monoadmin/the-other-dude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove unreachable kms_service import in notification_service

Browse Source 
kms_service.py does not exist and Transit encryption was never
implemented for SMTP passwords, making the decrypt_transit code path
unreachable. Remove it entirely and leave only the Fernet fallback.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jason Staack
2026-03-15 23:15:39 -05:00
parent 0adcb52efc
commit 091c19c434
1 changed files with 2 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
backend/app/services/notification_service.py
View File

@@ -93,23 +93,11 @@ async def _send_email(channel: dict, alert_event: dict, device_hostname: str) ->
f"Threshold: {threshold}\n" f"Threshold: {threshold}\n"
) )
# Decrypt SMTP password (Transit first, then legacy Fernet) # Decrypt SMTP password (Fernet)
smtp_password = None smtp_password = None
transit_cipher = channel.get("smtp_password_transit")
legacy_cipher = channel.get("smtp_password") legacy_cipher = channel.get("smtp_password")
tenant_id = channel.get("tenant_id")
if transit_cipher and tenant_id: if legacy_cipher:
try:
from app.services.kms_service import decrypt_transit
smtp_password = await decrypt_transit(transit_cipher, tenant_id)
except Exception:
logger.warning(
"Transit decryption failed for channel %s, trying legacy", channel.get("id")
)
if not smtp_password and legacy_cipher:
try: try:
from app.config import settings as app_settings from app.config import settings as app_settings
from cryptography.fernet import Fernet from cryptography.fernet import Fernet