fgerlits commented on code in PR #2204:
URL: https://github.com/apache/nifi-minifi-cpp/pull/2204#discussion_r3480333994
##########
encrypt-config/EncryptConfig.cpp:
##########
@@ -56,8 +74,12 @@ EncryptConfig::EncryptConfig(const std::string& minifi_home)
: minifi_home_(mini
std::filesystem::current_path(minifi_home_);
}
+EncryptConfig::~EncryptConfig() {
+ std::filesystem::current_path(prev_current_path_);
Review Comment:
I have added a check for the case when `minifi_home` is not a directory in
01f692131242ad6a7b2b4ba3a91b11dc2ff70bab, but for less common error cases, I
think throwing and terminating is OK. This is what it looks like now:
```
$ ./minifi-encrypt-config --minifi-home=/tmp/does_not_exist
The minifi home directory /tmp/does_not_exist does not exist!
$ ./minifi-encrypt-config --minifi-home=/tmp/plain_file
The minifi home is set to /tmp/plain_file, which is not a directory!
$ ./minifi-encrypt-config --minifi-home=/tmp/not_accessible
filesystem error: cannot set current path: Permission denied
(NSt10filesystem7__cxx1116filesystem_errorE)
```
##########
encrypt-config/PropertiesFileEncryptor.cpp:
##########
@@ -15,33 +15,51 @@
* limitations under the License.
*/
-#include "ConfigFileEncryptor.h"
+#include "PropertiesFileEncryptor.h"
#include <iostream>
#include <optional>
#include <string>
+#include "properties/Configuration.h"
+#include "properties/Properties.h"
#include "utils/StringUtils.h"
-namespace org::apache::nifi::minifi::encrypt_config {
-
+namespace {
bool isEncrypted(const std::optional<std::string>& encryption_type) {
return encryption_type && !encryption_type->empty() && *encryption_type !=
"plaintext";
}
+} // namespace
+
+namespace org::apache::nifi::minifi::encrypt_config {
+
+std::vector<std::string> getSensitiveProperties(const std::filesystem::path&
properties_file_path) {
+ auto minifi_properties =
PropertiesImpl{PropertiesImpl::PersistTo::MultipleFiles, "MiNiFi properties"};
+ minifi_properties.loadConfigureFile(properties_file_path);
+
+ auto sensitive_properties =
Configuration::getSensitiveProperties([&minifi_properties](const std::string&
property_name) {
+ return minifi_properties.getString(property_name);
+ });
+ const auto not_found = [&minifi_properties](const std::string&
property_name) { return
!minifi_properties.getString(property_name).has_value(); };
+ const auto new_end = std::remove_if(sensitive_properties.begin(),
sensitive_properties.end(), not_found);
+ sensitive_properties.erase(new_end, sensitive_properties.end());
+
+ return sensitive_properties;
+}
-uint32_t encryptSensitivePropertiesInFile(ConfigFile& config_file, const
utils::crypto::Bytes & encryption_key) {
- return encryptSensitivePropertiesInFile(config_file, EncryptionKeys{{},
encryption_key});
+uint32_t encryptSensitivePropertiesInFile(PropertiesFile& properties_file,
const std::vector<std::string>& sensitive_properties, const
utils::crypto::Bytes & encryption_key) {
+ return encryptSensitivePropertiesInFile(properties_file,
sensitive_properties, EncryptionKeys{{}, encryption_key});
}
-uint32_t encryptSensitivePropertiesInFile(ConfigFile& config_file, const
EncryptionKeys& keys) {
+uint32_t encryptSensitivePropertiesInFile(PropertiesFile& properties_file,
const std::vector<std::string>& sensitive_properties, const EncryptionKeys&
keys) {
int num_properties_encrypted = 0;
Review Comment:
fixed in 9d58ea983d7e68845c3ff75e24909543c46c4a11
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
