From 4cc5ff1836e40bd6a57337e6f9406488dc23d11d Mon Sep 17 00:00:00 2001
From: Lynwee Hou <linwei.hou@merico.dev>
Date: Tue, 21 Nov 2023 17:33:09 +0800
Subject: [PATCH] feat(plugin): remove sensitive token from other
 plugins(except AzureDevops)

---
 .../api/ds_connection_api_helper.go           |  1 +
 .../pluginhelper/api/model_api_helper.go      | 30 +++++++++++--------
 backend/plugins/ae/api/connection.go          | 18 ++++++++---
 backend/plugins/ae/models/connection.go       |  5 ++++
 backend/plugins/bamboo/api/connection.go      | 17 ++++++++---
 backend/plugins/bamboo/models/connection.go   |  5 ++++
 backend/plugins/bitbucket/api/connection.go   | 18 ++++++++---
 .../plugins/bitbucket/models/connection.go    |  5 ++++
 backend/plugins/circleci/api/connection.go    | 18 ++++++++---
 backend/plugins/circleci/models/connection.go |  5 ++++
 backend/plugins/feishu/api/connection.go      | 19 ++++++++----
 backend/plugins/feishu/models/connection.go   |  5 ++++
 backend/plugins/gitee/api/connection.go       | 19 ++++++++----
 backend/plugins/gitee/models/connection.go    |  5 ++++
 backend/plugins/jenkins/api/connection.go     | 18 ++++++++---
 backend/plugins/jenkins/models/connection.go  |  5 ++++
 backend/plugins/jira/api/connection.go        | 18 ++++++++---
 backend/plugins/jira/models/connection.go     |  5 ++++
 backend/plugins/pagerduty/api/connection.go   | 18 +++++++----
 .../plugins/pagerduty/models/connection.go    |  5 ++++
 backend/plugins/slack/api/connection.go       | 19 ++++++++----
 backend/plugins/slack/models/connection.go    |  5 ++++
 backend/plugins/sonarqube/api/connection.go   | 18 ++++++++---
 .../plugins/sonarqube/models/connection.go    |  5 ++++
 backend/plugins/tapd/api/connection.go        | 16 +++++++---
 backend/plugins/tapd/models/connection.go     |  5 ++++
 backend/plugins/teambition/api/connection.go  | 18 ++++++++---
 .../plugins/teambition/models/connection.go   |  5 ++++
 backend/plugins/trello/api/connection.go      | 18 ++++++++---
 backend/plugins/trello/models/connection.go   |  5 ++++
 backend/plugins/zentao/api/connection.go      | 17 ++++++++---
 backend/plugins/zentao/models/connection.go   | 21 +++++++++++++
 32 files changed, 315 insertions(+), 76 deletions(-)

diff --git a/backend/helpers/pluginhelper/api/ds_connection_api_helper.go b/backend/helpers/pluginhelper/api/ds_connection_api_helper.go
index 25b1a1b3348..75ee7060200 100644
--- a/backend/helpers/pluginhelper/api/ds_connection_api_helper.go
+++ b/backend/helpers/pluginhelper/api/ds_connection_api_helper.go
@@ -61,6 +61,7 @@ func (connApi *DsConnectionApiHelper[C, S, SC]) Delete(input *plugin.ApiResource
 			Data:    refs,
 		}, Status: err.GetType().GetHttpCode()}, nil
 	}
+	conn = connApi.executeCleanUp(conn)
 	return &plugin.ApiResourceOutput{
 		Body: conn,
 	}, nil
diff --git a/backend/helpers/pluginhelper/api/model_api_helper.go b/backend/helpers/pluginhelper/api/model_api_helper.go
index 63acc6cc671..26366b0d44c 100644
--- a/backend/helpers/pluginhelper/api/model_api_helper.go
+++ b/backend/helpers/pluginhelper/api/model_api_helper.go
@@ -104,15 +104,28 @@ func (self *ModelApiHelper[M]) GetDetail(input *plugin.ApiResourceInput) (*plugi
 	if err != nil {
 		return nil, err
 	}
+	model = self.executeCleanUp(model)
+	return &plugin.ApiResourceOutput{
+		Body: model,
+	}, nil
+}
+
+func (self *ModelApiHelper[M]) executeCleanUp(model *M) *M {
 	if self.cleanUp != nil {
 		for _, clean := range self.cleanUp {
 			cleanedModel := clean(*model)
 			model = &cleanedModel
 		}
 	}
-	return &plugin.ApiResourceOutput{
-		Body: model,
-	}, nil
+	return model
+}
+
+func (self *ModelApiHelper[M]) executeCleanUps(models []*M) []*M {
+	for idx, m := range models {
+		model := *m
+		models[idx] = self.executeCleanUp(&model)
+	}
+	return models
 }
 
 func (self *ModelApiHelper[M]) Patch(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
@@ -128,6 +141,7 @@ func (self *ModelApiHelper[M]) Patch(input *plugin.ApiResourceInput) (*plugin.Ap
 	if err != nil {
 		return nil, err
 	}
+	model = self.executeCleanUp(model)
 	return &plugin.ApiResourceOutput{
 		Body: model,
 	}, nil
@@ -149,15 +163,7 @@ func (self *ModelApiHelper[M]) Delete(input *plugin.ApiResourceInput) (*plugin.A
 
 func (self *ModelApiHelper[M]) GetAll(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	all, err := self.dalHelper.GetAll()
-	if self.cleanUp != nil {
-		for idx, m := range all {
-			model := *m
-			for _, clean := range self.cleanUp {
-				model = clean(model)
-			}
-			all[idx] = &model
-		}
-	}
+	all = self.executeCleanUps(all)
 	return &plugin.ApiResourceOutput{
 		Body: all,
 	}, err
diff --git a/backend/plugins/ae/api/connection.go b/backend/plugins/ae/api/connection.go
index 20287e0ed93..0e18b9cf5a6 100644
--- a/backend/plugins/ae/api/connection.go
+++ b/backend/plugins/ae/api/connection.go
@@ -80,7 +80,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary get all ae connections
@@ -96,6 +96,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -109,7 +112,7 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.AeConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
 
 // @Summary patch ae connection
@@ -126,7 +129,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary delete a ae connection
@@ -138,5 +141,12 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/ae/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.AeConnection{}, input)
+	conn := &models.AeConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
diff --git a/backend/plugins/ae/models/connection.go b/backend/plugins/ae/models/connection.go
index 7196d4fee83..64fa510083b 100644
--- a/backend/plugins/ae/models/connection.go
+++ b/backend/plugins/ae/models/connection.go
@@ -65,6 +65,11 @@ func (AeConnection) TableName() string {
 	return "_tool_ae_connections"
 }
 
+func (connection AeConnection) CleanUp() AeConnection {
+	connection.AeAppKey.SecretKey = ""
+	return connection
+}
+
 func signRequest(query url.Values, appId, secretKey, nonceStr, timestamp string) string {
 	// clone query because we need to add items
 	kvs := make([]string, 0, len(query)+3)
diff --git a/backend/plugins/bamboo/api/connection.go b/backend/plugins/bamboo/api/connection.go
index 91df4cefed0..7fe68568a24 100644
--- a/backend/plugins/bamboo/api/connection.go
+++ b/backend/plugins/bamboo/api/connection.go
@@ -82,7 +82,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch bamboo connection
@@ -100,7 +100,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // @Summary delete a bamboo connection
@@ -113,7 +113,13 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internel Error"
 // @Router /plugins/bamboo/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.BambooConnection{}, input)
+	conn := &models.BambooConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
 }
 
 // @Summary get all bamboo connections
@@ -129,6 +135,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -143,5 +152,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.BambooConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/bamboo/models/connection.go b/backend/plugins/bamboo/models/connection.go
index fa0fceae1ea..dbbdd76c891 100644
--- a/backend/plugins/bamboo/models/connection.go
+++ b/backend/plugins/bamboo/models/connection.go
@@ -36,6 +36,11 @@ type BambooConnection struct {
 	BambooConn         `mapstructure:",squash"`
 }
 
+func (connection BambooConnection) CleanUp() BambooConnection {
+	connection.Password = ""
+	return connection
+}
+
 // TODO Please modify the following code to fit your needs
 // This object conforms to what the frontend currently sends.
 type BambooConn struct {
diff --git a/backend/plugins/bitbucket/api/connection.go b/backend/plugins/bitbucket/api/connection.go
index 4d88ba7c257..bac827d34e0 100644
--- a/backend/plugins/bitbucket/api/connection.go
+++ b/backend/plugins/bitbucket/api/connection.go
@@ -89,7 +89,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch bitbucket connection
@@ -106,7 +106,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // @Summary delete a bitbucket connection
@@ -118,7 +118,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/bitbucket/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.BitbucketConnection{}, input)
+	conn := &models.BitbucketConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // @Summary get all bitbucket connections
@@ -134,6 +141,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -147,5 +157,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.BitbucketConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/bitbucket/models/connection.go b/backend/plugins/bitbucket/models/connection.go
index 9db3befc5cb..f227c068801 100644
--- a/backend/plugins/bitbucket/models/connection.go
+++ b/backend/plugins/bitbucket/models/connection.go
@@ -39,3 +39,8 @@ type BitbucketConnection struct {
 func (BitbucketConnection) TableName() string {
 	return "_tool_bitbucket_connections"
 }
+
+func (connection BitbucketConnection) CleanUp() BitbucketConnection {
+	connection.Password = ""
+	return connection
+}
diff --git a/backend/plugins/circleci/api/connection.go b/backend/plugins/circleci/api/connection.go
index 1f851cccc78..df09ef6ccef 100644
--- a/backend/plugins/circleci/api/connection.go
+++ b/backend/plugins/circleci/api/connection.go
@@ -86,7 +86,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // PatchConnection @Summary patch circleci connection
@@ -103,7 +103,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // DeleteConnection @Summary delete a circleci connection
@@ -114,7 +114,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/circleci/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.CircleciConnection{}, input)
+	conn := &models.CircleciConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // ListConnections @Summary get all circleci connections
@@ -130,6 +137,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -143,5 +153,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.CircleciConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/circleci/models/connection.go b/backend/plugins/circleci/models/connection.go
index b1ae0544a10..b81b0f31c3b 100644
--- a/backend/plugins/circleci/models/connection.go
+++ b/backend/plugins/circleci/models/connection.go
@@ -43,3 +43,8 @@ func (cc *CircleciConn) SetupAuthentication(req *http.Request) errors.Error {
 func (CircleciConnection) TableName() string {
 	return "_tool_circleci_connections"
 }
+
+func (connection CircleciConnection) CleanUp() CircleciConnection {
+	connection.Token = ""
+	return connection
+}
diff --git a/backend/plugins/feishu/api/connection.go b/backend/plugins/feishu/api/connection.go
index 141b14c5b7d..3de34af21c7 100644
--- a/backend/plugins/feishu/api/connection.go
+++ b/backend/plugins/feishu/api/connection.go
@@ -76,7 +76,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch feishu connection
@@ -93,7 +93,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary delete a feishu connection
@@ -105,7 +105,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/feishu/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.FeishuConnection{}, input)
+	conn := &models.FeishuConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // @Summary get all feishu connections
@@ -121,7 +128,9 @@ func ListConnections(_ *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, err
 	if err != nil {
 		return nil, err
 	}
-
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections}, nil
 }
 
@@ -138,5 +147,5 @@ func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, e
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/feishu/models/connection.go b/backend/plugins/feishu/models/connection.go
index 2ad8988bcd1..7fd88e0f4b0 100644
--- a/backend/plugins/feishu/models/connection.go
+++ b/backend/plugins/feishu/models/connection.go
@@ -71,3 +71,8 @@ type FeishuConnection struct {
 func (FeishuConnection) TableName() string {
 	return "_tool_feishu_connections"
 }
+
+func (connection FeishuConnection) CleanUp() FeishuConnection {
+	connection.SecretKey = ""
+	return connection
+}
diff --git a/backend/plugins/gitee/api/connection.go b/backend/plugins/gitee/api/connection.go
index db926bce88d..7c35613e21d 100644
--- a/backend/plugins/gitee/api/connection.go
+++ b/backend/plugins/gitee/api/connection.go
@@ -92,7 +92,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch gitee connection
@@ -109,7 +109,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary delete a gitee connection
@@ -121,7 +121,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/gitee/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.GiteeConnection{}, input)
+	conn := &models.GiteeConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // @Summary get all gitee connections
@@ -137,7 +144,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections}, nil
 }
 
@@ -151,5 +160,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.GiteeConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/gitee/models/connection.go b/backend/plugins/gitee/models/connection.go
index fc94a74876c..cf6f950e9c4 100644
--- a/backend/plugins/gitee/models/connection.go
+++ b/backend/plugins/gitee/models/connection.go
@@ -67,3 +67,8 @@ type GiteeScopeConfig struct {
 func (GiteeConnection) TableName() string {
 	return "_tool_gitee_connections"
 }
+
+func (connection GiteeConnection) CleanUp() GiteeConnection {
+	connection.Token = ""
+	return connection
+}
diff --git a/backend/plugins/jenkins/api/connection.go b/backend/plugins/jenkins/api/connection.go
index ac4f9069320..bf4045959d6 100644
--- a/backend/plugins/jenkins/api/connection.go
+++ b/backend/plugins/jenkins/api/connection.go
@@ -97,7 +97,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch jenkins connection
@@ -115,7 +115,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 		return nil, err
 	}
 
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // @Summary delete a jenkins connection
@@ -127,7 +127,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/jenkins/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.JenkinsConnection{}, input)
+	conn := &models.JenkinsConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // @Summary get all jenkins connections
@@ -144,6 +151,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 		return nil, err
 	}
 
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -160,5 +170,5 @@ func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, e
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/jenkins/models/connection.go b/backend/plugins/jenkins/models/connection.go
index 0967ebb79e1..e446392903a 100644
--- a/backend/plugins/jenkins/models/connection.go
+++ b/backend/plugins/jenkins/models/connection.go
@@ -36,3 +36,8 @@ type JenkinsConnection struct {
 func (JenkinsConnection) TableName() string {
 	return "_tool_jenkins_connections"
 }
+
+func (connection JenkinsConnection) CleanUp() JenkinsConnection {
+	connection.Password = ""
+	return connection
+}
diff --git a/backend/plugins/jira/api/connection.go b/backend/plugins/jira/api/connection.go
index 6720afd131b..6387af202eb 100644
--- a/backend/plugins/jira/api/connection.go
+++ b/backend/plugins/jira/api/connection.go
@@ -143,7 +143,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch jira connection
@@ -160,7 +160,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // @Summary delete a jira connection
@@ -172,7 +172,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/jira/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.JiraConnection{}, input)
+	conn := &models.JiraConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // @Summary get all jira connections
@@ -188,6 +195,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -204,5 +214,5 @@ func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, e
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/jira/models/connection.go b/backend/plugins/jira/models/connection.go
index 8e79a0aeee7..9b0efe996db 100644
--- a/backend/plugins/jira/models/connection.go
+++ b/backend/plugins/jira/models/connection.go
@@ -59,3 +59,8 @@ type JiraConnection struct {
 func (JiraConnection) TableName() string {
 	return "_tool_jira_connections"
 }
+
+func (connection JiraConnection) CleanUp() JiraConnection {
+	connection.Password = ""
+	return connection
+}
diff --git a/backend/plugins/pagerduty/api/connection.go b/backend/plugins/pagerduty/api/connection.go
index 54e9ca90016..1884c9fe31d 100644
--- a/backend/plugins/pagerduty/api/connection.go
+++ b/backend/plugins/pagerduty/api/connection.go
@@ -74,7 +74,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch pagerduty connection
@@ -91,7 +91,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary delete pagerduty connection
@@ -103,7 +103,13 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/pagerduty/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.PagerDutyConnection{}, input)
+	conn := &models.PagerDutyConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
 }
 
 // @Summary list pagerduty connections
@@ -119,7 +125,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections}, nil
 }
 
@@ -136,5 +144,5 @@ func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, e
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
diff --git a/backend/plugins/pagerduty/models/connection.go b/backend/plugins/pagerduty/models/connection.go
index 3d18839f1a5..406bda701f9 100644
--- a/backend/plugins/pagerduty/models/connection.go
+++ b/backend/plugins/pagerduty/models/connection.go
@@ -62,3 +62,8 @@ type ApiUserResponse struct {
 func (PagerDutyConnection) TableName() string {
 	return "_tool_pagerduty_connections"
 }
+
+func (connection PagerDutyConnection) CleanUp() PagerDutyConnection {
+	connection.Token = ""
+	return connection
+}
diff --git a/backend/plugins/slack/api/connection.go b/backend/plugins/slack/api/connection.go
index 620230e7b89..9f43c5a265e 100644
--- a/backend/plugins/slack/api/connection.go
+++ b/backend/plugins/slack/api/connection.go
@@ -76,7 +76,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch slack connection
@@ -93,7 +93,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary delete a slack connection
@@ -105,7 +105,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/slack/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.SlackConnection{}, input)
+	conn := &models.SlackConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // @Summary get all slack connections
@@ -121,7 +128,9 @@ func ListConnections(_ *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, err
 	if err != nil {
 		return nil, err
 	}
-
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections}, nil
 }
 
@@ -138,5 +147,5 @@ func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, e
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/slack/models/connection.go b/backend/plugins/slack/models/connection.go
index 89182e35bf0..28d76ecb38e 100644
--- a/backend/plugins/slack/models/connection.go
+++ b/backend/plugins/slack/models/connection.go
@@ -36,3 +36,8 @@ type SlackConnection struct {
 func (SlackConnection) TableName() string {
 	return "_tool_slack_connections"
 }
+
+func (connection SlackConnection) CleanUp() SlackConnection {
+	connection.Token = ""
+	return connection
+}
diff --git a/backend/plugins/sonarqube/api/connection.go b/backend/plugins/sonarqube/api/connection.go
index f34d894627c..a015bd8e971 100644
--- a/backend/plugins/sonarqube/api/connection.go
+++ b/backend/plugins/sonarqube/api/connection.go
@@ -99,7 +99,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // PatchConnection patch sonarqube connection
@@ -118,7 +118,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // DeleteConnection delete a sonarqube connection
@@ -132,7 +132,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/sonarqube/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.SonarqubeConnection{}, input)
+	conn := &models.SonarqubeConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // ListConnections get all sonarqube connections
@@ -149,6 +156,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -164,5 +174,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.SonarqubeConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/sonarqube/models/connection.go b/backend/plugins/sonarqube/models/connection.go
index 3b8cd3125f1..5d1fcd9b350 100644
--- a/backend/plugins/sonarqube/models/connection.go
+++ b/backend/plugins/sonarqube/models/connection.go
@@ -66,3 +66,8 @@ type SonarqubeResponse struct {
 func (SonarqubeConnection) TableName() string {
 	return "_tool_sonarqube_connections"
 }
+
+func (connection SonarqubeConnection) CleanUp() SonarqubeConnection {
+	connection.Token = ""
+	return connection
+}
diff --git a/backend/plugins/tapd/api/connection.go b/backend/plugins/tapd/api/connection.go
index ea2cb946f03..39625bf5e33 100644
--- a/backend/plugins/tapd/api/connection.go
+++ b/backend/plugins/tapd/api/connection.go
@@ -93,7 +93,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 		return nil, err
 	}
 
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch tapd connection
@@ -111,7 +111,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 		return nil, err
 	}
 
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // @Summary delete a tapd connection
@@ -123,7 +123,13 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/tapd/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.TapdConnection{}, input)
+	conn := &models.TapdConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
 }
 
 // @Summary get all tapd connections
@@ -139,7 +145,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
diff --git a/backend/plugins/tapd/models/connection.go b/backend/plugins/tapd/models/connection.go
index 5a13a9c9ef7..9f2b00625f9 100644
--- a/backend/plugins/tapd/models/connection.go
+++ b/backend/plugins/tapd/models/connection.go
@@ -36,3 +36,8 @@ type TapdConnection struct {
 func (TapdConnection) TableName() string {
 	return "_tool_tapd_connections"
 }
+
+func (connection TapdConnection) CleanUp() TapdConnection {
+	connection.Password = ""
+	return connection
+}
diff --git a/backend/plugins/teambition/api/connection.go b/backend/plugins/teambition/api/connection.go
index 142ac7fe854..bc096d3932c 100644
--- a/backend/plugins/teambition/api/connection.go
+++ b/backend/plugins/teambition/api/connection.go
@@ -103,7 +103,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // PatchConnection @Summary patch teambition connection
@@ -120,7 +120,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // DeleteConnection @Summary delete a teambition connection
@@ -132,7 +132,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/teambition/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.TeambitionConnection{}, input)
+	conn := &models.TeambitionConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // ListConnections @Summary get all teambition connections
@@ -148,6 +155,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -161,5 +171,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.TeambitionConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/teambition/models/connection.go b/backend/plugins/teambition/models/connection.go
index b50d4d13b2c..31023563702 100644
--- a/backend/plugins/teambition/models/connection.go
+++ b/backend/plugins/teambition/models/connection.go
@@ -40,6 +40,11 @@ type TeambitionConnection struct {
 	TeambitionConn        `mapstructure:",squash"`
 }
 
+func (connection TeambitionConnection) CleanUp() TeambitionConnection {
+	connection.SecretKey = ""
+	return connection
+}
+
 func (tc *TeambitionConn) SetupAuthentication(req *http.Request) errors.Error {
 	token := jwt.New(jwt.SigningMethodHS256)
 	claims := make(jwt.MapClaims)
diff --git a/backend/plugins/trello/api/connection.go b/backend/plugins/trello/api/connection.go
index 6e47761128e..cd40b50bc51 100644
--- a/backend/plugins/trello/api/connection.go
+++ b/backend/plugins/trello/api/connection.go
@@ -89,7 +89,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch trello connection
@@ -106,7 +106,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // @Summary delete a trello connection
@@ -118,7 +118,14 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/trello/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.TrelloConnection{}, input)
+	conn := &models.TrelloConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
+
 }
 
 // @Summary get all trello connections
@@ -134,6 +141,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -147,5 +157,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.TrelloConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/trello/models/connection.go b/backend/plugins/trello/models/connection.go
index 92fc5915544..823d0f0fae5 100644
--- a/backend/plugins/trello/models/connection.go
+++ b/backend/plugins/trello/models/connection.go
@@ -36,6 +36,11 @@ type TrelloConnection struct {
 	TrelloConn            `mapstructure:",squash"`
 }
 
+func (connection TrelloConnection) CleanUp() TrelloConnection {
+	connection.SecretKey = ""
+	return connection
+}
+
 // SetupAuthentication sets up the HTTP Request Authentication
 func (tc *TrelloConn) SetupAuthentication(req *http.Request) errors.Error {
 	req.Header.Set("Authorization", fmt.Sprintf("OAuth oauth_consumer_key=\"%s\", oauth_token=\"%s\"", tc.AppId, tc.SecretKey))
diff --git a/backend/plugins/zentao/api/connection.go b/backend/plugins/zentao/api/connection.go
index 8bc9fee0413..124b326155f 100644
--- a/backend/plugins/zentao/api/connection.go
+++ b/backend/plugins/zentao/api/connection.go
@@ -97,7 +97,7 @@ func PostConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection, Status: http.StatusOK}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp(), Status: http.StatusOK}, nil
 }
 
 // @Summary patch zentao connection
@@ -114,7 +114,7 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
-	return &plugin.ApiResourceOutput{Body: connection}, nil
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, nil
 }
 
 // @Summary delete a zentao connection
@@ -126,7 +126,13 @@ func PatchConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 // @Failure 500  {string} errcode.Error "Internal Error"
 // @Router /plugins/zentao/connections/{connectionId} [DELETE]
 func DeleteConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
-	return connectionHelper.Delete(&models.ZentaoConnection{}, input)
+	conn := &models.ZentaoConnection{}
+	output, err := connectionHelper.Delete(conn, input)
+	if err != nil {
+		return output, err
+	}
+	output.Body = conn.CleanUp()
+	return output, nil
 }
 
 // @Summary get all zentao connections
@@ -142,6 +148,9 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 	if err != nil {
 		return nil, err
 	}
+	for idx, c := range connections {
+		connections[idx] = c.CleanUp()
+	}
 	return &plugin.ApiResourceOutput{Body: connections, Status: http.StatusOK}, nil
 }
 
@@ -155,5 +164,5 @@ func ListConnections(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
 func GetConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput, errors.Error) {
 	connection := &models.ZentaoConnection{}
 	err := connectionHelper.First(connection, input.Params)
-	return &plugin.ApiResourceOutput{Body: connection}, err
+	return &plugin.ApiResourceOutput{Body: connection.CleanUp()}, err
 }
diff --git a/backend/plugins/zentao/models/connection.go b/backend/plugins/zentao/models/connection.go
index 09c28cef662..8fd5b03e365 100644
--- a/backend/plugins/zentao/models/connection.go
+++ b/backend/plugins/zentao/models/connection.go
@@ -20,6 +20,7 @@ package models
 import (
 	"fmt"
 	"net/http"
+	"strings"
 
 	"github.com/apache/incubator-devlake/core/errors"
 	helper "github.com/apache/incubator-devlake/helpers/pluginhelper/api"
@@ -73,6 +74,26 @@ type ZentaoConnection struct {
 	ZentaoConn            `mapstructure:",squash"`
 }
 
+func (connection ZentaoConnection) SecretDbUrl() string {
+	if connection.DbUrl == "" {
+		return connection.DbUrl
+	}
+	dbUrl := connection.DbUrl
+	if strings.HasPrefix(dbUrl, "mysql") {
+		// fixme
+		dbUrl = ""
+	}
+	return dbUrl
+}
+
+func (connection ZentaoConnection) CleanUp() ZentaoConnection {
+	connection.Password = ""
+	if connection.DbUrl != "" {
+		connection.DbUrl = connection.SecretDbUrl()
+	}
+	return connection
+}
+
 // This object conforms to what the frontend currently expects.
 type ZentaoResponse struct {
 	Name string `json:"name"`