This is an automated email from the ASF dual-hosted git repository. critas pushed a commit to branch wx_0217_jdbc_1.3 in repository https://gitbox.apache.org/repos/asf/iotdb.git
commit f9083b9e52a6491af44e2f7fe5a293a815324cfc Author: CritasWang <[email protected]> AuthorDate: Mon Feb 17 16:13:54 2025 +0800 Remove JDBC sensitive information output (#14857) * Remove JDBC sensitive information output * fix todos * fix todos * remove OpenId sensitive information output * fix openid * remove pw for User.toString * fix ut --- .github/workflows/todos-check.yml | 54 ++++++++++++++++++++++ .../apache/iotdb/jdbc/IoTDBDataSourceFactory.java | 3 -- .../org/apache/iotdb/db/auth/entity/UserTest.java | 4 +- .../commons/auth/authorizer/OpenIdAuthorizer.java | 6 +-- .../org/apache/iotdb/commons/auth/entity/User.java | 8 ++-- 5 files changed, 63 insertions(+), 12 deletions(-) diff --git a/.github/workflows/todos-check.yml b/.github/workflows/todos-check.yml new file mode 100644 index 00000000000..4ab48c9e754 --- /dev/null +++ b/.github/workflows/todos-check.yml @@ -0,0 +1,54 @@ +name: Check TODOs and FIXMEs in Changed Files + +on: + pull_request: + branches: + - master + - 'dev/*' + - 'rel/*' + - "rc/*" + - 'force_ci/**' + paths-ignore: + - 'docs/**' + - 'site/**' + # allow manually run the action: + workflow_dispatch: + +jobs: + todo-check: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Check for TODOs and FIXMEs in changed files + run: | + # Fetch the target branch + git fetch origin $GITHUB_BASE_REF + + git switch -c check_branch + + # Get the diff of the changes + echo Get the diff of the changes + DIFF=$(git diff origin/$GITHUB_BASE_REF check_branch -- . ':(exclude).github/workflows/todos-check.yml') + + if [ -z "$DIFF" ]; then + echo "No changes detected." + exit 0 + fi + + + # Check the diff for TODOs + + # Check the diff for TODOs + echo Check the diff for TODOs + TODOsCOUNT=$(echo "$DIFF" | grep -E '^\+.*(TODO|FIXME)' | wc -l) + if [ "$TODOsCOUNT" -eq 0 ]; then + echo "No TODOs or FIXMEs found in changed content."; + exit 0 + fi + + echo "TODO or FIXME found in the changes. Please resolve it before merging." + echo "$DIFF" | grep -E '^\+.*(TODO|FIXME)' | tee -a output.log + exit 1 \ No newline at end of file diff --git a/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java b/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java index 81259278dc8..8e601d5df6f 100644 --- a/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java +++ b/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java @@ -45,16 +45,13 @@ public class IoTDBDataSourceFactory implements DataSourceFactory { String url = (String) properties.remove(DataSourceFactory.JDBC_URL); if (url != null) { ds.setUrl(url); - logger.info("URL set {}", url); } String user = (String) properties.remove(DataSourceFactory.JDBC_USER); ds.setUser(user); - logger.info("User set {}", user); String password = (String) properties.remove(DataSourceFactory.JDBC_PASSWORD); ds.setPassword(password); - logger.info("Password set {}", password); logger.info("Remaining properties {}", properties.size()); diff --git a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java index 4e97ac3a359..9187e3525be 100644 --- a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java +++ b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java @@ -37,13 +37,13 @@ public class UserTest { user.setPrivilegeList(Collections.singletonList(pathPrivilege)); user.setPathPrivileges(new PartialPath("root.ln"), Collections.singleton(1)); Assert.assertEquals( - "User{name='user', password='password', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], " + "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], " + "isOpenIdUser=false, useWaterMark=false}", user.toString()); User user1 = new User("user1", "password1"); user1.deserialize(user.serialize()); Assert.assertEquals( - "User{name='user', password='password', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], " + "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], " + "isOpenIdUser=false, useWaterMark=false}", user1.toString()); Assert.assertTrue(user1.equals(user)); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java index 55720d95080..7bc7e7a4f8c 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java @@ -148,9 +148,7 @@ public class OpenIdAuthorizer extends BasicAuthorizer { public boolean login(String token, String password) throws AuthException { if (password != null && !password.isEmpty()) { logger.error( - "JWT Login failed as a non-empty Password was given username (token): {}, password: {}", - token, - password); + "JWT Login failed as a non-empty Password was given username (token): {}", token); return false; } if (token == null || token.isEmpty()) { @@ -162,7 +160,7 @@ public class OpenIdAuthorizer extends BasicAuthorizer { try { claims = validateToken(token); } catch (JwtException e) { - logger.error("Unable to login the user wit jwt {}", password, e); + logger.error("Unable to login the user with Username (token) {}", token, e); return false; } logger.debug("JWT was validated successfully!"); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java index becfde35652..2b0b6eb304a 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java @@ -187,15 +187,17 @@ public class User extends Role { roleList = SerializeUtils.deserializeStringList(buffer); } + /** + * TestOnly, get the string representation of the user. + * + * @return string representation of the user + */ @Override public String toString() { return "User{" + "name='" + super.getName() + '\'' - + ", password='" - + password - + '\'' + ", pathPrivilegeList=" + super.getPathPrivilegeList() + ", sysPrivilegeSet="
