diff options
author | Jozsef Csongvai <jozsef.csongvai@bell.ca> | 2019-12-19 11:05:33 -0500 |
---|---|---|
committer | KAPIL SINGAL <ks220y@att.com> | 2019-12-24 14:55:41 +0000 |
commit | 0a7d68420e7b95dfffb043ebbe2f52ec24effae4 (patch) | |
tree | bd2d6a25445a253519af09ca10f98e4fd275a65c /ms/blueprintsprocessor/functions | |
parent | 8fd7adbb9428bc0c14f5f08a321eabd582fbaf48 (diff) |
Refactoring log-protect for hiding sensitive data in logs
Issue-ID: CCSDK-2010
Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca>
Change-Id: I72a4d8d49a202cea0fa1a200c7466300de1ff0b0
Diffstat (limited to 'ms/blueprintsprocessor/functions')
3 files changed, 9 insertions, 25 deletions
diff --git a/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionConstants.kt b/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionConstants.kt index 0726d2871..c39933dc8 100644 --- a/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionConstants.kt +++ b/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionConstants.kt @@ -29,5 +29,4 @@ object ResourceResolutionConstants { const val RESOURCE_RESOLUTION_INPUT_OCCURRENCE = "occurrence" const val RESOURCE_RESOLUTION_INPUT_RESOURCE_ID = "resource-id" const val RESOURCE_RESOLUTION_INPUT_RESOURCE_TYPE = "resource-type" - const val RESOURCE_RESOLUTION_LOG_PROTECTED_METADATA = "log-protect" } diff --git a/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionService.kt b/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionService.kt index 14e60bc95..51e93a3c1 100644 --- a/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionService.kt +++ b/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/ResourceResolutionService.kt @@ -32,9 +32,11 @@ import org.onap.ccsdk.cds.controllerblueprints.core.BluePrintProcessorException import org.onap.ccsdk.cds.controllerblueprints.core.asJsonPrimitive import org.onap.ccsdk.cds.controllerblueprints.core.asJsonType import org.onap.ccsdk.cds.controllerblueprints.core.checkNotEmpty +import org.onap.ccsdk.cds.controllerblueprints.core.common.ApplicationConstants.LOG_REDACTED import org.onap.ccsdk.cds.controllerblueprints.core.service.BluePrintRuntimeService import org.onap.ccsdk.cds.controllerblueprints.core.service.BluePrintTemplateService import org.onap.ccsdk.cds.controllerblueprints.core.utils.JacksonUtils +import org.onap.ccsdk.cds.controllerblueprints.core.utils.PropertyDefinitionUtils.Companion.hasLogProtect import org.onap.ccsdk.cds.controllerblueprints.resource.dict.ResourceAssignment import org.onap.ccsdk.cds.controllerblueprints.resource.dict.ResourceDefinition import org.onap.ccsdk.cds.controllerblueprints.resource.dict.utils.BulkResourceSequencingUtils @@ -395,7 +397,8 @@ open class ResourceResolutionServiceImpl( if (resourceResolution.status == BluePrintConstants.STATUS_SUCCESS) { resourceAssignmentList.forEach { if (compareOne(resourceResolution, it)) { - log.info("Resource ({}) already resolve: value=({})", it.name, resourceResolution.value) + log.info("Resource ({}) already resolved: value=({})", it.name, + if (hasLogProtect(it.property)) LOG_REDACTED else resourceResolution.value) // Make sure to recreate value as per the defined type. val value = resourceResolution.value!!.asJsonType(it.property!!.type) diff --git a/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/utils/ResourceAssignmentUtils.kt b/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/utils/ResourceAssignmentUtils.kt index b818cc2b1..a813c00ca 100644 --- a/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/utils/ResourceAssignmentUtils.kt +++ b/ms/blueprintsprocessor/functions/resource-resolution/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/resource/resolution/utils/ResourceAssignmentUtils.kt @@ -31,6 +31,7 @@ import org.onap.ccsdk.cds.controllerblueprints.core.BluePrintTypes import org.onap.ccsdk.cds.controllerblueprints.core.asJsonType import org.onap.ccsdk.cds.controllerblueprints.core.checkFileExists import org.onap.ccsdk.cds.controllerblueprints.core.checkNotEmpty +import org.onap.ccsdk.cds.controllerblueprints.core.common.ApplicationConstants.LOG_REDACTED import org.onap.ccsdk.cds.controllerblueprints.core.isComplexType import org.onap.ccsdk.cds.controllerblueprints.core.isNotEmpty import org.onap.ccsdk.cds.controllerblueprints.core.isNullOrMissing @@ -40,6 +41,7 @@ import org.onap.ccsdk.cds.controllerblueprints.core.rootFieldsToMap import org.onap.ccsdk.cds.controllerblueprints.core.service.BluePrintRuntimeService import org.onap.ccsdk.cds.controllerblueprints.core.utils.JacksonReactorUtils import org.onap.ccsdk.cds.controllerblueprints.core.utils.JacksonUtils +import org.onap.ccsdk.cds.controllerblueprints.core.utils.PropertyDefinitionUtils.Companion.hasLogProtect import org.onap.ccsdk.cds.controllerblueprints.resource.dict.ResourceAssignment import org.onap.ccsdk.cds.controllerblueprints.resource.dict.ResourceDefinition import org.slf4j.LoggerFactory @@ -159,9 +161,7 @@ class ResourceAssignmentUtils { val type = nullToEmpty(it.property?.type).toLowerCase() val value = useDefaultValueIfNull(it, rName) val valueToPrint = getValueToLog(metadata, value) - if (checkIfLogIsProtected(metadata)) { - containsLogProtected = true - } + containsLogProtected = hasLogProtect(metadata) logger.trace("Generating Resource name ($rName), type ($type), value ($valueToPrint)") root.set(rName, value) } @@ -593,25 +593,7 @@ class ResourceAssignmentUtils { return (outputKeyMapping.size == 1) } - fun getValueToLog(metadata: MutableMap<String, String>?, value: Any): Any { - return if (checkIfLogIsProtected(metadata)) { - "******REDACTED******" - } else { - value - } - } - - private fun checkIfLogIsProtected(metadata: MutableMap<String, String>?): Boolean { - var checkProtected = false - if (metadata != null && - metadata.containsKey(ResourceResolutionConstants.RESOURCE_RESOLUTION_LOG_PROTECTED_METADATA) - ) { - val protectedMetadata = metadata[ResourceResolutionConstants.RESOURCE_RESOLUTION_LOG_PROTECTED_METADATA] - if (protectedMetadata == "yes" || protectedMetadata == "y") { - checkProtected = true - } - } - return checkProtected - } + fun getValueToLog(metadata: MutableMap<String, String>?, value: Any): Any = + if (hasLogProtect(metadata)) LOG_REDACTED else value } } |