fix(client-ui): resolve Medium code-review finding (Client.UI-007)

Remove Password from UserSettings and stop writing it to settings.json; the operator is re-prompted on each launch. Update LoadSettings/SaveSettings comments and adjust the affected test assertion to verify the password is not restored from the persisted model. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-22 07:28:12 -04:00
parent 08f000069c
commit bdc1f96b5b
3 changed files with 4 additions and 9 deletions
--- a/src/Client/ZB.MOM.WW.OtOpcUa.Client.UI/Services/UserSettings.cs
+++ b/src/Client/ZB.MOM.WW.OtOpcUa.Client.UI/Services/UserSettings.cs
@@ -17,11 +17,6 @@ public sealed class UserSettings
    /// </summary>
    public string? Username { get; set; }

-    /// <summary>
-    /// Gets or sets the persisted password for authenticated sessions.
-    /// </summary>
-    public string? Password { get; set; }
-
    /// <summary>
    /// Gets or sets the transport security mode selected by the user.
    /// </summary>
--- a/src/Client/ZB.MOM.WW.OtOpcUa.Client.UI/ViewModels/MainWindowViewModel.cs
+++ b/src/Client/ZB.MOM.WW.OtOpcUa.Client.UI/ViewModels/MainWindowViewModel.cs
@@ -380,7 +380,7 @@ public partial class MainWindowViewModel : ObservableObject
        var s = _settingsService.Load();
        EndpointUrl = s.EndpointUrl;
        Username = s.Username;
-        Password = s.Password;
+        // Password is intentionally not persisted (security: re-prompt each launch)
        SelectedSecurityMode = s.SecurityMode;
        FailoverUrls = s.FailoverUrls;
        SessionTimeoutSeconds = s.SessionTimeoutSeconds;
@@ -400,7 +400,7 @@ public partial class MainWindowViewModel : ObservableObject
        {
            EndpointUrl = EndpointUrl,
            Username = Username,
-            Password = Password,
+            // Password is intentionally not persisted (security: re-prompt each launch)
            SecurityMode = SelectedSecurityMode,
            FailoverUrls = FailoverUrls,
            SessionTimeoutSeconds = SessionTimeoutSeconds,
--- a/tests/Client/ZB.MOM.WW.OtOpcUa.Client.UI.Tests/MainWindowViewModelTests.cs
+++ b/tests/Client/ZB.MOM.WW.OtOpcUa.Client.UI.Tests/MainWindowViewModelTests.cs
@@ -438,7 +438,6 @@ public class MainWindowViewModelTests
        {
            EndpointUrl = "opc.tcp://saved:5555",
            Username = "savedUser",
-            Password = "savedPass",
            SecurityMode = SecurityMode.Sign,
            FailoverUrls = "opc.tcp://backup:5555",
            SessionTimeoutSeconds = 120,
@@ -458,7 +457,8 @@ public class MainWindowViewModelTests

        vm.EndpointUrl.ShouldBe("opc.tcp://saved:5555");
        vm.Username.ShouldBe("savedUser");
-        vm.Password.ShouldBe("savedPass");
+        // Password is intentionally not persisted: re-prompt each launch
+        vm.Password.ShouldBeNull();
        vm.SelectedSecurityMode.ShouldBe(SecurityMode.Sign);
        vm.FailoverUrls.ShouldBe("opc.tcp://backup:5555");
        vm.SessionTimeoutSeconds.ShouldBe(120);