diff options
author | Francis Lavoie <lavofr@gmail.com> | 2022-10-05 01:21:23 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-10-04 23:21:23 -0600 |
commit | ea58d519078916d4cf273628653e348befbaf6c0 (patch) | |
tree | a11cf24089151799dd64631104dc9e26e6470dc2 /modules/logging/filters_test.go | |
parent | 9e1d964bd6af27cd96a370987a1cadc58933d19a (diff) |
logging: Perform filtering on arrays of strings (where possible) (#5101)
* logging: Perform filtering on arrays of strings (where possible)
* Add test for ip_mask filter
* Oops, need to continue when it's not an IP
* Test for invalid IPs
Diffstat (limited to 'modules/logging/filters_test.go')
-rw-r--r-- | modules/logging/filters_test.go | 112 |
1 files changed, 110 insertions, 2 deletions
diff --git a/modules/logging/filters_test.go b/modules/logging/filters_test.go index 2b087f2..e9c3e77 100644 --- a/modules/logging/filters_test.go +++ b/modules/logging/filters_test.go @@ -8,6 +8,81 @@ import ( "go.uber.org/zap/zapcore" ) +func TestIPMaskSingleValue(t *testing.T) { + f := IPMaskFilter{IPv4MaskRaw: 16, IPv6MaskRaw: 32} + f.Provision(caddy.Context{}) + + out := f.Filter(zapcore.Field{String: "255.255.255.255"}) + if out.String != "255.255.0.0" { + t.Fatalf("field has not been filtered: %s", out.String) + } + + out = f.Filter(zapcore.Field{String: "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"}) + if out.String != "ffff:ffff::" { + t.Fatalf("field has not been filtered: %s", out.String) + } + + out = f.Filter(zapcore.Field{String: "not-an-ip"}) + if out.String != "not-an-ip" { + t.Fatalf("field has been filtered: %s", out.String) + } +} + +func TestIPMaskCommaValue(t *testing.T) { + f := IPMaskFilter{IPv4MaskRaw: 16, IPv6MaskRaw: 32} + f.Provision(caddy.Context{}) + + out := f.Filter(zapcore.Field{String: "255.255.255.255, 244.244.244.244"}) + if out.String != "255.255.0.0, 244.244.0.0" { + t.Fatalf("field has not been filtered: %s", out.String) + } + + out = f.Filter(zapcore.Field{String: "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, ff00:ffff:ffff:ffff:ffff:ffff:ffff:ffff"}) + if out.String != "ffff:ffff::, ff00:ffff::" { + t.Fatalf("field has not been filtered: %s", out.String) + } + + out = f.Filter(zapcore.Field{String: "not-an-ip, 255.255.255.255"}) + if out.String != "not-an-ip, 255.255.0.0" { + t.Fatalf("field has not been filtered: %s", out.String) + } +} + +func TestIPMaskMultiValue(t *testing.T) { + f := IPMaskFilter{IPv4MaskRaw: 16, IPv6MaskRaw: 32} + f.Provision(caddy.Context{}) + + out := f.Filter(zapcore.Field{Interface: caddyhttp.LoggableStringArray{ + "255.255.255.255", + "244.244.244.244", + }}) + arr, ok := out.Interface.(caddyhttp.LoggableStringArray) + if !ok { + t.Fatalf("field is wrong type: %T", out.Integer) + } + if arr[0] != "255.255.0.0" { + t.Fatalf("field entry 0 has not been filtered: %s", arr[0]) + } + if arr[1] != "244.244.0.0" { + t.Fatalf("field entry 1 has not been filtered: %s", arr[1]) + } + + out = f.Filter(zapcore.Field{Interface: caddyhttp.LoggableStringArray{ + "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff", + "ff00:ffff:ffff:ffff:ffff:ffff:ffff:ffff", + }}) + arr, ok = out.Interface.(caddyhttp.LoggableStringArray) + if !ok { + t.Fatalf("field is wrong type: %T", out.Integer) + } + if arr[0] != "ffff:ffff::" { + t.Fatalf("field entry 0 has not been filtered: %s", arr[0]) + } + if arr[1] != "ff00:ffff::" { + t.Fatalf("field entry 1 has not been filtered: %s", arr[1]) + } +} + func TestQueryFilter(t *testing.T) { f := QueryFilter{[]queryFilterAction{ {replaceAction, "foo", "REDACTED"}, @@ -78,7 +153,7 @@ func TestValidateCookieFilter(t *testing.T) { } } -func TestRegexpFilter(t *testing.T) { +func TestRegexpFilterSingleValue(t *testing.T) { f := RegexpFilter{RawRegexp: `secret`, Value: "REDACTED"} f.Provision(caddy.Context{}) @@ -88,7 +163,24 @@ func TestRegexpFilter(t *testing.T) { } } -func TestHashFilter(t *testing.T) { +func TestRegexpFilterMultiValue(t *testing.T) { + f := RegexpFilter{RawRegexp: `secret`, Value: "REDACTED"} + f.Provision(caddy.Context{}) + + out := f.Filter(zapcore.Field{Interface: caddyhttp.LoggableStringArray{"foo-secret-bar", "bar-secret-foo"}}) + arr, ok := out.Interface.(caddyhttp.LoggableStringArray) + if !ok { + t.Fatalf("field is wrong type: %T", out.Integer) + } + if arr[0] != "foo-REDACTED-bar" { + t.Fatalf("field entry 0 has not been filtered: %s", arr[0]) + } + if arr[1] != "bar-REDACTED-foo" { + t.Fatalf("field entry 1 has not been filtered: %s", arr[1]) + } +} + +func TestHashFilterSingleValue(t *testing.T) { f := HashFilter{} out := f.Filter(zapcore.Field{String: "foo"}) @@ -96,3 +188,19 @@ func TestHashFilter(t *testing.T) { t.Fatalf("field has not been filtered: %s", out.String) } } + +func TestHashFilterMultiValue(t *testing.T) { + f := HashFilter{} + + out := f.Filter(zapcore.Field{Interface: caddyhttp.LoggableStringArray{"foo", "bar"}}) + arr, ok := out.Interface.(caddyhttp.LoggableStringArray) + if !ok { + t.Fatalf("field is wrong type: %T", out.Integer) + } + if arr[0] != "2c26b46b" { + t.Fatalf("field entry 0 has not been filtered: %s", arr[0]) + } + if arr[1] != "fcde2b2e" { + t.Fatalf("field entry 1 has not been filtered: %s", arr[1]) + } +} |