test/DolphinScheduler
1
0
Fork 0
mirror of https://gitee.com/dolphinscheduler/DolphinScheduler.git synced 2024-12-12 12:25:16 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: Improve the security of datasource management (#2844)

Browse Source 
Closes 2638

Co-authored-by: dailidong <dailidong66@gmail.com>
This commit is contained in:
如梦技术 2020-05-30 15:03:10 +08:00 committed by GitHub
parent fbb8ff438a
commit 1c15345442
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/DataSourceService.java
View File

@ -21,6 +21,7 @@ import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.TypeReference; import com.alibaba.fastjson.TypeReference;
import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import org.apache.commons.lang.StringUtils;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.Result; import org.apache.dolphinscheduler.api.utils.Result;
@ -159,8 +160,18 @@ public class DataSourceService extends BaseService{
putMsg(result, Status.DATASOURCE_EXIST); putMsg(result, Status.DATASOURCE_EXIST);
return result; return result;
} }
//check passwordif the password is not updated, set to the old password.
JSONObject paramObject = JSON.parseObject(parameter);
String password = paramObject.getString(Constants.PASSWORD);
if (StringUtils.isBlank(password)) {
String oldConnectionParams = dataSource.getConnectionParams();
JSONObject oldParams = JSON.parseObject(oldConnectionParams);
paramObject.put(Constants.PASSWORD, oldParams.getString(Constants.PASSWORD));
}
// connectionParams json
String connectionParams = paramObject.toJSONString();
Boolean isConnection = checkConnection(type, parameter); Boolean isConnection = checkConnection(type, connectionParams);
if (!isConnection) { if (!isConnection) {
logger.info("connect failed, type:{}, parameter:{}", type, parameter); logger.info("connect failed, type:{}, parameter:{}", type, parameter);
putMsg(result, Status.DATASOURCE_CONNECT_FAILED); putMsg(result, Status.DATASOURCE_CONNECT_FAILED);
@ -172,7 +183,7 @@ public class DataSourceService extends BaseService{
dataSource.setNote(desc); dataSource.setNote(desc);
dataSource.setUserName(loginUser.getUserName()); dataSource.setUserName(loginUser.getUserName());
dataSource.setType(type); dataSource.setType(type);
dataSource.setConnectionParams(parameter); dataSource.setConnectionParams(connectionParams);
dataSource.setUpdateTime(now); dataSource.setUpdateTime(now);
dataSourceMapper.updateById(dataSource); dataSourceMapper.updateById(dataSource);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
@ -257,7 +268,6 @@ public class DataSourceService extends BaseService{
map.put(PRINCIPAL, datasourceForm.getPrincipal()); map.put(PRINCIPAL, datasourceForm.getPrincipal());
map.put(DATABASE, database); map.put(DATABASE, database);
map.put(USER_NAME, datasourceForm.getUser()); map.put(USER_NAME, datasourceForm.getUser());
map.put(PASSWORD, datasourceForm.getPassword());
map.put(OTHER, otherMap); map.put(OTHER, otherMap);
result.put(Constants.DATA_LIST, map); result.put(Constants.DATA_LIST, map);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);