Allow to provide password to SQL blocks via ID

This is better than having to store the password in plaintext.
Move custom org-password function to db-org
2023-08-17 18:40:59 +02:00 · 2023-08-17 17:06:42 +02:00
2 changed files with 52 additions and 35 deletions
--- a/init.el
+++ b/init.el
@ -773,7 +773,8 @@
             db/org-add-link-to-current-clock
             hydra-org-linking/body
             org-dblock-write:db/org-backlinks
-             db/org-clock-goto-first-open-checkbox))
+             db/org-clock-goto-first-open-checkbox
+             org-password-manager-get-password-by-id))

 (use-package org
  :pin "gnu"
@ -1361,21 +1362,37 @@ point to the beginning of buffer first."
 (use-package ob-sql
  :config (progn

+            ;; XXX: maybe merge this into the advice for `org-babel-execute:sql'?
            (define-advice org-babel-sql-dbstring-oracle (:around
                                                          (orig-fun host port user password database)
                                                          ask-for-password)
              "Ask for PASSWORD if not given, and call ORIG-FUN with arguments afterwards."
              (cond
-               ((not (or (and user database host port)
-                         (and user database)))
-                (user-error "Insufficient login credentials given, aborting"))
-               (password
-                (funcall orig-fun host port user password database))
-               (t
-                (funcall orig-fun
-                         host port user
-                         (password-read (format "Password for %s@%s: " user database))
-                         database))))))
+                ((not (or (and user database host port)
+                          (and user database)))
+                 (user-error "Insufficient login credentials given, aborting"))
+                (password
+                 (funcall orig-fun host port user password database))
+                (t
+                 (funcall orig-fun
+                          host port user
+                          (password-read (format "Password for %s@%s: " user database))
+                          database))))
+
+            (define-advice org-babel-execute:sql (:around
+                                                  (orig-fun body params)
+                                                  retrieve-password-by-function)
+              "Allow to set :dbpassword by an ID of an Org items having the PASSWORD property."
+              (let* ((dbpassword-id (cdr (assq :dbpassword-by-id params)))
+                     (params params))
+                (when dbpassword-id
+                  (setq params (cons (cons :dbpassword
+                                           (let* ((pom (or (org-id-find dbpassword-id 'marker)
+                                                           (user-error "Cannot find ID %s" dbpassword-id))))
+                                             (or (org-entry-get pom "PASSWORD")
+                                                 (user-error "No PASSWORD property at ID %s" dbpassword-id))))
+                                     params)))
+                (funcall orig-fun body params)))))

 ;; Exporting

@ -1999,30 +2016,8 @@ point to the beginning of buffer first."
              epg-gpg-program "gpg"))

 (use-package org-password-manager
-  :commands (org-password-manager-get-password-by-id)
-  :config (progn
-
-            (defun org-password-manager-get-password-by-id (id)
-              "Retrieve password from Org item identified by ID.
-
-The password is assumed to be stored at the PASSWORD property."
-
-              (let ((pom (org-id-find id 'marker)))
-                (unless (markerp pom)
-                  (user-error "Cannot find item with id %s" id))
-
-                (let ((heading (org-entry-get pom "ITEM"))
-                      (pw (org-entry-get pom "PASSWORD")))
-                  (when (null pw)
-                    (user-error "PASSWORD property not set for “%s”" heading))
-
-                  (funcall interprogram-cut-function pw)
-                  (run-at-time org-password-manager-default-password-wait-time
-                               nil
-                               (lambda () (funcall interprogram-cut-function "")))
-                  (message "Password for “%s” securly copied to system clipboard; will be overwritten in %s."
-                           heading
-                           org-password-manager-default-password-wait-time))))))
+  :commands (org-password-manager-get-username
+             org-password-manager-get-password))


 ;; * Appearance
--- a/site-lisp/db-org.el
+++ b/site-lisp/db-org.el
@ -996,6 +996,28 @@ cache if that's in use."
  (when (derived-mode-p 'org-agenda-mode)
    (org-agenda-redo)))

+(defun org-password-manager-get-password-by-id (id)
+  "Retrieve password from Org item identified by ID.
+
+The password is assumed to be stored at the PASSWORD property."
+
+  (let ((pom (org-id-find id 'marker)))
+    (unless (markerp pom)
+      (user-error "Cannot find item with id %s" id))
+
+    (let ((heading (org-entry-get pom "ITEM"))
+          (pw (org-entry-get pom "PASSWORD")))
+      (when (null pw)
+        (user-error "PASSWORD property not set for “%s”" heading))
+
+      (funcall interprogram-cut-function pw)
+      (run-at-time org-password-manager-default-password-wait-time
+                   nil
+                   (lambda () (funcall interprogram-cut-function "")))
+      (message "Password for “%s” securly copied to system clipboard; will be overwritten in %s."
+               heading
+               org-password-manager-default-password-wait-time))))
+

 ;;; Checklist Handling
Author	SHA1	Message	Date
Daniel -	c085dda842	Allow to provide password to SQL blocks via ID This is better than having to store the password in plaintext.	2023-08-17 18:40:59 +02:00
Daniel -	a6324a668d	Move custom org-password function to db-org This is where it belongs, even if there's a warning about free variable referencing.	2023-08-17 17:06:42 +02:00