
 
 echo Html::css("public/lib/prismjs.css");
 echo Html::script("public/lib/prismjs.js");
 
-$infos = Telemetry::getTelemetryInfos();
+$infos = Telemetry::getTelemetryInfos($hide_sensitive_data);
+
 echo "<p>" . __("We only collect the following data: plugins usage, performance and responsiveness statistics about user interface features, memory, and hardware configuration.") . "</p>";
 echo "<pre><code class='language-json'>";
 echo json_encode($infos, JSON_PRETTY_PRINT);

diff --git a/src/Telemetry.php b/src/Telemetry.php
@@ -45,15 +45,15 @@ public static function getTypeName($nb = 0)
      *
      * @return array
      */
-    public static function getTelemetryInfos()
+    public static function getTelemetryInfos(bool $hide_sensitive_data = false)
     {
         $data = [
-            'glpi'   => self::grabGlpiInfos(),
+            'glpi'   => self::grabGlpiInfos($hide_sensitive_data),
             'system' => [
-                'db'           => self::grabDbInfos(),
-                'web_server'   => self::grabWebserverInfos(),
-                'php'          => self::grabPhpInfos(),
-                'os'           => self::grabOsInfos()
+                'db'           => self::grabDbInfos($hide_sensitive_data),
+                'web_server'   => self::grabWebserverInfos($hide_sensitive_data),
+                'php'          => self::grabPhpInfos($hide_sensitive_data),
+                'os'           => self::grabOsInfos($hide_sensitive_data)
             ]
         ];
 
@@ -65,14 +65,14 @@ public static function getTelemetryInfos()
      *
      * @return array
      */
-    public static function grabGlpiInfos()
+    public static function grabGlpiInfos(bool $hide_sensitive_data = false)
     {
         /** @var array $CFG_GLPI */
         global $CFG_GLPI;
 
         $glpi = [
-            'uuid'               => self::getInstanceUuid(),
-            'version'            => GLPI_VERSION,
+            'uuid'               => $hide_sensitive_data ? '********' : self::getInstanceUuid(),
+            'version'            => $hide_sensitive_data ? 'x.y.z' : GLPI_VERSION,
             'plugins'            => [],
             'default_language'   => $CFG_GLPI['language'],
             'install_mode'       => GLPI_INSTALL_MODE,
@@ -96,7 +96,7 @@ public static function grabGlpiInfos()
         foreach ($plugins->getList(['directory', 'version']) as $plugin) {
             $glpi['plugins'][] = [
                 'key'       => $plugin['directory'],
-                'version'   => $plugin['version']
+                'version'   => $hide_sensitive_data ? 'x.y.z' : $plugin['version']
             ];
         }
 
@@ -116,7 +116,7 @@ public static function grabGlpiInfos()
      *
      * @return array
      */
-    public static function grabDbInfos()
+    public static function grabDbInfos(bool $hide_sensitive_data = false)
     {
         /** @var \DBmysql $DB */
         global $DB;
@@ -131,7 +131,7 @@ public static function grabDbInfos()
 
         $db = [
             'engine'    => $dbinfos['Server Software'],
-            'version'   => $dbinfos['Server Version'],
+            'version'   => $hide_sensitive_data ? 'x.y.z' : $dbinfos['Server Version'],
             'size'      => $size_res['dbsize'],
             'log_size'  => '',
             'sql_mode'  => $dbinfos['Server SQL Mode']
@@ -147,7 +147,7 @@ public static function grabDbInfos()
      *
      * @return array
      */
-    public static function grabWebserverInfos()
+    public static function grabWebserverInfos(bool $hide_sensitive_data = false)
     {
         /** @var array $CFG_GLPI */
         global $CFG_GLPI;
@@ -186,7 +186,7 @@ public static function grabWebserverInfos()
             ;
             if (preg_match("/^Server: {$server_string_pattern}/im", $headers, $header_matches) === 1) {
                 $server['engine']  = $header_matches['engine'];
-                $server['version'] = $header_matches['version'] ?? null;
+                $server['version'] = $hide_sensitive_data ? 'x.y.z' : ($header_matches['version'] ?? null);
             }
         }
 
@@ -198,10 +198,10 @@ public static function grabWebserverInfos()
      *
      * @return array
      */
-    public static function grabPhpInfos()
+    public static function grabPhpInfos(bool $hide_sensitive_data = false)
     {
         $php = [
-            'version'   => str_replace(PHP_EXTRA_VERSION, '', PHP_VERSION),
+            'version'   => $hide_sensitive_data ? 'x.y.z' : str_replace(PHP_EXTRA_VERSION, '', PHP_VERSION),
             'modules'   => get_loaded_extensions(),
             'setup'     => [
                 'max_execution_time'    => ini_get('max_execution_time'),
@@ -221,7 +221,7 @@ public static function grabPhpInfos()
      *
      * @return array
      */
-    public static function grabOsInfos()
+    public static function grabOsInfos(bool $hide_sensitive_data = false)
     {
         $distro = false;
         if (file_exists('/etc/redhat-release')) {
@@ -230,7 +230,7 @@ public static function grabOsInfos()
         $os = [
             'family'       => php_uname('s'),
             'distribution' => ($distro ?: ''),
-            'version'      => php_uname('r')
+            'version'      => $hide_sensitive_data ? 'x.y.z' : php_uname('r'),
         ];
         return $os;
     }