risdenk commented on a change in pull request #217: KNOX-2147 - Mask
username/password in case we display call history and keep them safely (by
setting proper file permissions) in JSON file
URL: https://github.com/apache/knox/pull/217#discussion_r358447254
##########
File path:
gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableJSONSerializer.java
##########
@@ -51,15 +63,60 @@
* if this is <code>true</code> the underlying JSON serializer will
* output the table's content; otherwise the table's
* <code>callHistory</code> will be serilized
+ * @param filePath
+ * if set, the JSON result will be written into the given file
+ * (creating if not exists; overwritten if exists)
* @return the serialized table in JSON format
*/
- static String serializeKnoxShellTable(KnoxShellTable table, boolean data) {
- SimpleFilterProvider filterProvider = new SimpleFilterProvider();
- if (data) {
- filterProvider.addFilter("knoxShellTableFilter",
SimpleBeanPropertyFilter.filterOutAllExcept("headers", "rows", "title", "id"));
+ static String serializeKnoxShellTable(KnoxShellTable table, boolean data,
String filePath) {
+ if (StringUtils.isNotBlank(filePath)) {
+ return saveTableInFile(table, data, filePath);
} else {
- filterProvider.addFilter("knoxShellTableFilter",
SimpleBeanPropertyFilter.filterOutAllExcept("callHistoryList"));
+ final SimpleFilterProvider filterProvider = new SimpleFilterProvider();
+ if (data) {
+ filterProvider.addFilter("knoxShellTableFilter",
SimpleBeanPropertyFilter.filterOutAllExcept("headers", "rows", "title", "id"));
+ } else {
+ filterProvider.addFilter("knoxShellTableFilter",
SimpleBeanPropertyFilter.filterOutAllExcept("callHistoryList"));
+ }
+ return JsonUtils.renderAsJsonString(table, filterProvider,
JSON_DATE_FORMAT.get());
+ }
+ }
+
+ private static String saveTableInFile(KnoxShellTable table, boolean data,
String filePath) {
+ try {
+ final String jsonResult;
+ if (data) {
+ final SimpleFilterProvider filterProvider = new SimpleFilterProvider();
+ filterProvider.addFilter("knoxShellTableFilter",
SimpleBeanPropertyFilter.filterOutAllExcept("headers", "rows", "title", "id"));
+ jsonResult = JsonUtils.renderAsJsonString(table, filterProvider,
JSON_DATE_FORMAT.get());
+ } else {
+ jsonResult =
JsonUtils.renderAsJsonString(KnoxShellTableCallHistory.getInstance().getCallHistory(table.id),
null, JSON_DATE_FORMAT.get());
+ }
+ final Path jsonFilePath = Paths.get(filePath);
+ if (!Files.exists(jsonFilePath.getParent())) {
+ Files.createDirectories(jsonFilePath.getParent());
+ }
+ Files.deleteIfExists(jsonFilePath);
+ Files.createFile(jsonFilePath);
+ setPermissions(jsonFilePath);
+ FileUtils.writeStringToFile(jsonFilePath.toFile(), jsonResult,
StandardCharsets.UTF_8);
+ return "Successfully saved into " + filePath;
+ } catch (IOException e) {
+ throw new KnoxShellException("Error while saving KnoxShellTable JSON
into " + filePath, e);
+ }
+ }
+
+ private static void setPermissions(Path path) throws IOException {
+ if (path.getFileSystem().supportedFileAttributeViews().contains("posix")) {
+ Files.setPosixFilePermissions(path, ONLY_OWNER_FILE_PERMISSIONS);
+ } else { // on Windows - or any other operating system which does not
support posix - setReadable/setWriteable should be used
Review comment:
Not sure we need the else. Just use the else case always. Btw I think
`FileUtils` can operate on a `Path` object directly.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
