Mask sensitive information when logging (#1790)

2016-05-18 04:15:44 +08:00
parent b40e16647b
commit 40965186c0
2 changed files with 89 additions and 2 deletions
--- a/spec/FileLoggerAdapter.spec.js
+++ b/spec/FileLoggerAdapter.spec.js
@@ -1,5 +1,8 @@
+'use strict';
+
 var FileLoggerAdapter = require('../src/Adapters/Logger/FileLoggerAdapter').FileLoggerAdapter;
 var Parse = require('parse/node').Parse;
+var request = require('request');

 describe('info logs', () => {

@@ -45,3 +48,55 @@ describe('error logs', () => {
    });
  });
 });
+
+describe('verbose logs', () => {
+
+  it("mask sensitive information in _User class", (done) => {
+    let customConfig = Object.assign({}, defaultConfiguration, {verbose: true});
+    setServerConfiguration(customConfig);
+    createTestUser().then(() => {
+      let fileLoggerAdapter = new FileLoggerAdapter();
+      return fileLoggerAdapter.query({
+        from: new Date(Date.now() - 500),
+        size: 100,
+        level: 'verbose'
+      });
+    }).then((results) => {
+      expect(results[1].message.includes('"password": "********"')).toEqual(true);
+      var headers = {
+        'X-Parse-Application-Id': 'test',
+        'X-Parse-REST-API-Key': 'rest'
+      };
+      request.get({
+        headers: headers,
+        url: 'http://localhost:8378/1/login?username=test&password=moon-y'
+      }, (error, response, body) => {
+        let fileLoggerAdapter = new FileLoggerAdapter();
+        return fileLoggerAdapter.query({
+          from: new Date(Date.now() - 500),
+          size: 100,
+          level: 'verbose'
+        }).then((results) => {
+          expect(results[1].message.includes('password=********')).toEqual(true);
+          done();
+        });
+      });
+    });
+  });
+
+  it("should not mask information in non _User class", (done) => {
+    let obj = new Parse.Object('users');
+    obj.set('password', 'pw');
+    obj.save().then(() => {
+      let fileLoggerAdapter = new FileLoggerAdapter();
+      return fileLoggerAdapter.query({
+        from: new Date(Date.now() - 500),
+        size: 100,
+        level: 'verbose'
+      });
+    }).then((results) => {
+      expect(results[1].message.includes('"password": "pw"')).toEqual(true);
+      done();
+    });
+  });
+});