(iotdb) branch dev/1.3 updated: Remove JDBC sensitive information output (#14857) (#14863)

Mon, 17 Feb 2025 02:33:34 -0800 

This is an automated email from the ASF dual-hosted git repository.

haonan pushed a commit to branch dev/1.3
in repository https://gitbox.apache.org/repos/asf/iotdb.git


The following commit(s) were added to refs/heads/dev/1.3 by this push:
     new 34fcaff6b72 Remove JDBC sensitive information output (#14857) (#14863)
34fcaff6b72 is described below

commit 34fcaff6b72470d5ad369307dde7fae8897aea7e
Author: CritasWang <[email protected]>
AuthorDate: Mon Feb 17 18:28:17 2025 +0800

    Remove JDBC sensitive information output (#14857) (#14863)
---
 .github/workflows/todos-check.yml                  | 54 ++++++++++++++++++++++
 .../apache/iotdb/jdbc/IoTDBDataSourceFactory.java  |  3 --
 .../org/apache/iotdb/db/auth/entity/UserTest.java  |  4 +-
 .../commons/auth/authorizer/OpenIdAuthorizer.java  |  6 +--
 .../org/apache/iotdb/commons/auth/entity/User.java |  8 ++--
 5 files changed, 63 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/todos-check.yml 
b/.github/workflows/todos-check.yml
new file mode 100644
index 00000000000..4ab48c9e754
--- /dev/null
+++ b/.github/workflows/todos-check.yml
@@ -0,0 +1,54 @@
+name: Check TODOs and FIXMEs in Changed Files
+
+on:
+  pull_request:
+    branches:
+      - master
+      - 'dev/*'
+      - 'rel/*'
+      - "rc/*"
+      - 'force_ci/**'
+    paths-ignore:
+      - 'docs/**'
+      - 'site/**'
+  # allow manually run the action:
+  workflow_dispatch:
+
+jobs:
+  todo-check:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check for TODOs and FIXMEs in changed files
+        run: |
+          # Fetch the target branch
+          git fetch origin $GITHUB_BASE_REF
+          
+          git switch -c check_branch
+          
+          # Get the diff of the changes
+          echo Get the diff of the changes
+          DIFF=$(git diff origin/$GITHUB_BASE_REF check_branch  -- . 
':(exclude).github/workflows/todos-check.yml')
+          
+          if [ -z "$DIFF" ]; then
+            echo "No changes detected."
+            exit 0
+          fi
+          
+          
+          # Check the diff for TODOs
+          
+           # Check the diff for TODOs
+          echo Check the diff for TODOs
+          TODOsCOUNT=$(echo "$DIFF" | grep -E '^\+.*(TODO|FIXME)' | wc -l)
+          if [ "$TODOsCOUNT" -eq 0 ]; then
+            echo "No TODOs or FIXMEs found in changed content.";
+            exit 0
+          fi
+          
+          echo "TODO or FIXME found in the changes. Please resolve it before 
merging."
+          echo "$DIFF" | grep -E '^\+.*(TODO|FIXME)' | tee -a output.log
+          exit 1
\ No newline at end of file
diff --git 
a/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java
 
b/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java
index 81259278dc8..8e601d5df6f 100644
--- 
a/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java
+++ 
b/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java
@@ -45,16 +45,13 @@ public class IoTDBDataSourceFactory implements 
DataSourceFactory {
     String url = (String) properties.remove(DataSourceFactory.JDBC_URL);
     if (url != null) {
       ds.setUrl(url);
-      logger.info("URL set {}", url);
     }
 
     String user = (String) properties.remove(DataSourceFactory.JDBC_USER);
     ds.setUser(user);
-    logger.info("User set {}", user);
 
     String password = (String) 
properties.remove(DataSourceFactory.JDBC_PASSWORD);
     ds.setPassword(password);
-    logger.info("Password set {}", password);
 
     logger.info("Remaining properties {}", properties.size());
 
diff --git 
a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java
 
b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java
index 4e97ac3a359..9187e3525be 100644
--- 
a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java
+++ 
b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java
@@ -37,13 +37,13 @@ public class UserTest {
     user.setPrivilegeList(Collections.singletonList(pathPrivilege));
     user.setPathPrivileges(new PartialPath("root.ln"), 
Collections.singleton(1));
     Assert.assertEquals(
-        "User{name='user', password='password', pathPrivilegeList=[root.ln : 
WRITE_DATA], sysPrivilegeSet=[], roleList=[], "
+        "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], 
sysPrivilegeSet=[], roleList=[], "
             + "isOpenIdUser=false, useWaterMark=false}",
         user.toString());
     User user1 = new User("user1", "password1");
     user1.deserialize(user.serialize());
     Assert.assertEquals(
-        "User{name='user', password='password', pathPrivilegeList=[root.ln : 
WRITE_DATA], sysPrivilegeSet=[], roleList=[], "
+        "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], 
sysPrivilegeSet=[], roleList=[], "
             + "isOpenIdUser=false, useWaterMark=false}",
         user1.toString());
     Assert.assertTrue(user1.equals(user));
diff --git 
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java
 
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java
index 55720d95080..7bc7e7a4f8c 100644
--- 
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java
+++ 
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java
@@ -148,9 +148,7 @@ public class OpenIdAuthorizer extends BasicAuthorizer {
   public boolean login(String token, String password) throws AuthException {
     if (password != null && !password.isEmpty()) {
       logger.error(
-          "JWT Login failed as a non-empty Password was given username 
(token): {}, password: {}",
-          token,
-          password);
+          "JWT Login failed as a non-empty Password was given username 
(token): {}", token);
       return false;
     }
     if (token == null || token.isEmpty()) {
@@ -162,7 +160,7 @@ public class OpenIdAuthorizer extends BasicAuthorizer {
     try {
       claims = validateToken(token);
     } catch (JwtException e) {
-      logger.error("Unable to login the user wit jwt {}", password, e);
+      logger.error("Unable to login the user with Username (token) {}", token, 
e);
       return false;
     }
     logger.debug("JWT was validated successfully!");
diff --git 
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java
 
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java
index becfde35652..2b0b6eb304a 100644
--- 
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java
+++ 
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java
@@ -187,15 +187,17 @@ public class User extends Role {
     roleList = SerializeUtils.deserializeStringList(buffer);
   }
 
+  /**
+   * TestOnly, get the string representation of the user.
+   *
+   * @return string representation of the user
+   */
   @Override
   public String toString() {
     return "User{"
         + "name='"
         + super.getName()
         + '\''
-        + ", password='"
-        + password
-        + '\''
         + ", pathPrivilegeList="
         + super.getPathPrivilegeList()
         + ", sysPrivilegeSet="

Reply via email to