Re: [PR] [Enhancement][API]Enhancement mysql connection properties [dolphinscheduler]

Thu, 04 Jan 2024 18:37:14 -0800 


zhongjiajie commented on code in PR #15430:
URL: 
https://github.com/apache/dolphinscheduler/pull/15430#discussion_r1442447272


##########
dolphinscheduler-datasource-plugin/dolphinscheduler-datasource-mysql/src/main/java/org/apache/dolphinscheduler/plugin/datasource/mysql/param/MySQLDataSourceProcessor.java:
##########
@@ -139,7 +132,32 @@ public Connection getConnection(ConnectionParam 
connectionParam) throws ClassNot
             log.warn("sensitive param : {} in password field is filtered", 
AUTO_DESERIALIZE);
             password = password.replace(AUTO_DESERIALIZE, "");
         }
-        return DriverManager.getConnection(getJdbcUrl(connectionParam), user, 
password);
+
+        Properties connectionProperties = 
getConnectionProperties(mysqlConnectionParam, user, password);
+
+        return DriverManager.getConnection(getJdbcUrl(connectionParam), 
connectionProperties);
+    }
+
+    @NotNull
+    private Properties getConnectionProperties(MySQLConnectionParam 
mysqlConnectionParam, String user,
+                                               String password) {
+        Properties connectionProperties = new Properties();
+        connectionProperties.put("user", user);
+        connectionProperties.put("password", password);
+        Map<String, String> paramMap = mysqlConnectionParam.getOther();
+        if (MapUtils.isNotEmpty(paramMap)) {
+            paramMap.forEach((k, v) -> {
+                if (!checkKeyIsLegitimate(k)) {
+                    return;
+                }
+                connectionProperties.put(k, v);
+            });
+        }
+        connectionProperties.put(AUTO_DESERIALIZE, "false");
+        connectionProperties.put(ALLOW_LOAD_LOCAL_IN_FILE_NAME, "false");
+        connectionProperties.put(ALLOW_LOCAL_IN_FILE_NAME, "false");
+        connectionProperties.put(ALLOW_URL_IN_LOCAL_IN_FILE_NAME, "false");

Review Comment:
   Should we add some log to tell user those config parameter will disable in 
all cases for security reason. Otherwise users    will feel odd when them pass 
true for those parameter but not effective.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to