Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

Update "execCommand()" function on ACC

muralipraveenr1
Level 2
Level 2

Hi All,

 

As part of a requirement, we want to remove some logging statements in the function "execCommand(systemCommand, true)"  in the Workflow javascript activity.

but we couldn't find the origin/implementation of this function in any of the javascript codes on the client console.

 

Please help us, where we can edit this function.

 

Thanks in Advance.

execCommand javascript
1 Accepted Solution
wodnicki
Correct answer by
Community Advisor
Community Advisor

Hi,

 

The workflow logs are mutable- they're just rows in xtk:workflowLog.

Create a wrapper for execCommand() that runs execCommand and then deletes the log rows it generated.

 

Thanks,

-Jon

View solution in original post

6 Replies
Darren_Bowers
Community Advisor
Community Advisor

Hi @muralipraveenr1 - can you give us an example of the logs you are seeing?

muralipraveenr1
Level 2
Level 2

Hi @Darren_Bowers ,

LOG: XSV-350201 Execute the command 'curl -v  -k 'sftp://<serverURL>' --user "username:password" -Q "rm ‘filename’” with user.

As you can see we had to pass the password as part of the curl command, but with the command getting logged, there’s a chance for the password breach to the groups which are not intended to see the password. so if there's any way to avoid this log that would be helpful.

Thanks!

DavidKangni
Community Advisor
Community Advisor

Hi Murali,

 

I think you have 2 options

- create an external account with the sftp credentials and use it in a workflow. Normally the info will not be visible.

- write a js a which refer options that you defined

var ftp_Cnnct = {
"url": "xxx-dev.neolane.net",
"port": "22",
"user": "to be modified",
"pwd": "to be modified",
};

var cmd = "curl -k -o " + dav_FOLDER + fName + ".csv -v -u " + ftpCnnct.user + ":" + ftpCnnct.pwd + " \"sftp://" + ftpCnnct.url + ":" + ftpCnnct.port + src_FOLDER + fName + ".csv\"";

vars.fileName = dav_FOLDER + fName + ".csv";

logInfo('Runing command : ' + cmd);
logInfo('FolderLocation : ' + vars.fileName);

var result = exec(cmd);

 

Thanks

David

Darren_Bowers
Community Advisor
Community Advisor
Hi @muralipraveenr1 - The other option you have is to use certificates with cURL instead of passwords. See if this can be set up at the remote end then add the correct parameters to curl: http://www.rajatswarup.com/blog/2007/03/10/using-certificates-with-curl/
Milan_Vucetic
Community Advisor
Community Advisor

Hi @muralipraveenr1 

 

I do not think this is possible.

You can blacklist some commands (like: ln, dd, openssl, curl, wget, python, python3, perl, ruby, sh, bash, dash, zsh, base64, nlserver, node, phantomjs, java, awk, nc, telnet, ssh, scp, ftp) in exec part in serverConf.xml

You may try with execCommand(systemCommand, false) which should disable output.

If not, you may consider using Bash script inside JS to avoid this command.

 

Regards,

Milan

wodnicki
Correct answer by
Community Advisor
Community Advisor

Hi,

 

The workflow logs are mutable- they're just rows in xtk:workflowLog.

Create a wrapper for execCommand() that runs execCommand and then deletes the log rows it generated.

 

Thanks,

-Jon

View solution in original post