diff options
| author | Alexey Efimov <xeno@prnwatch.com> | 2022-02-28 21:20:54 +0300 |
|---|---|---|
| committer | Alexey Efimov <xeno@prnwatch.com> | 2022-02-28 21:20:54 +0300 |
| commit | e479ed951562bbc29537a54830768f0b0784c504 (patch) | |
| tree | ea6c0c165ede8affd5a17d51e086c45cb07170b2 | |
| parent | 93f07d505bc32b305ac64f7248ec3fd24e4b849f (diff) | |
| download | ydb-e479ed951562bbc29537a54830768f0b0784c504.tar.gz | |
filter out queries with user and password sequencies KIKIMR-14245
ref:b83ca954214890c778c2c7ef037c8f224238b4d5
| -rw-r--r-- | ydb/core/kqp/kqp_worker_actor.cpp | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/ydb/core/kqp/kqp_worker_actor.cpp b/ydb/core/kqp/kqp_worker_actor.cpp index cccb8a51e8..1b27348e64 100644 --- a/ydb/core/kqp/kqp_worker_actor.cpp +++ b/ydb/core/kqp/kqp_worker_actor.cpp @@ -1807,9 +1807,12 @@ private: case NKikimrKqp::QUERY_TYPE_SQL_SCAN: case NKikimrKqp::QUERY_TYPE_SQL_SCRIPT: case NKikimrKqp::QUERY_TYPE_SQL_SCRIPT_STREAMING: { - auto userSID = NACLib::TUserToken(QueryState->UserToken).GetUserSID(); - NSysView::CollectQueryStats(ctx, stats, queryDuration, ExtractQueryText(), - userSID, QueryState->ParametersSize, database, type, requestUnits); + TString text = ExtractQueryText(); + if (IsQueryAllowedToLog(text)) { + auto userSID = NACLib::TUserToken(QueryState->UserToken).GetUserSID(); + NSysView::CollectQueryStats(ctx, stats, queryDuration, text, + userSID, QueryState->ParametersSize, database, type, requestUnits); + } break; } default: @@ -1817,6 +1820,21 @@ private: } } + bool IsQueryAllowedToLog(const TString& text) { + static const TString user = "user"; + static const TString password = "password"; + auto itUser = std::search(text.begin(), text.end(), user.begin(), user.end(), [](const char a, const char b) -> bool { + return std::tolower(a) == b; + }); + if (itUser == text.end()) { + return true; + } + auto itPassword = std::search(itUser, text.end(), password.begin(), password.end(), [](const char a, const char b) -> bool { + return std::tolower(a) == b; + }); + return itPassword == text.end(); + } + TString ExtractQueryText() const { auto compileResult = QueryState->QueryCompileResult; if (compileResult) { |