Hide TrustId in log to tighten up security
Current the value of TrustId is showed in plaintext in log when murano creates trustes and operates with data. So add 'trustid' in token_sanitizer to hide it like token and pass. Closes-Bug: #1472331 Change-Id: I1e9ea8298a7ffd9aa742cf73fada69db3a734712
This commit is contained in:
parent
ed6c26c8ca
commit
8933765635
@ -21,7 +21,8 @@ class TokenSanitizer(object):
|
|||||||
Simply searches attribute with `look a like` name as one of
|
Simply searches attribute with `look a like` name as one of
|
||||||
the token and replace it value with message.
|
the token and replace it value with message.
|
||||||
"""
|
"""
|
||||||
def __init__(self, tokens=('token', 'pass'), message='*** SANITIZED ***'):
|
def __init__(self, tokens=('token', 'pass', 'trustid'),
|
||||||
|
message='*** SANITIZED ***'):
|
||||||
"""Init method of TokenSanitizer.
|
"""Init method of TokenSanitizer.
|
||||||
:param tokens: iterable with tokens
|
:param tokens: iterable with tokens
|
||||||
:param message: string by which each token going to be replaced
|
:param message: string by which each token going to be replaced
|
||||||
|
@ -25,11 +25,12 @@ class TokenSanitizerTests(base.MuranoTestCase):
|
|||||||
self.assertEqual(value['token'], self.sanitizer.message)
|
self.assertEqual(value['token'], self.sanitizer.message)
|
||||||
|
|
||||||
def test_dict_with_few_value(self):
|
def test_dict_with_few_value(self):
|
||||||
source = {'token': 'value', 'pass': 'value'}
|
source = {'token': 'value', 'pass': 'value', 'TrustId': 'value'}
|
||||||
value = self.sanitizer.sanitize(source)
|
value = self.sanitizer.sanitize(source)
|
||||||
|
|
||||||
self.assertEqual(value['token'], self.sanitizer.message)
|
self.assertEqual(value['token'], self.sanitizer.message)
|
||||||
self.assertEqual(value['pass'], self.sanitizer.message)
|
self.assertEqual(value['pass'], self.sanitizer.message)
|
||||||
|
self.assertEqual(value['TrustId'], self.sanitizer.message)
|
||||||
|
|
||||||
def test_dict_with_nested_dict(self):
|
def test_dict_with_nested_dict(self):
|
||||||
source = {'obj': {'pass': 'value'}}
|
source = {'obj': {'pass': 'value'}}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user