This is an automated email from the ASF dual-hosted git repository.
dataroaring pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new c24a33c857b [enhancement](audit) hide password and other sensitive
information in log and audit log (#27115)
c24a33c857b is described below
commit c24a33c857bb0bb016d5523c67e6c99dfa31a5aa
Author: xueweizhang <[email protected]>
AuthorDate: Fri Nov 24 10:27:30 2023 +0800
[enhancement](audit) hide password and other sensitive information in log
and audit log (#27115)
Signed-off-by: nextdreamblue <[email protected]>
---
.../java/org/apache/doris/analysis/AlterCatalogPropertyStmt.java | 7 ++++++-
.../src/main/java/org/apache/doris/analysis/AlterResourceStmt.java | 7 ++++++-
.../src/main/java/org/apache/doris/analysis/BrokerLoadStmt.java | 2 +-
.../src/main/java/org/apache/doris/analysis/CreateCatalogStmt.java | 7 ++++++-
.../main/java/org/apache/doris/analysis/CreateRepositoryStmt.java | 5 +++++
.../main/java/org/apache/doris/analysis/CreateResourceStmt.java | 7 ++++++-
.../src/main/java/org/apache/doris/analysis/StorageBackend.java | 2 +-
fe/fe-core/src/main/java/org/apache/doris/backup/Repository.java | 2 +-
fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java | 5 +++--
9 files changed, 35 insertions(+), 9 deletions(-)
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterCatalogPropertyStmt.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterCatalogPropertyStmt.java
index 95480f325f5..3cac7056276 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterCatalogPropertyStmt.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterCatalogPropertyStmt.java
@@ -47,6 +47,11 @@ public class AlterCatalogPropertyStmt extends
AlterCatalogStmt {
@Override
public String toSql() {
return "ALTER CATALOG " + catalogName + " SET PROPERTIES ("
- + new PrintableMap<>(newProperties, "=", true, false, ",") +
")";
+ + new PrintableMap<>(newProperties, "=", true, false, true) +
")";
+ }
+
+ @Override
+ public boolean needAuditEncryption() {
+ return true;
}
}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterResourceStmt.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterResourceStmt.java
index cd4c1a9fbcc..084200f28da 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterResourceStmt.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/AlterResourceStmt.java
@@ -79,7 +79,12 @@ public class AlterResourceStmt extends DdlStmt {
public String toSql() {
StringBuilder sb = new StringBuilder();
sb.append("ALTER RESOURCE '").append(resourceName).append("' ");
- sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ",
true, false)).append(")");
+ sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ",
true, false, true)).append(")");
return sb.toString();
}
+
+ @Override
+ public boolean needAuditEncryption() {
+ return true;
+ }
}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/BrokerLoadStmt.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/BrokerLoadStmt.java
index 64e6a060c19..8fb813d5622 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/BrokerLoadStmt.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/BrokerLoadStmt.java
@@ -117,7 +117,7 @@ public class BrokerLoadStmt extends InsertStmt {
if (properties != null && !properties.isEmpty()) {
sb.append("\nPROPERTIES (");
- sb.append(new PrintableMap<>(properties, "=", true, false));
+ sb.append(new PrintableMap<>(properties, "=", true, false, true));
sb.append(")");
}
return sb.toString();
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateCatalogStmt.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateCatalogStmt.java
index 7d2bbb2b61d..720df2dbedc 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateCatalogStmt.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateCatalogStmt.java
@@ -122,9 +122,14 @@ public class CreateCatalogStmt extends DdlStmt {
}
if (properties.size() > 0) {
stringBuilder.append("\nPROPERTIES (\n");
- stringBuilder.append(new PrintableMap<>(properties, "=", true,
true, false));
+ stringBuilder.append(new PrintableMap<>(properties, "=", true,
true, true));
stringBuilder.append("\n)");
}
return stringBuilder.toString();
}
+
+ @Override
+ public boolean needAuditEncryption() {
+ return true;
+ }
}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateRepositoryStmt.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateRepositoryStmt.java
index 0cb30dd7a36..36f4936954a 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateRepositoryStmt.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateRepositoryStmt.java
@@ -95,4 +95,9 @@ public class CreateRepositoryStmt extends DdlStmt {
sb.append("REPOSITORY `").append(name).append("` WITH
").append(storage.toSql());
return sb.toString();
}
+
+ @Override
+ public boolean needAuditEncryption() {
+ return true;
+ }
}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateResourceStmt.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateResourceStmt.java
index 6e529be7a94..16b7fb99733 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateResourceStmt.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateResourceStmt.java
@@ -108,7 +108,12 @@ public class CreateResourceStmt extends DdlStmt {
sb.append("EXTERNAL ");
}
sb.append("RESOURCE '").append(resourceName).append("' ");
- sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ",
true, false)).append(")");
+ sb.append("PROPERTIES(").append(new PrintableMap<>(properties, " = ",
true, false, true)).append(")");
return sb.toString();
}
+
+ @Override
+ public boolean needAuditEncryption() {
+ return true;
+ }
}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/StorageBackend.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/StorageBackend.java
index e5088382073..0e148c6c399 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/StorageBackend.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/StorageBackend.java
@@ -132,7 +132,7 @@ public class StorageBackend implements ParseNode {
sb.append(" `").append(storageDesc.getName()).append("`");
}
sb.append(" ON LOCATION ").append(location).append(" PROPERTIES(")
- .append(new PrintableMap<>(storageDesc.getProperties(), " = ",
true, false))
+ .append(new PrintableMap<>(storageDesc.getProperties(), " = ",
true, false, true))
.append(")");
return sb.toString();
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/backup/Repository.java
b/fe/fe-core/src/main/java/org/apache/doris/backup/Repository.java
index a95b6a953aa..a236ba3c308 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/backup/Repository.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/backup/Repository.java
@@ -692,7 +692,7 @@ public class Repository implements Writable {
stmtBuilder.append("\nPROPERTIES\n(");
stmtBuilder.append(new
PrintableMap<>(this.getRemoteFileSystem().getProperties(), " = ",
- true, true));
+ true, true, true));
stmtBuilder.append("\n)");
return stmtBuilder.toString();
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
b/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
index 78f83bb7c5d..133b10536f7 100755
--- a/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
@@ -3370,7 +3370,7 @@ public class Env {
sb.append("\nPROPERTIES (\n");
sb.append("\"database\" =
\"").append(hiveTable.getHiveDb()).append("\",\n");
sb.append("\"table\" =
\"").append(hiveTable.getHiveTable()).append("\",\n");
- sb.append(new PrintableMap<>(hiveTable.getHiveProperties(), " = ",
true, true, false).toString());
+ sb.append(new PrintableMap<>(hiveTable.getHiveProperties(), " = ",
true, true, hidePassword).toString());
sb.append("\n)");
} else if (table.getType() == TableType.ICEBERG) {
IcebergTable icebergTable = (IcebergTable) table;
@@ -3381,7 +3381,8 @@ public class Env {
sb.append("\nPROPERTIES (\n");
sb.append("\"iceberg.database\" =
\"").append(icebergTable.getIcebergDb()).append("\",\n");
sb.append("\"iceberg.table\" =
\"").append(icebergTable.getIcebergTbl()).append("\",\n");
- sb.append(new PrintableMap<>(icebergTable.getIcebergProperties(),
" = ", true, true, false).toString());
+ sb.append(new PrintableMap<>(icebergTable.getIcebergProperties(),
+ " = ", true, true, hidePassword).toString());
sb.append("\n)");
} else if (table.getType() == TableType.JDBC) {
JdbcTable jdbcTable = (JdbcTable) table;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
