diff options
| author | hcpp <hcpp@ydb.tech> | 2023-09-07 19:19:07 +0300 |
|---|---|---|
| committer | hcpp <hcpp@ydb.tech> | 2023-09-07 19:42:26 +0300 |
| commit | 449df93eb81d1e26c225f96f8840c9533b00b468 (patch) | |
| tree | 74f64529fa1688f344b0c4726ba8d04515b58dec | |
| parent | 075ff51a254caf6a053d8d8b4dec2c708516d52a (diff) | |
| download | ydb-449df93eb81d1e26c225f96f8840c9533b00b468.tar.gz | |
getting hidden fields for synchronization step
3 files changed, 30 insertions, 20 deletions
diff --git a/ydb/core/fq/libs/compute/ydb/synchronization_service/synchronization_service.cpp b/ydb/core/fq/libs/compute/ydb/synchronization_service/synchronization_service.cpp index c2439a5821..d6cde46c3d 100644 --- a/ydb/core/fq/libs/compute/ydb/synchronization_service/synchronization_service.cpp +++ b/ydb/core/fq/libs/compute/ydb/synchronization_service/synchronization_service.cpp @@ -450,6 +450,7 @@ private: Scope, request, "internal@user", "internal@token", {}, permissions, {}, {}, {} }}; + event->ExtractSensitiveFields = true; Send(ControlPlaneStorageServiceActorId(), event.release()); } @@ -461,6 +462,7 @@ private: Scope, request, "internal@user", "internal@token", {}, permissions, {}, {}, {} }}; + event->ExtractSensitiveFields = true; Send(ControlPlaneStorageServiceActorId(), event.release()); } @@ -485,6 +487,7 @@ private: Scope, request, "internal@user", "internal@token", {}, permissions, {}, {}, {} }}; + event->ExtractSensitiveFields = true; Send(ControlPlaneStorageServiceActorId(), event.release()); } diff --git a/ydb/core/fq/libs/control_plane_storage/events/events.h b/ydb/core/fq/libs/control_plane_storage/events/events.h index 5ef1b4bc5d..88f77b5beb 100644 --- a/ydb/core/fq/libs/control_plane_storage/events/events.h +++ b/ydb/core/fq/libs/control_plane_storage/events/events.h @@ -217,6 +217,7 @@ struct TEvControlPlaneStorage { TMaybe<TQuotaMap> Quotas; TTenantInfo::TPtr TenantInfo; FederatedQuery::Internal::ComputeDatabaseInternal ComputeDatabase; + bool ExtractSensitiveFields = false; }; template<typename TProtoMessage, ui32 EventType> diff --git a/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp b/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp index 412b5b28ea..79a32243f4 100644 --- a/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp +++ b/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp @@ -10,6 +10,26 @@ namespace NFq { +namespace { + +void PrepareSensitiveFields(::FederatedQuery::Connection& connection, bool extractSensitiveFields) { + if (extractSensitiveFields) { + return; + } + + auto& setting = *connection.mutable_content()->mutable_setting(); + if (setting.has_clickhouse_cluster()) { + auto& ch = *setting.mutable_clickhouse_cluster(); + ch.set_password(""); + } + if (setting.has_postgresql_cluster()) { + auto& pg = *setting.mutable_postgresql_cluster(); + pg.set_password(""); + } +} + +} + void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvCreateConnectionRequest::TPtr& ev) { TInstant startTime = TInstant::Now(); @@ -159,6 +179,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvListConnect requestCounters.IncInFly(); requestCounters.Common->RequestBytes->Add(event.GetByteSize()); const FederatedQuery::ListConnectionsRequest& request = event.Request; + bool extractSensitiveFields = event.ExtractSensitiveFields; const TString user = event.User; const TString pageToken = request.page_token(); @@ -243,7 +264,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvListConnect const auto query = queryBuilder.Build(); auto debugInfo = Config->Proto.GetEnableDebugMode() ? std::make_shared<TDebugInfo>() : TDebugInfoPtr{}; auto [result, resultSets] = Read(query.Sql, query.Params, requestCounters, debugInfo); - auto prepare = [resultSets=resultSets, limit] { + auto prepare = [resultSets=resultSets, limit, extractSensitiveFields] { if (resultSets->size() != 1) { ythrow TCodeLineException(TIssuesIds::INTERNAL_ERROR) << "Result set size is not equal to 1 but equal " << resultSets->size() << ". Please contact internal support"; } @@ -255,15 +276,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvListConnect if (!connection.ParseFromString(*parser.ColumnParser(CONNECTION_COLUMN_NAME).GetOptionalString())) { ythrow TCodeLineException(TIssuesIds::INTERNAL_ERROR) << "Error parsing proto message for connection. Please contact internal support"; } - auto& setting = *connection.mutable_content()->mutable_setting(); - if (setting.has_clickhouse_cluster()) { - auto& ch = *setting.mutable_clickhouse_cluster(); - ch.set_password(""); - } - if (setting.has_postgresql_cluster()) { - auto& pg = *setting.mutable_postgresql_cluster(); - pg.set_password(""); - } + PrepareSensitiveFields(connection, extractSensitiveFields); } if (result.connection_size() == limit + 1) { @@ -303,6 +316,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvDescribeCon const TString user = event.User; const TString connectionId = request.connection_id(); const TString token = event.Token; + const bool extractSensitiveFields = event.ExtractSensitiveFields; TPermissions permissions = Config->Proto.GetEnablePermissions() ? event.Permissions : TPermissions{TPermissions::VIEW_PUBLIC}; @@ -360,16 +374,8 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvDescribeCon if (!hasViewAccess) { ythrow TCodeLineException(TIssuesIds::ACCESS_DENIED) << "Connection does not exist or permission denied. Please check the id connection or your access rights"; } - - auto& setting = *result.mutable_connection()->mutable_content()->mutable_setting(); - if (setting.has_clickhouse_cluster()) { - auto& ch = *setting.mutable_clickhouse_cluster(); - ch.set_password(""); - } - if (setting.has_postgresql_cluster()) { - auto& pg = *setting.mutable_postgresql_cluster(); - pg.set_password(""); - } + + PrepareSensitiveFields(*result.mutable_connection(), extractSensitiveFields); return result; }; |