Merge pull request #27550 from rallytime/cloud-logging

[2015.8] Clean up salt-cloud logging and make it more useful

salt/cloud/clouds/linode.py

@@ -1385,7 +1385,7 @@ def _query(action=None,
         decode_type='json',
         text=True,
         status=True,
-        hide_fields=['api_key'],
+        hide_fields=['api_key', 'rootPass'],
         opts=__opts__,
     )
     log.debug(

salt/utils/http.py

@@ -805,11 +805,31 @@ def sanitize_url(url, hide_fields):
         if len(url_comps) > 1:
             log_url += '?'
         for pair in url_comps[1:]:
+            url_tmp = None
             for field in hide_fields:
-                if pair.startswith('{0}='.format(field)):
-                    log_url += '{0}=XXXXXXXXXX&'.format(field)
+                comps_list = pair.split('&')
+                if url_tmp:
+                    url_tmp = url_tmp.split('&')
+                    url_tmp = _sanitize_url_components(url_tmp, field)
                 else:
-                    log_url += '{0}&'.format(pair)
+                    url_tmp = _sanitize_url_components(comps_list, field)
+            log_url += url_tmp
         return log_url.rstrip('&')
     else:
         return str(url)
+
+
+def _sanitize_url_components(comp_list, field):
+    '''
+    Recursive function to sanitize each component of the url.
+    '''
+    if len(comp_list) == 0:
+        return ''
+    elif comp_list[0].startswith('{0}='.format(field)):
+        ret = '{0}=XXXXXXXXXX&'.format(field)
+        comp_list.remove(comp_list[0])
+        return ret + _sanitize_url_components(comp_list, field)
+    else:
+        ret = '{0}&'.format(comp_list[0])
+        comp_list.remove(comp_list[0])
+        return ret + _sanitize_url_components(comp_list, field)

tests/unit/utils/http_test.py

@@ -0,0 +1,100 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Nicole Thomas <nicole@saltstack.com>`
+'''
+
+# Import Salt Libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import TestCase, skipIf
+from salttesting.mock import NO_MOCK, NO_MOCK_REASON
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.utils import http
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class HTTPTestCase(TestCase):
+    '''
+    Unit TestCase for the salt.utils.http module.
+    '''
+
+    # sanitize_url tests
+
+    def test_sanitize_url_hide_fields_none(self):
+        '''
+        Tests sanitizing a url when the hide_fields kwarg is None.
+        '''
+        mock_url = 'https://api.testing.com/?&foo=bar&test=testing'
+        ret = http.sanitize_url(mock_url, hide_fields=None)
+        self.assertEqual(ret, mock_url)
+
+    def test_sanitize_url_no_elements(self):
+        '''
+        Tests sanitizing a url when no elements should be sanitized.
+        '''
+        mock_url = 'https://api.testing.com/?&foo=bar&test=testing'
+        ret = http.sanitize_url(mock_url, [''])
+        self.assertEqual(ret, mock_url)
+
+    def test_sanitize_url_single_element(self):
+        '''
+        Tests sanitizing a url with only a single element to be sanitized.
+        '''
+        mock_url = 'https://api.testing.com/?&keep_it_secret=abcdefghijklmn' \
+                   '&api_action=module.function'
+        mock_ret = 'https://api.testing.com/?&keep_it_secret=XXXXXXXXXX&' \
+                   'api_action=module.function'
+        ret = http.sanitize_url(mock_url, ['keep_it_secret'])
+        self.assertEqual(ret, mock_ret)
+
+    def test_sanitize_url_multiple_elements(self):
+        '''
+        Tests sanitizing a url with multiple elements to be sanitized.
+        '''
+        mock_url = 'https://api.testing.com/?rootPass=badpassword%21' \
+                   '&skipChecks=True&api_key=abcdefghijklmn' \
+                   '&NodeID=12345&api_action=module.function'
+        mock_ret = 'https://api.testing.com/?rootPass=XXXXXXXXXX' \
+                   '&skipChecks=True&api_key=XXXXXXXXXX' \
+                   '&NodeID=12345&api_action=module.function'
+        ret = http.sanitize_url(mock_url, ['api_key', 'rootPass'])
+        self.assertEqual(ret, mock_ret)
+
+    # _sanitize_components tests
+
+    def test_sanitize_components_no_elements(self):
+        '''
+        Tests when zero elements need to be sanitized.
+        '''
+        mock_component_list = ['foo=bar', 'bar=baz', 'hello=world']
+        mock_ret = 'foo=bar&bar=baz&hello=world&'
+        ret = http._sanitize_url_components(mock_component_list, 'api_key')
+        self.assertEqual(ret, mock_ret)
+
+    def test_sanitize_components_one_element(self):
+        '''
+        Tests a single component to be sanitized.
+        '''
+        mock_component_list = ['foo=bar', 'api_key=abcdefghijklmnop']
+        mock_ret = 'foo=bar&api_key=XXXXXXXXXX&'
+        ret = http._sanitize_url_components(mock_component_list, 'api_key')
+        self.assertEqual(ret, mock_ret)
+
+    def test_sanitize_components_multiple_elements(self):
+        '''
+        Tests two componenets to be sanitized.
+        '''
+        mock_component_list = ['foo=bar', 'foo=baz', 'api_key=testing']
+        mock_ret = 'foo=XXXXXXXXXX&foo=XXXXXXXXXX&api_key=testing&'
+        ret = http._sanitize_url_components(mock_component_list, 'foo')
+        self.assertEqual(ret, mock_ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(HTTPTestCase, needs_daemon=False)