database/doris
2
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

[enhancement](audit) hide password and other sensitive information in log and audit log (#27115)

Browse Source 
Signed-off-by: nextdreamblue <zxw520blue1@163.com>
This commit is contained in:
xueweizhang
2023-11-24 10:27:30 +08:00
committed by GitHub
parent 0a8e3d2199
commit c24a33c857
9 changed files with 35 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
fe/fe-core/src/main/java/org/apache/doris/analysis/AlterCatalogPropertyStmt.java
View File

@ -47,6 +47,11 @@ public class AlterCatalogPropertyStmt extends AlterCatalogStmt {
@Override
public String toSql() {
return "ALTER CATALOG " + catalogName + " SET PROPERTIES ("
+ new PrintableMap<>(newProperties, "=", true, false, ",") + ")";
+ new PrintableMap<>(newProperties, "=", true, false, true) + ")";
}
@Override
public boolean needAuditEncryption() {
return true;
}
}

7
fe/fe-core/src/main/java/org/apache/doris/analysis/AlterResourceStmt.java
View File

@ -79,7 +79,12 @@ public class AlterResourceStmt extends DdlStmt {
public String toSql() {
StringBuilder sb = new StringBuilder();
sb.append("ALTER RESOURCE '").append(resourceName).append("' ");
sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ", true, false)).append(")");
sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ", true, false, true)).append(")");
return sb.toString();
}
@Override
public boolean needAuditEncryption() {
return true;
}
}

2
fe/fe-core/src/main/java/org/apache/doris/analysis/BrokerLoadStmt.java
View File

@ -117,7 +117,7 @@ public class BrokerLoadStmt extends InsertStmt {
if (properties != null && !properties.isEmpty()) {
sb.append("\nPROPERTIES (");
sb.append(new PrintableMap<>(properties, "=", true, false));
sb.append(new PrintableMap<>(properties, "=", true, false, true));
sb.append(")");
}
return sb.toString();

7
fe/fe-core/src/main/java/org/apache/doris/analysis/CreateCatalogStmt.java
View File

@ -122,9 +122,14 @@ public class CreateCatalogStmt extends DdlStmt {
}
if (properties.size() > 0) {
stringBuilder.append("\nPROPERTIES (\n");
stringBuilder.append(new PrintableMap<>(properties, "=", true, true, false));
stringBuilder.append(new PrintableMap<>(properties, "=", true, true, true));
stringBuilder.append("\n)");
}
return stringBuilder.toString();
}
@Override
public boolean needAuditEncryption() {
return true;
}
}

5
fe/fe-core/src/main/java/org/apache/doris/analysis/CreateRepositoryStmt.java
View File

@ -95,4 +95,9 @@ public class CreateRepositoryStmt extends DdlStmt {
sb.append("REPOSITORY `").append(name).append("` WITH ").append(storage.toSql());
return sb.toString();
}
@Override
public boolean needAuditEncryption() {
return true;
}
}

7
fe/fe-core/src/main/java/org/apache/doris/analysis/CreateResourceStmt.java
View File

@ -108,7 +108,12 @@ public class CreateResourceStmt extends DdlStmt {
sb.append("EXTERNAL ");
}
sb.append("RESOURCE '").append(resourceName).append("' ");
sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ", true, false)).append(")");
sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ", true, false, true)).append(")");
return sb.toString();
}
@Override
public boolean needAuditEncryption() {
return true;
}
}

2
fe/fe-core/src/main/java/org/apache/doris/analysis/StorageBackend.java
View File

@ -132,7 +132,7 @@ public class StorageBackend implements ParseNode {
sb.append(" `").append(storageDesc.getName()).append("`");
}
sb.append(" ON LOCATION ").append(location).append(" PROPERTIES(")
.append(new PrintableMap<>(storageDesc.getProperties(), " = ", true, false))
.append(new PrintableMap<>(storageDesc.getProperties(), " = ", true, false, true))
.append(")");
return sb.toString();
}

2
fe/fe-core/src/main/java/org/apache/doris/backup/Repository.java
View File

@ -692,7 +692,7 @@ public class Repository implements Writable {
stmtBuilder.append("\nPROPERTIES\n(");
stmtBuilder.append(new PrintableMap<>(this.getRemoteFileSystem().getProperties(), " = ",
true, true));
true, true, true));
stmtBuilder.append("\n)");
return stmtBuilder.toString();
}

5
fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
View File

@ -3370,7 +3370,7 @@ public class Env {
sb.append("\nPROPERTIES (\n");
sb.append("\"database\" = \"").append(hiveTable.getHiveDb()).append("\",\n");
sb.append("\"table\" = \"").append(hiveTable.getHiveTable()).append("\",\n");
sb.append(new PrintableMap<>(hiveTable.getHiveProperties(), " = ", true, true, false).toString());
sb.append(new PrintableMap<>(hiveTable.getHiveProperties(), " = ", true, true, hidePassword).toString());
sb.append("\n)");
} else if (table.getType() == TableType.ICEBERG) {
IcebergTable icebergTable = (IcebergTable) table;
@ -3381,7 +3381,8 @@ public class Env {
sb.append("\nPROPERTIES (\n");
sb.append("\"iceberg.database\" = \"").append(icebergTable.getIcebergDb()).append("\",\n");
sb.append("\"iceberg.table\" = \"").append(icebergTable.getIcebergTbl()).append("\",\n");
sb.append(new PrintableMap<>(icebergTable.getIcebergProperties(), " = ", true, true, false).toString());
sb.append(new PrintableMap<>(icebergTable.getIcebergProperties(),
" = ", true, true, hidePassword).toString());
sb.append("\n)");
} else if (table.getType() == TableType.JDBC) {
JdbcTable jdbcTable = (JdbcTable) table;