github-code-scanning[bot] commented on code in PR #13103:
URL:
https://github.com/apache/dolphinscheduler/pull/13103#discussion_r1039526279
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ExecutorController.java:
##########
@@ -450,4 +450,38 @@
warningGroupId, workerGroup, environmentCode, startParamMap,
dryRun);
return returnDataList(result);
}
+
+ /**
+ * do action to process instance: pause, stop, repeat, recover from pause,
recover from stop
+ *
+ * @param loginUser login user
+ * @param projectCode project code
+ * @param processInstanceId process instance id
+ * @param startNodeList start node list
+ * @param taskDependType task depend type
+ * @return execute result code
+ */
+ @Operation(summary = "execute-task", description =
"EXECUTE_ACTION_TO_PROCESS_INSTANCE_NOTES")
+ @Parameters({
+ @Parameter(name = "processInstanceId", description =
"PROCESS_INSTANCE_ID", required = true, schema = @Schema(implementation =
int.class, example = "100")),
+ @Parameter(name = "startNodeList", description =
"START_NODE_LIST", required = true, schema = @Schema(implementation =
String.class)),
+ @Parameter(name = "taskDependType", description =
"TASK_DEPEND_TYPE", required = true, schema = @Schema(implementation =
TaskDependType.class))
+ })
+ @PostMapping(value = "/execute-task")
+ @ResponseStatus(HttpStatus.OK)
+ @ApiException(EXECUTE_PROCESS_INSTANCE_ERROR)
+ @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
+ public Result executeTask(@Parameter(hidden = true)
@RequestAttribute(value = Constants.SESSION_USER) User loginUser,
+ @Parameter(name = "projectCode", description =
"PROJECT_CODE", required = true) @PathVariable long projectCode,
+ @RequestParam("processInstanceId") Integer
processInstanceId,
+ @RequestParam("startNodeList") String
startNodeList,
+ @RequestParam("taskDependType") TaskDependType
taskDependType) {
+ logger.info("Start to execute task in process instance,
projectCode:{}, processInstanceId:{}, taskCode: {}.",
+ projectCode,
+ processInstanceId, startNodeList);
Review Comment:
## Logging should not be vulnerable to injection attacks
<!--SONAR_ISSUE_KEY:AYTiPxNgLZNepaT_fo-N-->Change this code to not log
user-controlled data. <p>See more on <a
href="https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&issues=AYTiPxNgLZNepaT_fo-N&open=AYTiPxNgLZNepaT_fo-N&pullRequest=13103";>SonarCloud</a></p>
[Show more
details](https://github.com/apache/dolphinscheduler/security/code-scanning/2381)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
