entry: Do not set protected=True on setters

Setting a property would call _set_string_field which by default would set the protected status of the attribute as "True". In order to verify in tests if a property is protected we add a private method _is_property_protected which shares the code with is_custom_property_protected. Fixes: #376
libkeepass · Mar 6, 2024 · ed311e7 · ed311e7
1 parent 769ee25
commit ed311e7
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 3 deletions.
diff --git a/pykeepass/entry.py b/pykeepass/entry.py
@@ -92,7 +92,7 @@ def _get_string_field(self, key):
         if field is not None:
             return field.text
 
-    def _set_string_field(self, key, value, protected=True):
+    def _set_string_field(self, key, value, protected=False):
         """Create or overwrite a string field in an Entry
 
         Args:
@@ -183,7 +183,7 @@ def password(self):
 
     @password.setter
     def password(self, value):
-        return self._set_string_field('Password', value)
+        return self._set_string_field('Password', value, protected=True)
 
     @property
     def url(self):
@@ -231,7 +231,7 @@ def otp(self):
 
     @otp.setter
     def otp(self, value):
-        return self._set_string_field('otp', value)
+        return self._set_string_field('otp', value, protected=True)
 
     @property
     def history(self):
@@ -338,6 +338,10 @@ def is_custom_property_protected(self, key):
 
         """
         assert key not in reserved_keys, '{} is a reserved key'.format(key)
+        return self._is_property_protected(key)
+
+    def _is_property_protected(self, key):
+        """Whether a property is protected."""
         field = self._xpath('String/Key[text()="{}"]/../Value'.format(key), first=True)
         if field is not None:
             return field.attrib.get("Protected", "False") == "True"

diff --git a/tests/tests.py b/tests/tests.py
@@ -1023,6 +1023,25 @@ def test_issue344(self):
         e._element.xpath('Times/ExpiryTime')[0].text = None
         self.assertEqual(e.expiry_time, None)
 
+    def test_issue376(self):
+        # Setting the properties of an entry should not change the Protected
+        # property
+        subgroup = self.kp.root_group
+        e = self.kp.add_entry(subgroup, 'banana_entry', 'user', 'pass')
+
+        self.assertEqual(e._is_property_protected('Password'), True)
+        self.assertEqual(e._is_property_protected('Title'), False)
+        self.assertEqual(e.otp, None)
+        self.assertEqual(e._is_property_protected('otp'), False)
+
+        e.title = 'pineapple'
+        e.password = 'pizza'
+        e.otp = 'aa'
+
+        self.assertEqual(e._is_property_protected('Password'), True)
+        self.assertEqual(e._is_property_protected('Title'), False)
+        self.assertEqual(e._is_property_protected('otp'), True)
+
 class EntryFindTests4(KDBX4Tests, EntryFindTests3):
     pass