From d96b299e7d997a9bf2e9dbf25922580a5c6b7d72 Mon Sep 17 00:00:00 2001 From: Bill Church Date: Thu, 22 Aug 2024 16:07:33 +0000 Subject: [PATCH] chore: update maskSensitiveData function for new module --- app/utils.js | 19 +++++++++----- tests/utils.test.js | 63 ++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 68 insertions(+), 14 deletions(-) diff --git a/app/utils.js b/app/utils.js index 4f74742..e1410e6 100644 --- a/app/utils.js +++ b/app/utils.js @@ -163,19 +163,24 @@ function modifyHtml(html, config) { * Masks sensitive information in an object * @param {Object} obj - The object to mask * @param {Object} [options] - Optional configuration for masking + * @param {string[]} [options.properties=['password', 'key', 'secret', 'token']] - The properties to be masked + * @param {number} [options.maskLength=8] - The length of the generated mask + * @param {number} [options.minLength=5] - The minimum length of the generated mask + * @param {number} [options.maxLength=15] - The maximum length of the generated mask + * @param {string} [options.maskChar='*'] - The character used for masking + * @param {boolean} [options.fullMask=false] - Whether to use a full mask for all properties * @returns {Object} The masked object */ function maskSensitiveData(obj, options) { - const defaultOptions = { - // Add any default masking options here - // For example: - // password: true, - // token: true - } + const defaultOptions = {} + debug("maskSensitiveData: %O", obj) + debug("maskSensitiveData: options: %O", options) const maskingOptions = Object.assign({}, defaultOptions, options || {}) + const maskedObject = maskObject(obj, maskingOptions) + debug("maskSensitiveData: maskedObject: %O", maskedObject) - return maskObject(obj, maskingOptions) + return maskedObject } module.exports = { diff --git a/tests/utils.test.js b/tests/utils.test.js index f3fa23d..4044785 100644 --- a/tests/utils.test.js +++ b/tests/utils.test.js @@ -67,16 +67,65 @@ describe("utils", () => { }) describe("maskSensitiveData", () => { - it("should mask sensitive data", () => { - const data = { + it("should mask simple password property", () => { + const testObj = { username: "user", password: "secret123" } + const maskedObj = maskSensitiveData(testObj) + console.log("maskedObj.password.length: ", maskedObj.password.length) + + expect(maskedObj.username).toBe("user") + expect(maskedObj.password).not.toBe("secret123") + expect(maskedObj.password.length).toBeGreaterThanOrEqual(3) + expect(maskedObj.password.length).toBeLessThanOrEqual(9) + }) + + it("should mask array elements when property is specified", () => { + const testObj = { + action: "keyboard-interactive", + responses: ["sensitive_password", "another_sensitive_value"] + } + const maskedObj = maskSensitiveData(testObj, { + properties: ["responses"] + }) + + expect(maskedObj.action).toBe("keyboard-interactive") + expect(Array.isArray(maskedObj.responses)).toBe(true) + expect(maskedObj.responses).toHaveLength(2) + expect(maskedObj.responses[0]).not.toBe("sensitive_password") + expect(maskedObj.responses[1]).not.toBe("another_sensitive_value") + expect(maskedObj.responses[0]).toHaveLength(8) + expect(maskedObj.responses[1]).toHaveLength(8) + }) + + it("should not mask non-specified properties", () => { + const testObj = { username: "user", password: "secret", - token: "12345" + data: ["public_info", "not_sensitive"] } - const masked = maskSensitiveData(data) - expect(masked.username).toBe("user") - expect(masked.password).not.toBe("secret") - expect(masked.token).not.toBe("12345") + const maskedObj = maskSensitiveData(testObj, { + properties: ["password"] + }) + + expect(maskedObj.username).toBe("user") + expect(maskedObj.password).not.toBe("secret") + expect(maskedObj.data).toEqual(["public_info", "not_sensitive"]) + }) + + it("should handle nested objects", () => { + const testObj = { + user: { + name: "John", + credentials: { + password: "topsecret", + token: "abcdef123456" + } + } + } + const maskedObj = maskSensitiveData(testObj) + + expect(maskedObj.user.name).toBe("John") + expect(maskedObj.user.credentials.password).not.toBe("topsecret") + expect(maskedObj.user.credentials.token).not.toBe("abcdef123456") }) })