You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by fb...@apache.org on 2015/05/27 23:51:48 UTC
ambari git commit: AMBARI-11403 [WinTP2] ServiceConfig should not log
password in plaintext
Repository: ambari
Updated Branches:
refs/heads/trunk 8deabc2cb -> 8419e55bf
AMBARI-11403 [WinTP2] ServiceConfig should not log password in plaintext
Fixed logged string generation
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/8419e55b
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/8419e55b
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/8419e55b
Branch: refs/heads/trunk
Commit: 8419e55bf2a4484c651cfe4b476d7c34b05301d9
Parents: 8deabc2
Author: Florian Barca <fb...@hortonworks.com>
Authored: Wed May 27 14:51:33 2015 -0700
Committer: Florian Barca <fb...@hortonworks.com>
Committed: Wed May 27 14:51:33 2015 -0700
----------------------------------------------------------------------
.../python/resource_management/core/base.py | 28 ++++++++
.../python/resource_management/core/logger.py | 68 ++++++++++----------
.../core/resources/service.py | 4 +-
3 files changed, 63 insertions(+), 37 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/8419e55b/ambari-common/src/main/python/resource_management/core/base.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/core/base.py b/ambari-common/src/main/python/resource_management/core/base.py
index 67634cd..b291769 100644
--- a/ambari-common/src/main/python/resource_management/core/base.py
+++ b/ambari-common/src/main/python/resource_management/core/base.py
@@ -41,6 +41,9 @@ class ResourceArgument(object):
raise InvalidArgument("Required argument %s missing" % self.name)
return value
+ def log_str(self, key, value):
+ return Logger.get_arg_repr(key, value)
+
class ForcedListArgument(ResourceArgument):
def validate(self, value):
@@ -59,6 +62,12 @@ class BooleanArgument(ResourceArgument):
return value
+class PasswordArgument(ResourceArgument):
+ def log_str(self, key, value):
+ # Hide the passwords from text representations
+ return "********"
+
+
class Accessor(object):
def __init__(self, name):
self.name = name
@@ -150,6 +159,25 @@ class Resource(object):
def validate(self):
pass
+ def get_function_repr(self):
+ name = repr(self)
+
+ arguments_str = ""
+ for x, y in self.arguments.iteritems():
+ try:
+ arg = self._arguments[x]
+ except KeyError:
+ raise Fail("%s received unsupported argument %s" % (self, x))
+
+ val = arg.log_str(x, y)
+
+ arguments_str += "'{0}': {1}, ".format(x, val)
+
+ if arguments_str:
+ arguments_str = arguments_str[:-2]
+
+ return unicode("{0} {{{1}}}").format(name, arguments_str)
+
def __repr__(self):
return unicode(self)
http://git-wip-us.apache.org/repos/asf/ambari/blob/8419e55b/ambari-common/src/main/python/resource_management/core/logger.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/core/logger.py b/ambari-common/src/main/python/resource_management/core/logger.py
index 74e88e8..c741327 100644
--- a/ambari-common/src/main/python/resource_management/core/logger.py
+++ b/ambari-common/src/main/python/resource_management/core/logger.py
@@ -70,19 +70,19 @@ class Logger:
@staticmethod
def error_resource(resource):
- Logger.error(Logger.filter_text(Logger._get_resource_repr(resource)))
+ Logger.error(Logger.filter_text(resource.get_function_repr()))
@staticmethod
def warning_resource(resource):
- Logger.warning(Logger.filter_text(Logger._get_resource_repr(resource)))
+ Logger.warning(Logger.filter_text(resource.get_function_repr()))
@staticmethod
def info_resource(resource):
- Logger.info(Logger.filter_text(Logger._get_resource_repr(resource)))
+ Logger.info(Logger.filter_text(resource.get_function_repr()))
@staticmethod
def debug_resource(resource):
- Logger.debug(Logger.filter_text(Logger._get_resource_repr(resource)))
+ Logger.debug(Logger.filter_text(resource.get_function_repr()))
@staticmethod
def filter_text(text):
@@ -98,10 +98,6 @@ class Logger:
text = text.replace(placeholder, '')
return text
-
- @staticmethod
- def _get_resource_repr(resource):
- return Logger.get_function_repr(repr(resource), resource.arguments)
@staticmethod
def get_function_repr(name, arguments):
@@ -109,33 +105,7 @@ class Logger:
arguments_str = ""
for x,y in arguments.iteritems():
-
- # strip unicode 'u' sign
- if isinstance(y, unicode):
- # don't show long messages
- if len(y) > MESSAGE_MAX_LEN:
- y = '...'
- val = repr(y).lstrip('u')
- # don't show dicts of configurations
- # usually too long
- elif isinstance(y, dict) and len(y) > DICTIONARY_MAX_LEN:
- val = "..."
- # for configs which didn't come
- elif isinstance(y, UnknownConfiguration):
- val = "[EMPTY]"
- # correctly output 'mode' (as they are octal values like 0755)
- elif y and x == 'mode':
- try:
- val = oct(y)
- except:
- val = repr(y)
- # for functions show only function name
- elif hasattr(y, '__call__') and hasattr(y, '__name__'):
- val = y.__name__
- else:
- val = repr(y)
-
-
+ val = Logger.get_arg_repr(x, y)
arguments_str += "'{0}': {1}, ".format(x, val)
@@ -143,3 +113,31 @@ class Logger:
arguments_str = arguments_str[:-2]
return unicode("{0} {{{1}}}").format(name, arguments_str)
+
+ @staticmethod
+ def get_arg_repr(x, y):
+ # strip unicode 'u' sign
+ if isinstance(y, unicode):
+ # don't show long messages
+ if len(y) > MESSAGE_MAX_LEN:
+ y = '...'
+ val = repr(y).lstrip('u')
+ # don't show dicts of configurations
+ # usually too long
+ elif isinstance(y, dict) and len(y) > DICTIONARY_MAX_LEN:
+ val = "..."
+ # for configs which didn't come
+ elif isinstance(y, UnknownConfiguration):
+ val = "[EMPTY]"
+ # correctly output 'mode' (as they are octal values like 0755)
+ elif y and x == 'mode':
+ try:
+ val = oct(y)
+ except:
+ val = repr(y)
+ # for functions show only function name
+ elif hasattr(y, '__call__') and hasattr(y, '__name__'):
+ val = y.__name__
+ else:
+ val = repr(y)
+ return val
http://git-wip-us.apache.org/repos/asf/ambari/blob/8419e55b/ambari-common/src/main/python/resource_management/core/resources/service.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/core/resources/service.py b/ambari-common/src/main/python/resource_management/core/resources/service.py
index cb202cf..9f963fb 100644
--- a/ambari-common/src/main/python/resource_management/core/resources/service.py
+++ b/ambari-common/src/main/python/resource_management/core/resources/service.py
@@ -22,7 +22,7 @@ Ambari Agent
__all__ = ["Service", "ServiceConfig"]
-from resource_management.core.base import Resource, ResourceArgument, ForcedListArgument
+from resource_management.core.base import Resource, ResourceArgument, ForcedListArgument, PasswordArgument
class Service(Resource):
@@ -46,6 +46,6 @@ class ServiceConfig(Resource):
#exe_path = ResourceArgument()
#arguments = ResourceArgument()
username = ResourceArgument()
- password = ResourceArgument()
+ password = PasswordArgument()
actions = ["nothing", "install", "configure", "change_user", "uninstall"]