File tree Expand file tree Collapse file tree 3 files changed +47
-6
lines changed
Expand file tree Collapse file tree 3 files changed +47
-6
lines changed Original file line number Diff line number Diff line change @@ -29,6 +29,7 @@ const { fillResourceforHookConnection } = require('server/utils/opennebula')
2929const { httpResponse, validateHttpMethod } = require ( 'server/utils/server' )
3030const { useWorker, parseReturnWorker } = require ( 'server/utils/worker' )
3131const {
32+ removeSensitiveData,
3233 writeInLogger,
3334 writeInLoggerInvalidRPC,
3435} = require ( 'server/utils/logger' )
@@ -71,10 +72,17 @@ const executeWorker = ({
7172 worker . terminate ( )
7273 const err = result && result . data && result . data . err
7374 const value = result && result . data && result . data . value
74- writeInLogger ( [ command , paramsCommand , JSON . stringify ( value ) ] , {
75- format : 'worker: %s, [%s]: %s' ,
76- level : 2 ,
77- } )
75+ writeInLogger (
76+ [
77+ command ,
78+ removeSensitiveData ( command , paramsCommand ) ,
79+ JSON . stringify ( value ) ,
80+ ] ,
81+ {
82+ format : 'worker: %s, [%s]: %s' ,
83+ level : 2 ,
84+ }
85+ )
7886 if ( ! err ) {
7987 fillResourceforHookConnection ( user , command , paramsCommand )
8088 res . locals . httpCode = parseReturnWorker ( value )
Original file line number Diff line number Diff line change @@ -108,6 +108,12 @@ const defaults = {
108108 defaultLogMessageLength : 100 ,
109109 defaultTypeLog : 'prod' ,
110110 defaultWebpackMode : 'development' ,
111+ defaultSensitiveDataForXMLRPC : [
112+ {
113+ regex : / ^ u s e r \. a l l o c a t e / ,
114+ maskIndex : 1 ,
115+ } ,
116+ ] ,
111117 defaultProductionWebpackMode : 'production' ,
112118 defaultWebpackDevTool : 'inline-source-map' ,
113119 defaultLogPath : '/var/log/one' ,
Original file line number Diff line number Diff line change @@ -22,8 +22,12 @@ const { sprintf } = require('sprintf-js')
2222const morgan = require ( 'morgan' )
2323const _ = require ( 'lodash' )
2424const { defaults } = require ( 'server/utils/constants' )
25- const { defaultWebpackMode, defaultLogsLevels, defaultLogMessageLength } =
26- defaults
25+ const {
26+ defaultWebpackMode,
27+ defaultLogsLevels,
28+ defaultLogMessageLength,
29+ defaultSensitiveDataForXMLRPC,
30+ } = defaults
2731
2832let logger = null
2933
@@ -141,6 +145,28 @@ const writeInLogger = (message = '', optLog = {}) => {
141145 }
142146}
143147
148+ /**
149+ * This function removes sensitive data from the logs.
150+ *
151+ * @param {string } command - XMLRPC command
152+ * @param {string[] } paramCommands - XMLRPC parameters
153+ * @returns {string[] } - Parameters with sensitive data masked
154+ */
155+ const removeSensitiveData = ( command = '' , paramCommands = [ ] ) => {
156+ const match = defaultSensitiveDataForXMLRPC . find ( ( { regex } ) =>
157+ regex . test ( command )
158+ )
159+
160+ if ( ! match ) return paramCommands
161+
162+ const result = [ ...paramCommands ]
163+ if ( match . maskIndex >= 0 && match . maskIndex < result . length ) {
164+ result [ match . maskIndex ] = '*****'
165+ }
166+
167+ return result
168+ }
169+
144170/**
145171 * Write in logger when XMLRPC is invalid.
146172 *
@@ -158,6 +184,7 @@ module.exports = {
158184 initLogger,
159185 getLogger,
160186 getLoggerMiddleware,
187+ removeSensitiveData,
161188 writeInLogger,
162189 writeInLoggerInvalidRPC,
163190}
You can’t perform that action at this time.
0 commit comments