GitHub user user1500177 added a comment to the discussion: How to Mask
Passwords in Superset Action Log (DatabaseRestApi.import_)
@dosu
THe method you provided als ouses recursion right , will it take up mich time
in doing this ?
Is the follwing method good too?
class MaskPasswordsEventLogger(DBEventLogger):
def _mask_sensitive(self, data):
try:
if isinstance(data, dict):
return {
k: (
"***MASKED***" if k.lower() in {"password",
"passwords", "db_password", "access_token", "secret"}
else self._mask_sensitive(v)
)
for k, v in data.items()
}
elif isinstance(data, list):
return [self._mask_sensitive(item) for item in data]
else:
return data
except Exception as e:
import logging
logging.warning(f"Error masking sensitive data: {e}")
return data
def log(self, user_id, action, *args, **kwargs):
try:
records = kwargs.get("records", []) or []
if records:
for record in records:
masked_record = self._mask_sensitive(record)
# print(json.dumps(masked_record, default=str)) #
Optional: remove if not needed
else:
masked_json = self._mask_sensitive(kwargs.get("json", {}))
# print(json.dumps(masked_json, default=str)) # Optional:
remove if not needed
# Mask sensitive fields in kwargs before passing to DBEventLogger
masked_kwargs = self._mask_sensitive(kwargs)
super().log(user_id, action, *args, **masked_kwargs)
except Exception as e:
import logging
logging.warning(f"Error in custom event logger: {e}")
Can a single event in Superset generate multiple log entries (records) in the
event logger? (is that the reason records is used , can i emove the else part
as the masked_kwargs is already set as self._mask_sensitive(kwargs))
GitHub link:
https://github.com/apache/superset/discussions/35415#discussioncomment-14580563
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]