-
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathparam_logger_test.go
126 lines (100 loc) · 3.34 KB
/
param_logger_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
package paramlogger
import (
"net/url"
"testing"
"github.com/gobuffalo/buffalo"
"github.com/gobuffalo/httptest"
"github.com/sirupsen/logrus"
"github.com/stretchr/testify/require"
)
func Test_maskSecrets(t *testing.T) {
r := require.New(t)
pl := parameterLogger{}
filteredForm := pl.maskSecrets(url.Values{
"FirstName": []string{"Antonio"},
"MiddleName": []string{"José"},
"LastName": []string{"Pagano"},
"Password": []string{"Secret!"},
"password": []string{"Other"},
"pAssWorD": []string{"Weird one"},
"PasswordConfirmation": []string{"Secret!"},
"SomeCVC": []string{"Untouched"},
})
r.Equal(filteredForm.Get("Password"), filteredIndicator[0])
r.Equal(filteredForm.Get("password"), filteredIndicator[0])
r.Equal(filteredForm.Get("pAssWorD"), filteredIndicator[0])
r.Equal(filteredForm.Get("PasswordConfirmation"), filteredIndicator[0])
r.Equal(filteredForm.Get("LastName"), "Pagano")
r.Equal(filteredForm.Get("SomeCVC"), "Untouched")
}
func Test_maskSecretsCustom(t *testing.T) {
r := require.New(t)
pl := parameterLogger{
excluded: []string{
"FirstName", "LastName", "MiddleName",
},
}
filteredForm := pl.maskSecrets(url.Values{
"FirstName": []string{"Antonio"},
"MiddleName": []string{"José"},
"LastName": []string{"Pagano"},
"Password": []string{"Secret!"},
"password": []string{"Other"},
"pAssWorD": []string{"Weird one"},
"PasswordConfirmation": []string{"Secret!"},
"SomeCVC": []string{"Untouched"},
})
r.Equal(filteredForm.Get("Password"), "Secret!")
r.Equal(filteredForm.Get("password"), "Other")
r.Equal(filteredForm.Get("LastName"), filteredIndicator[0])
r.Equal(filteredForm.Get("SomeCVC"), "Untouched")
}
var lastEntry *logrus.Entry
type testHook struct{}
func (th testHook) Levels() []logrus.Level {
return logrus.AllLevels
}
func (th testHook) Fire(entry *logrus.Entry) error {
lastEntry = entry
return nil
}
type testLogger struct {
logrus.FieldLogger
}
func (l testLogger) WithField(s string, i interface{}) buffalo.Logger {
return testLogger{l.FieldLogger.WithField(s, i)}
}
func (l testLogger) WithFields(m map[string]interface{}) buffalo.Logger {
return testLogger{l.FieldLogger.WithFields(m)}
}
func newTestLogger() testLogger {
l := logrus.New()
l.AddHook(testHook{})
l.Level, _ = logrus.ParseLevel("debug")
return testLogger{l}
}
func Test_Logger(t *testing.T) {
r := require.New(t)
app := buffalo.New(buffalo.Options{})
app.Use(ParameterLogger)
app.Logger = newTestLogger()
emptyHandler := func(c buffalo.Context) error {
return nil
}
app.GET("/", emptyHandler)
app.POST("/", emptyHandler)
wi := httptest.New(app)
wi.HTML("/?param=value&CVC=123").Get()
r.Contains(lastEntry.Data["params"], `"param":["value"]`)
r.Contains(lastEntry.Data["params"], `"CVC":["[FILTERED]"]`)
wi.HTML("/?Cvc=123").Post(url.Values{
"Password": []string{"123"},
"Name": []string{"Antonio"},
"CVC": []string{"123"},
})
r.Contains(lastEntry.Data["form"], "\"CVC\":[\"[FILTERED]\"]")
r.Contains(lastEntry.Data["form"], "\"Name\":[\"Antonio\"]")
r.Contains(lastEntry.Data["form"], "\"Password\":[\"[FILTERED]\"]")
r.Contains(lastEntry.Data["params"], "\"CVC\":[\"[FILTERED]\"]")
r.Contains(lastEntry.Data["params"], "\"Password\":[\"[FILTERED]\"]")
}