Skip to content

Commit

Permalink
Merge pull request jly8866#91 from hhyo/github
Browse files Browse the repository at this point in the history
邮件支持配置SSL,脱敏细节调整
  • Loading branch information
Mr.July authored Aug 8, 2018
2 parents 1d0925f + 3575dc5 commit 582e9fb
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 17 deletions.
4 changes: 2 additions & 2 deletions archer/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,7 @@
# 'level': 'DEBUG',
# 'propagate': False,
# },
'django.request': { # 打印SQL语句到console,方便开发
'django.request': { # 打印错误堆栈信息到console,方便开发
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
Expand All @@ -244,7 +244,7 @@

# 是否开启邮件提醒功能:发起SQL上线后会发送邮件提醒审核人审核,执行完毕会发送给DBA. on是开,off是关,配置为其他值均会被archer认为不开启邮件功能
MAIL_ON_OFF = 'off'

MAIL_SSL = False # 是否使用SSL
MAIL_REVIEW_SMTP_SERVER = 'mail.xxx.com'
MAIL_REVIEW_SMTP_PORT = 25
MAIL_REVIEW_FROM_ADDR = '[email protected]' # 发件人,也是登录SMTP server需要提供的用户名
Expand Down
23 changes: 13 additions & 10 deletions sql/data_masking.py
Original file line number Diff line number Diff line change
Expand Up @@ -149,10 +149,13 @@ def analy_query_tree(self, query_tree, cluster_name):
for select_item in select_list:
if select_item['type'] not in ('FIELD_ITEM', 'aggregate'):
raise Exception('不支持该查询语句脱敏!')
if select_item['type'] == 'aggregate':
if select_item['aggregate'].get('type') != 'FIELD_ITEM':
raise Exception('不支持该查询语句脱敏!')

# 获取select信息的规则,仅处理type为FIELD_ITEM和aggregate类型的select信息,如[*],[*,column_a],[column_a,*],[column_a,a.*,column_b],[a.*,column_a,b.*],
select_index = [
select_item['field'] if select_item['type'] == 'FIELD_ITEM' else select_item['aggregate']['field'] for
select_item['field'] if select_item['type'] == 'FIELD_ITEM' else select_item['aggregate'].get('field') for
select_item in select_list if select_item['type'] in ('FIELD_ITEM', 'aggregate')]

# 处理select_list,为统一的{'type': 'FIELD_ITEM', 'db': 'archer_master', 'table': 'sql_users', 'field': 'email'}格式
Expand All @@ -174,39 +177,39 @@ def analy_query_tree(self, query_tree, cluster_name):
# 找出field不为* 的列信息, 循环判断列是否命中脱敏规则,并增加规则类型和index,index采取后切片
for index, item in enumerate(select_list):
item['index'] = index - len(select_list)
if item['field'] != '*':
if item.get('field') != '*':
columns.append(item)

# [column_a, *]
elif re.match(r"^(\w,?)+(\*,?)+$", ','.join(select_index)):
# 找出field不为* 的列信息, 循环判断列是否命中脱敏规则,并增加规则类型和index,index采取前切片
for index, item in enumerate(select_list):
item['index'] = index
if item['field'] != '*':
if item.get('field') != '*':
columns.append(item)

# [column_a,a.*,column_b]
elif re.match(r"^(\w,?)+(\*,?)+(\w,?)+$", ','.join(select_index)):
# 找出field不为* 的列信息, 循环判断列是否命中脱敏规则,并增加规则类型和index,*前面的字段index采取前切片,*后面的字段采取后切片
for index, item in enumerate(select_list):
item['index'] = index
if item['field'] == '*':
if item.get('field') == '*':
first_idx = index
break

select_list.reverse()
for index, item in enumerate(select_list):
item['index'] = index
if item['field'] == '*':
if item.get('field') == '*':
last_idx = len(select_list) - index - 1
break

select_list.reverse()
for index, item in enumerate(select_list):
if item['field'] != '*' and index < first_idx:
if item.get('field') != '*' and index < first_idx:
item['index'] = index

if item['field'] != '*' and index > last_idx:
if item.get('field') != '*' and index > last_idx:
item['index'] = index - len(select_list)
columns.append(item)

Expand All @@ -218,13 +221,13 @@ def analy_query_tree(self, query_tree, cluster_name):
else:
for index, item in enumerate(select_list):
item['index'] = index
if item['field'] != '*':
if item.get('field') != '*':
columns.append(item)

# 格式化命中的列信息
for column in columns:
hit_info = self.hit_column(DataMaskingColumnsOb, cluster_name, column['db'], column['table'],
column['field'])
hit_info = self.hit_column(DataMaskingColumnsOb, cluster_name, column.get('db'), column.get('table'),
column.get('field'))
if hit_info['is_hit']:
hit_info['index'] = column['index']
hit_columns.append(hit_info)
Expand Down
19 changes: 14 additions & 5 deletions sql/sendmail.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
#!/usr/bin/env python
# -*- coding: UTF-8 -*-

import traceback
from multiprocessing import Process
import email
from email import encoders
Expand All @@ -10,6 +9,9 @@
import smtplib

from django.conf import settings
import logging

logger = logging.getLogger('default')


class MailSender(object):
Expand All @@ -20,6 +22,7 @@ def __init__(self):
self.MAIL_REVIEW_SMTP_PORT = int(getattr(settings, 'MAIL_REVIEW_SMTP_PORT'))
self.MAIL_REVIEW_FROM_ADDR = getattr(settings, 'MAIL_REVIEW_FROM_ADDR')
self.MAIL_REVIEW_FROM_PASSWORD = getattr(settings, 'MAIL_REVIEW_FROM_PASSWORD')
self.SSL = getattr(settings, 'MAIL_SSL')

except AttributeError as a:
print("Error: %s" % a)
Expand Down Expand Up @@ -72,7 +75,10 @@ def _send(self, strTitle, strContent, listToAddr, **kwargs):
main_msg['Subject'] = Header(strTitle, "utf-8").encode()
main_msg['Date'] = email.utils.formatdate()

server = smtplib.SMTP(self.MAIL_REVIEW_SMTP_SERVER, self.MAIL_REVIEW_SMTP_PORT) # SMTP协议默认端口是25
if self.SSL:
server = smtplib.SMTP_SSL(self.MAIL_REVIEW_SMTP_SERVER, self.MAIL_REVIEW_SMTP_PORT) # SMTP协议默认SSL端口是465
else:
server = smtplib.SMTP(self.MAIL_REVIEW_SMTP_SERVER, self.MAIL_REVIEW_SMTP_PORT) # SMTP协议默认端口是25
# server.set_debuglevel(1)

# 如果提供的密码为空,则不需要登录SMTP server
Expand All @@ -83,5 +89,8 @@ def _send(self, strTitle, strContent, listToAddr, **kwargs):

# 调用方应该调用此方法,采用子进程方式异步阻塞地发送邮件,避免邮件服务挂掉影响archer主服务
def sendEmail(self, strTitle, strContent, listToAddr, **kwargs):
p = Process(target=self._send, args=(strTitle, strContent, listToAddr), kwargs=kwargs)
p.start()
try:
p = Process(target=self._send, args=(strTitle, strContent, listToAddr), kwargs=kwargs)
p.start()
except Exception:
logger.error(traceback.format_exc())

0 comments on commit 582e9fb

Please sign in to comment.