datahub-project · pinakipb2 · Apr 18, 2024 · Apr 18, 2024 · Apr 18, 2024 · Apr 18, 2024
diff --git a/datahub-frontend/app/controllers/SsoCallbackController.java b/datahub-frontend/app/controllers/SsoCallbackController.java
@@ -66,7 +66,8 @@ public SsoCallbackController(
 
   public CompletionStage<Result> handleCallback(String protocol, Http.Request request) {
     if (shouldHandleCallback(protocol)) {
-      log.debug(String.format("Handling SSO callback. Protocol: %s", protocol));
+      log.debug("Handling SSO callback. Protocol: {}",
+        _ssoManager.getSsoProvider().protocol().getCommonName());
       return callback(request)
           .handle(
               (res, e) -> {

diff --git a/.../src/main/java/com/linkedin/datahub/graphql/resolvers/auth/RevokeAccessTokenResolver.java b/.../src/main/java/com/linkedin/datahub/graphql/resolvers/auth/RevokeAccessTokenResolver.java
@@ -41,7 +41,7 @@ public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throw
           final QueryContext context = environment.getContext();
           final String tokenId = bindArgument(environment.getArgument("tokenId"), String.class);
 
-          log.info("User {} revoking access token {}", context.getActorUrn(), tokenId);
+          log.info("User {} revoking access token", context.getActorUrn());
 
           if (isAuthorizedToRevokeToken(context, tokenId)) {
             try {

diff --git a/.../main/java/com/linkedin/datahub/graphql/resolvers/ingest/secret/DeleteSecretResolver.java b/.../main/java/com/linkedin/datahub/graphql/resolvers/ingest/secret/DeleteSecretResolver.java
@@ -23,16 +23,16 @@ public DeleteSecretResolver(final EntityClient entityClient) {
   public CompletableFuture<String> get(final DataFetchingEnvironment environment) throws Exception {
     final QueryContext context = environment.getContext();
     if (IngestionAuthUtils.canManageSecrets(context)) {
-      final String secretUrn = environment.getArgument("urn");
-      final Urn urn = Urn.createFromString(secretUrn);
+      final String inputUrn = environment.getArgument("urn");
+      final Urn urn = Urn.createFromString(inputUrn);
       return GraphQLConcurrencyUtils.supplyAsync(
           () -> {
             try {
               _entityClient.deleteEntity(context.getOperationContext(), urn);
-              return secretUrn;
+              return inputUrn;
             } catch (Exception e) {
               throw new RuntimeException(
-                  String.format("Failed to perform delete against secret with urn %s", secretUrn),
+                  String.format("Failed to perform delete against secret with urn %s", inputUrn),
                   e);
             }
           },

diff --git a/...-core/src/main/java/com/linkedin/datahub/graphql/resolvers/ingest/secret/SecretUtils.java b/...-core/src/main/java/com/linkedin/datahub/graphql/resolvers/ingest/secret/SecretUtils.java
@@ -25,7 +25,7 @@ static String encrypt(String value, String secret) {
       } catch (NoSuchAlgorithmException e) {
         e.printStackTrace();
       }
-      Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+      Cipher cipher = Cipher.getInstance("AES");
       cipher.init(Cipher.ENCRYPT_MODE, secretKey);
       return Base64.getEncoder()
           .encodeToString(cipher.doFinal(value.getBytes(StandardCharsets.UTF_8)));
@@ -48,7 +48,7 @@ static String decrypt(String encryptedValue, String secret) {
       } catch (NoSuchAlgorithmException e) {
         e.printStackTrace();
       }
-      Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
+      Cipher cipher = Cipher.getInstance("AES");
       cipher.init(Cipher.DECRYPT_MODE, secretKey);
       return new String(cipher.doFinal(Base64.getDecoder().decode(encryptedValue)));
     } catch (Exception e) {

diff --git a/datahub-web-react/src/app/entity/dataset/profile/schema/utils/translateFieldPathSegment.tsx b/datahub-web-react/src/app/entity/dataset/profile/schema/utils/translateFieldPathSegment.tsx
@@ -28,7 +28,7 @@ export default function translateFieldPathSegment(fieldPathSegment, i, fieldPath
     // structs that qualify a union are represented as [union]union_field.[type=QualifiedStruct].qualified_struct_field
     // we convert into union_field. (QualifiedStruct) qualified_struct_field
     if (fieldPathSegment.startsWith('[type=') && fieldPathSegment.endsWith(']')) {
-        const typeName = fieldPathSegment.replace('[type=', '').replace(']', '');
+        const typeName = fieldPathSegment.replace(/\[type=/g, '').replace(/\]/g, '');
         // if the qualified struct is the last element, just show the qualified struct
         if (i === fieldPathParts.length - 1) {
             return ` ${typeName}`;

diff --git a/entity-registry/src/main/java/com/linkedin/metadata/models/extractor/FieldExtractor.java b/entity-registry/src/main/java/com/linkedin/metadata/models/extractor/FieldExtractor.java
@@ -42,7 +42,7 @@ public static <T extends FieldSpec> Map<T, List<Object>> extractFields(
       if (!value.isPresent()) {
         extractedFields.put(fieldSpec, Collections.emptyList());
       } else {
-        long numArrayWildcards = getNumArrayWildcards(fieldSpec.getPath());
+        int numArrayWildcards = (int) getNumArrayWildcards(fieldSpec.getPath());
         // Not an array field
         if (numArrayWildcards == 0) {
           // For maps, convert it into a list of the form key=value (Filter out long values)

diff --git a/metadata-ingestion/src/datahub/configuration/git.py b/metadata-ingestion/src/datahub/configuration/git.py
@@ -1,5 +1,6 @@
 import pathlib
 from typing import Any, Dict, Optional, Union
+from urllib.parse import urlparse
 
 from pydantic import Field, FilePath, SecretStr, validator
 
@@ -39,10 +40,12 @@ class GitReference(ConfigModel):
 
     @validator("repo", pre=True)
     def simplify_repo_url(cls, repo: str) -> str:
-        if repo.startswith("github.com/"):
-            repo = f"https://{repo}"
-        elif repo.startswith("gitlab.com"):
-            repo = f"https://{repo}"
+        repo_host = urlparse(repo).hostname
+        allowedHosts = ["github.com", "www.github.com", "gitlab.com", "www.gitlab.com"]
+        if repo_host in allowedHosts and (
+            repo.startswith("github.com/") or repo.startswith("gitlab.com")
+        ):
+            return f"https://{repo}"
         elif repo.count("/") == 1:
             repo = f"https://github.com/{repo}"
 

diff --git a/metadata-ingestion/src/datahub/ingestion/source/mode.py b/metadata-ingestion/src/datahub/ingestion/source/mode.py
@@ -741,7 +741,7 @@ def _replace_definitions(self, raw_query: str) -> str:
     def _parse_definition_name(self, definition_variable: str) -> Tuple[str, str]:
         name, alias = "", ""
         # i.e '{{ @join_on_definition as alias}}'
-        name_match = re.findall("@[a-zA-z]+", definition_variable)
+        name_match = re.findall("@[a-zA-Z]+", definition_variable)
         if len(name_match):
             name = name_match[0][1:]
         alias_match = re.findall(

diff --git a/metadata-io/src/main/java/com/linkedin/metadata/systemmetadata/ESSystemMetadataDAO.java b/metadata-io/src/main/java/com/linkedin/metadata/systemmetadata/ESSystemMetadataDAO.java
@@ -54,10 +54,7 @@ public Optional<GetTaskResponse> getTaskStatus(@Nonnull String nodeId, long task
     try {
       return client.tasks().get(taskRequest, RequestOptions.DEFAULT);
     } catch (IOException e) {
-      log.error(
-          String.format(
-              "ERROR: Failed to get task status for %s:%d. See stacktrace for a more detailed error:",
-              nodeId, taskId));
+      log.error("ERROR: Failed to get task status: ", e);
       e.printStackTrace();
     }
     return Optional.empty();

diff --git a/...ta-operation-context/src/main/java/io/datahubproject/metadata/services/SecretService.java b/...ta-operation-context/src/main/java/io/datahubproject/metadata/services/SecretService.java
@@ -50,7 +50,7 @@ public String encrypt(String value) {
       } catch (NoSuchAlgorithmException e) {
         e.printStackTrace();
       }
-      Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+      Cipher cipher = Cipher.getInstance("AES");
       cipher.init(Cipher.ENCRYPT_MODE, secretKey);
       return _encoder.encodeToString(cipher.doFinal(value.getBytes(StandardCharsets.UTF_8)));
     } catch (Exception e) {
@@ -72,7 +72,7 @@ public String decrypt(String encryptedValue) {
       } catch (NoSuchAlgorithmException e) {
         e.printStackTrace();
       }
-      Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
+      Cipher cipher = Cipher.getInstance("AES");
       cipher.init(Cipher.DECRYPT_MODE, secretKey);
       return new String(cipher.doFinal(_decoder.decode(encryptedValue)));
     } catch (Exception e) {

diff --git a/...uth-filter/src/main/java/com/datahub/auth/authentication/filter/AuthenticationFilter.java b/...uth-filter/src/main/java/com/datahub/auth/authentication/filter/AuthenticationFilter.java
@@ -92,7 +92,7 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
           "Failed to authenticate request. Received an AuthenticationExpiredException from authenticator chain.",
           e);
       ((HttpServletResponse) response)
-          .sendError(HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
+          .sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized to perform this action.");
       return;
     }
 

diff --git a/...uth-servlet-impl/src/main/java/com/datahub/auth/authentication/AuthServiceController.java b/...uth-servlet-impl/src/main/java/com/datahub/auth/authentication/AuthServiceController.java
@@ -123,7 +123,7 @@ CompletableFuture<ResponseEntity<String>> generateSessionTokenForUser(
     try {
       bodyJson = mapper.readTree(jsonStr);
     } catch (JsonProcessingException e) {
-      log.error("Failed to parse json while attempting to generate session token {}", jsonStr, e);
+      log.error("Failed to parse json while attempting to generate session token ", e);
       return CompletableFuture.completedFuture(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
     }
     if (bodyJson == null) {
@@ -193,7 +193,7 @@ CompletableFuture<ResponseEntity<String>> signUp(final HttpEntity<String> httpEn
     try {
       bodyJson = mapper.readTree(jsonStr);
     } catch (JsonProcessingException e) {
-      log.debug("Failed to parse json while attempting to create native user", e);
+      log.error("Failed to parse json while attempting to create native user ", e);
       return CompletableFuture.completedFuture(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
     }
     if (bodyJson == null) {
@@ -238,7 +238,7 @@ CompletableFuture<ResponseEntity<String>> signUp(final HttpEntity<String> httpEn
           try {
             Urn inviteTokenUrn = _inviteTokenService.getInviteTokenUrn(inviteTokenString);
             if (!_inviteTokenService.isInviteTokenValid(systemOperationContext, inviteTokenUrn)) {
-              log.error("Invalid invite token {}", inviteTokenString);
+              log.error("Invalid invite token !");
               return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
             }
 
@@ -282,7 +282,7 @@ CompletableFuture<ResponseEntity<String>> resetNativeUserCredentials(
     try {
       bodyJson = mapper.readTree(jsonStr);
     } catch (JsonProcessingException e) {
-      log.debug("Failed to parse json while attempting to create native user", e);
+      log.error("Failed to parse json while attempting to create native user ", e);
       return CompletableFuture.completedFuture(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
     }
     if (bodyJson == null) {
@@ -340,7 +340,7 @@ CompletableFuture<ResponseEntity<String>> verifyNativeUserCredentials(
     try {
       bodyJson = mapper.readTree(jsonStr);
     } catch (JsonProcessingException e) {
-      log.debug("Failed to parse json while attempting to verify native user password", e);
+      log.error("Failed to parse json while attempting to verify native user password ", e);
       return CompletableFuture.completedFuture(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
     }
     if (bodyJson == null) {
@@ -386,7 +386,7 @@ CompletableFuture<ResponseEntity<String>> track(final HttpEntity<String> httpEnt
     try {
       bodyJson = mapper.readTree(jsonStr);
     } catch (JsonProcessingException e) {
-      log.error("Failed to parse json while attempting to track analytics event {}", jsonStr);
+      log.error("Failed to parse json while attempting to track analytics event ", e);
       return CompletableFuture.completedFuture(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
     }
     if (bodyJson == null) {

diff --git a/...ories/src/main/java/com/linkedin/metadata/boot/steps/IngestDataPlatformInstancesStep.java b/...ories/src/main/java/com/linkedin/metadata/boot/steps/IngestDataPlatformInstancesStep.java
@@ -61,7 +61,7 @@ public void execute(@Nonnull OperationContext systemOperationContext) throws Exc
     long numEntities = _migrationsDao.countEntities();
     int start = 0;
 
-    while (start < numEntities) {
+    while (start < (int) numEntities) {
       log.info(
           "Reading urns {} to {} from the aspects table to generate dataplatform instance aspects",
           start,

diff --git a/...ata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java b/...ata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java
@@ -75,7 +75,7 @@ CompletableFuture<ResponseEntity<String>> postGraphQL(
     try {
       bodyJson = mapper.readTree(jsonStr);
     } catch (JsonProcessingException e) {
-      log.error("Failed to parse json {}", jsonStr);
+      log.error("Failed to parse json ", e);
       return CompletableFuture.completedFuture(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
     }
 

diff --git a/...let/src/main/java/io/datahubproject/openapi/schema/registry/SchemaRegistryController.java b/...let/src/main/java/io/datahubproject/openapi/schema/registry/SchemaRegistryController.java
@@ -307,7 +307,11 @@ public ResponseEntity<RegisterSchemaResponse> register(
             })
         .orElseGet(
             () -> {
-              log.error("Couldn't find topic with name {}.", topicName);
+              if (topicName.matches("^[a-zA-Z0-9._-]+$")) {
+                log.error("Couldn't find topic with name {}.", topicName);
+              } else {
+                log.error("Couldn't find topic (Malformed topic name)");
+              }
               return new ResponseEntity<>(HttpStatus.NOT_FOUND);
             });
   }

diff --git a/smoke-test/tests/cypress/cypress/e2e/mutations/dataset_ownership.js b/smoke-test/tests/cypress/cypress/e2e/mutations/dataset_ownership.js
@@ -1,4 +1,4 @@
-const test_id = Math.floor(Math.random() * 100000);
+const test_id = crypto.getRandomValues(new Uint32Array(1))[0];
 const username = `Example Name ${test_id}`;
 const email = `example${test_id}@example.com`;
 const password = "Example password";

diff --git a/smoke-test/tests/cypress/cypress/e2e/mutations/ingestion_source.js b/smoke-test/tests/cypress/cypress/e2e/mutations/ingestion_source.js
@@ -1,4 +1,4 @@
-const number = Math.floor(Math.random() * 100000);
+const number = crypto.getRandomValues(new Uint32Array(1))[0];
 const accound_id = `account${number}`;
 const warehouse_id = `warehouse${number}`;
 const username = `user${number}`;

diff --git a/smoke-test/tests/cypress/cypress/e2e/mutations/managing_secrets.js b/smoke-test/tests/cypress/cypress/e2e/mutations/managing_secrets.js
@@ -1,4 +1,4 @@
-const number = Math.floor(Math.random() * 100000);
+const number = crypto.getRandomValues(new Uint32Array(1))[0];
 const accound_id = `account${number}`;
 const warehouse_id = `warehouse${number}`;
 const username = `user${number}`;

diff --git a/smoke-test/tests/cypress/cypress/e2e/settings/managing_groups.js b/smoke-test/tests/cypress/cypress/e2e/settings/managing_groups.js
@@ -1,4 +1,4 @@
-const test_id = Math.floor(Math.random() * 100000);
+const test_id = crypto.getRandomValues(new Uint32Array(1))[0];
 const username = `Example Name ${test_id}`;
 const email = `example${test_id}@example.com`;
 const password = "Example password";