diff --git a/src/main/perl/Process.pm b/src/main/perl/Process.pm index f67173a4..7bb106b9 100644 --- a/src/main/perl/Process.pm +++ b/src/main/perl/Process.pm @@ -103,6 +103,17 @@ regardless of any value for C. By default, commands modify the state and thus C is false. +=item C + +A boolean specifying whether the arguments contain sensitive information +(like passwords). If C is true, the commandline will not be reported +(by default when C option is used, the commandline is reported +with verbose level). + +This does not cover command output. If the output (stdout and/or stderr) contains +sensitve information, make sure to handle it yourself via C and/or C +options (or by using the C method). + =back These options will only be used by the execute method. @@ -122,6 +133,8 @@ sub _initialize $self->{NoAction} = 0 }; + $self->{sensitive} = $opts{sensitive}; + $self->{COMMAND} = $command; $self->setopts (%opts); @@ -145,7 +158,9 @@ sub _LC_Process my ($self, $function, $args, $noaction_value, $msg, $postmsg) = @_; $msg =~ s/^(\w)/Not \L$1/ if $self->noAction(); - $self->verbose("$msg command: ", $self->stringify_command(), (defined($postmsg) ? " $postmsg" : '')); + $self->verbose("$msg command: ", + ($self->{sensitive} ? "$self->{COMMAND}->[0] " : $self->stringify_command()), + (defined($postmsg) ? " $postmsg" : '')); if ($self->noAction()) { $self->debug(1, "LC_Process in noaction mode for $function"); diff --git a/src/test/perl/process.t b/src/test/perl/process.t index 04e1de2b..1865454c 100644 --- a/src/test/perl/process.t +++ b/src/test/perl/process.t @@ -84,6 +84,7 @@ like ($str, qr/Executing.*ls a random command.*stdin.*Something/, "execute_if_exists does the same as execute"); is ($opts{stdin}, "Something", "execute_if_exists does the same thing as execute"); + $str = ""; open ($fh, ">", \$str); $this_app->config_reporter(logfile => $fh); @@ -109,6 +110,17 @@ $p->toutput (10); is ($toutput, 2, "Logged toutput correctly run"); like ($str, qr/Getting output of command: ls a random command.* with 10 seconds/, "toutput logged"); + +$str = ""; +open ($fh, ">", \$str); +$this_app->config_reporter(logfile => $fh); +my $ps = CAF::Process->new ($command, log => $this_app, + stdin => "Something", sensitive => 1); +$ps->run (); +like ($str, qr/Running the command: ls /, + "run logged with sensitive mode (command not in log)"); + + init_test(); # Let's test the rest of the commands $p->pushargs (qw (this does not matter at all)); @@ -156,15 +168,15 @@ is($p->get_executable, "ls", "get_executable returns executable"); my $ls = $p->is_executable; like($ls, qr{^/.*ls$}, "Test ls basename resolved to absolute path"); -$p = CAF::Process->new([$ls]); +$p = CAF::Process->new([$ls]); is($p->is_executable, $ls, "Test absolute path"); -$p = CAF::Process->new([qw(doesnotexists)]); +$p = CAF::Process->new([qw(doesnotexists)]); ok(! defined($p->is_executable), "Test can't resolve basename"); is($p->execute_if_exists, 1, "Fails to execute non-existing executable, returns 1"); # empty command process -$p = CAF::Process->new([]); +$p = CAF::Process->new([]); is("$p", "", "Empty command process is empty string"); ok(! $p, "Empty process is logical false (autogeneration of overloaded bool via new stringify)");