safe_log Sanitize Passwords in List of Dicts
sanitizes password fields found in lists of dicts for messages before logging. Change-Id: Ic3c3f7d43570fe99411a3f6bf9ef70de44104c53 Closes-Bug: #1268459
This commit is contained in:
parent
8710dbacfd
commit
22e971ac11
|
@ -269,6 +269,10 @@ def _safe_log(log_func, msg, msg_data):
|
|||
d[k] = '<SANITIZED>'
|
||||
elif k.lower() in SANITIZE:
|
||||
d[k] = '<SANITIZED>'
|
||||
elif isinstance(d[k], list):
|
||||
for e in d[k]:
|
||||
if isinstance(e, dict):
|
||||
_fix_passwords(e)
|
||||
elif isinstance(d[k], dict):
|
||||
_fix_passwords(d[k])
|
||||
return d
|
||||
|
|
|
@ -367,6 +367,17 @@ class RpcCommonTestCase(test.BaseTestCase):
|
|||
'dest_cell_name': 'cell!0001'}}
|
||||
rpc_common._safe_log(logger_method, 'foo', data)
|
||||
|
||||
def test_safe_log_sanitizes_any_password_in_list_of_dicts(self):
|
||||
def logger_method(msg, data):
|
||||
self.assertEqual('<SANITIZED>', data['users'][0]['_password'])
|
||||
self.assertEqual('<SANITIZED>', data['users'][1]['_password'])
|
||||
|
||||
users = [{'_host': '%', '_password': 'passw0rd', '_name': 'mydb'},
|
||||
{'_host': '%', '_password': 'secret', '_name': 'newdb'}]
|
||||
data = {'_request_id': 'req-44adf4ac-12bb-44c5-be3d-da2cc73b2e05',
|
||||
'users': users}
|
||||
rpc_common._safe_log(logger_method, 'foo', data)
|
||||
|
||||
def test_version_is_compatible_same(self):
|
||||
self.assertTrue(rpc_common.version_is_compatible('1.23', '1.23'))
|
||||
|
||||
|
|
Loading…
Reference in New Issue