36 lines
1.2 KiB
PHP
36 lines
1.2 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Support\Audit\AuditContextSanitizer;
|
|
|
|
it('redacts protected audit fields recursively', function (): void {
|
|
$sanitized = AuditContextSanitizer::sanitize([
|
|
'token' => 'super-secret',
|
|
'nested' => [
|
|
'client_secret' => 'another-secret',
|
|
],
|
|
'notes' => 'Authorization: Bearer abc.def.ghi',
|
|
]);
|
|
|
|
expect(data_get($sanitized, 'token'))->toBe('[REDACTED]')
|
|
->and(data_get($sanitized, 'nested.client_secret'))->toBe('[REDACTED]')
|
|
->and(data_get($sanitized, 'notes'))->toBe('[REDACTED]');
|
|
});
|
|
|
|
it('truncates oversized strings and arrays before they reach the audit log', function (): void {
|
|
$items = collect(range(1, 55))
|
|
->mapWithKeys(static fn (int $index): array => ["key_{$index}" => "value_{$index}"])
|
|
->all();
|
|
|
|
$sanitized = AuditContextSanitizer::sanitize([
|
|
'message' => str_repeat('x', 600),
|
|
'items' => $items,
|
|
]);
|
|
|
|
expect((string) data_get($sanitized, 'message'))->toEndWith(' [truncated]')
|
|
->and(data_get($sanitized, 'items.truncated'))->toBeTrue()
|
|
->and(array_key_exists('key_50', $sanitized['items']))->toBeTrue()
|
|
->and(array_key_exists('key_51', $sanitized['items']))->toBeFalse();
|
|
});
|