mirror of
https://github.com/ivuorinen/monolog-gdpr-filter.git
synced 2026-01-26 11:44:04 +00:00
feat: performance, integrations, advanced features (#2)
* feat: performance, integrations, advanced features * chore: fix linting problems * chore: suppressions and linting * chore(lint): pre-commit linting, fixes * feat: comprehensive input validation, security hardening, and regression testing - Add extensive input validation throughout codebase with proper error handling - Implement comprehensive security hardening with ReDoS protection and bounds checking - Add 3 new regression test suites covering critical bugs, security, and validation scenarios - Enhance rate limiting with memory management and configurable cleanup intervals - Update configuration security settings and improve Laravel integration - Fix TODO.md timestamps to reflect actual development timeline - Strengthen static analysis configuration and improve code quality standards * feat: configure static analysis tools and enhance development workflow - Complete configuration of Psalm, PHPStan, and Rector for harmonious static analysis. - Fix invalid configurations and tool conflicts that prevented proper code quality analysis. - Add comprehensive safe analysis script with interactive workflow, backup/restore capabilities, and dry-run modes. Update documentation with linting policy requiring issue resolution over suppression. - Clean completed items from TODO to focus on actionable improvements. - All static analysis tools now work together seamlessly to provide code quality insights without breaking existing functionality. * fix(test): update Invalid regex pattern expectation * chore: phpstan, psalm fixes * chore: phpstan, psalm fixes, more tests * chore: tooling tweaks, cleanup * chore: tweaks to get the tests pass * fix(lint): rector config tweaks and successful run * feat: refactoring, more tests, fixes, cleanup * chore: deduplication, use constants * chore: psalm fixes * chore: ignore phpstan deliberate errors in tests * chore: improve codebase, deduplicate code * fix: lint * chore: deduplication, codebase simplification, sonarqube fixes * fix: resolve SonarQube reliability rating issues Fix useless object instantiation warnings in test files by assigning instantiated objects to variables. This resolves the SonarQube reliability rating issue (was C, now targeting A). Changes: - tests/Strategies/MaskingStrategiesTest.php: Fix 3 instances - tests/Strategies/FieldPathMaskingStrategyTest.php: Fix 1 instance The tests use expectException() to verify that constructors throw exceptions for invalid input. SonarQube flagged standalone `new` statements as useless. Fixed by assigning to variables with explicit unset() and fail() calls. All tests pass (623/623) and static analysis tools pass. * fix: resolve more SonarQube detected issues * fix: resolve psalm detected issues * fix: resolve more SonarQube detected issues * fix: resolve psalm detected issues * fix: duplications * fix: resolve SonarQube reliability rating issues * fix: resolve psalm and phpstan detected issues
This commit is contained in:
GitHub
@@ -2,27 +2,35 @@
|
||||
|
||||
namespace Tests;
|
||||
|
||||
use Tests\TestConstants;
|
||||
use PHPUnit\Framework\Attributes\CoversClass;
|
||||
use PHPUnit\Framework\Attributes\CoversMethod;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Ivuorinen\MonologGdprFilter\FieldMaskConfig;
|
||||
use Ivuorinen\MonologGdprFilter\MaskConstants;
|
||||
use Ivuorinen\MonologGdprFilter\GdprProcessor;
|
||||
use Ivuorinen\MonologGdprFilter\DefaultPatterns;
|
||||
|
||||
/**
|
||||
* GDPR Default Patterns Test
|
||||
*
|
||||
* @api
|
||||
*/
|
||||
#[CoversClass(FieldMaskConfig::class)]
|
||||
#[CoversMethod(GdprProcessor::class, 'getDefaultPatterns')]
|
||||
#[CoversMethod(DefaultPatterns::class, 'get')]
|
||||
class GdprDefaultPatternsTest extends TestCase
|
||||
{
|
||||
public function testPatternIban(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
// Finnish IBAN with spaces
|
||||
$iban = 'FI21 1234 5600 0007 85';
|
||||
$iban = TestConstants::IBAN_FI;
|
||||
$masked = $processor->maskMessage($iban);
|
||||
$this->assertSame('***IBAN***', $masked);
|
||||
$this->assertSame(MaskConstants::MASK_IBAN, $masked);
|
||||
// Finnish IBAN without spaces
|
||||
$ibanWithoutSpaces = 'FI2112345600000785';
|
||||
$this->assertSame('***IBAN***', $processor->maskMessage($ibanWithoutSpaces));
|
||||
$this->assertSame(MaskConstants::MASK_IBAN, $processor->maskMessage($ibanWithoutSpaces));
|
||||
$this->assertNotSame($ibanWithoutSpaces, $processor->maskMessage($ibanWithoutSpaces));
|
||||
|
||||
// Edge: not an IBAN
|
||||
@@ -32,11 +40,11 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternPhone(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$phone = '+358 40 1234567';
|
||||
$masked = $processor->maskMessage($phone);
|
||||
$this->assertSame('***PHONE***', $masked);
|
||||
$this->assertSame(MaskConstants::MASK_PHONE, $masked);
|
||||
// Edge: not a phone
|
||||
$notPhone = 'Call me maybe';
|
||||
$this->assertSame($notPhone, $processor->maskMessage($notPhone));
|
||||
@@ -44,11 +52,11 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternUsSsn(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$ssn = '123-45-6789';
|
||||
$ssn = TestConstants::SSN_US;
|
||||
$masked = $processor->maskMessage($ssn);
|
||||
$this->assertSame('***USSSN***', $masked);
|
||||
$this->assertSame(MaskConstants::MASK_USSSN, $masked);
|
||||
// Edge: not a SSN
|
||||
$notSsn = '123456789';
|
||||
$this->assertSame($notSsn, $processor->maskMessage($notSsn));
|
||||
@@ -56,14 +64,14 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternDob(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$dob1 = '1990-12-31';
|
||||
$dob2 = '31/12/1990';
|
||||
$masked1 = $processor->maskMessage($dob1);
|
||||
$masked2 = $processor->maskMessage($dob2);
|
||||
$this->assertSame('***DOB***', $masked1);
|
||||
$this->assertSame('***DOB***', $masked2);
|
||||
$this->assertSame(MaskConstants::MASK_DOB, $masked1);
|
||||
$this->assertSame(MaskConstants::MASK_DOB, $masked2);
|
||||
// Edge: not a DOB
|
||||
$notDob = '1990/31/12';
|
||||
$this->assertSame($notDob, $processor->maskMessage($notDob));
|
||||
@@ -71,11 +79,11 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternPassport(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$passport = 'A123456';
|
||||
$masked = $processor->maskMessage($passport);
|
||||
$this->assertSame('***PASSPORT***', $masked);
|
||||
$this->assertSame(MaskConstants::MASK_PASSPORT, $masked);
|
||||
// Edge: too short
|
||||
$notPassport = 'A1234';
|
||||
$this->assertSame($notPassport, $processor->maskMessage($notPassport));
|
||||
@@ -84,7 +92,7 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternCreditCard(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$cc1 = '4111 1111 1111 1111'; // Visa
|
||||
$cc2 = '5500-0000-0000-0004'; // MasterCard
|
||||
@@ -94,10 +102,10 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
$masked2 = $processor->maskMessage($cc2);
|
||||
$masked3 = $processor->maskMessage($cc3);
|
||||
$masked4 = $processor->maskMessage($cc4);
|
||||
$this->assertSame('***CC***', $masked1);
|
||||
$this->assertSame('***CC***', $masked2);
|
||||
$this->assertSame('***CC***', $masked3);
|
||||
$this->assertSame('***CC***', $masked4);
|
||||
$this->assertSame(MaskConstants::MASK_CC, $masked1);
|
||||
$this->assertSame(MaskConstants::MASK_CC, $masked2);
|
||||
$this->assertSame(MaskConstants::MASK_CC, $masked3);
|
||||
$this->assertSame(MaskConstants::MASK_CC, $masked4);
|
||||
// Edge: not a CC
|
||||
$notCc = '1234 5678 9012';
|
||||
$this->assertSame($notCc, $processor->maskMessage($notCc));
|
||||
@@ -105,11 +113,11 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternBearerToken(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$token = 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9';
|
||||
$masked = $processor->maskMessage($token);
|
||||
$this->assertSame('***TOKEN***', $masked);
|
||||
$this->assertSame(MaskConstants::MASK_TOKEN, $masked);
|
||||
// Edge: not a token
|
||||
$notToken = 'bearer token';
|
||||
$this->assertSame($notToken, $processor->maskMessage($notToken));
|
||||
@@ -117,11 +125,11 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternApiKey(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$apiKey = 'sk_test_4eC39HqLyjWDarj';
|
||||
$masked = $processor->maskMessage($apiKey);
|
||||
$this->assertSame('***APIKEY***', $masked);
|
||||
$this->assertSame(MaskConstants::MASK_APIKEY, $masked);
|
||||
// Edge: short string
|
||||
$notApiKey = 'shortkey';
|
||||
$this->assertSame($notApiKey, $processor->maskMessage($notApiKey));
|
||||
@@ -129,14 +137,14 @@ class GdprDefaultPatternsTest extends TestCase
|
||||
|
||||
public function testPatternMac(): void
|
||||
{
|
||||
$patterns = GdprProcessor::getDefaultPatterns();
|
||||
$patterns = DefaultPatterns::get();
|
||||
$processor = new GdprProcessor($patterns);
|
||||
$mac = '00:1A:2B:3C:4D:5E';
|
||||
$masked = $processor->maskMessage($mac);
|
||||
$this->assertSame('***MAC***', $masked);
|
||||
$this->assertSame(MaskConstants::MASK_MAC, $masked);
|
||||
$mac2 = '00-1A-2B-3C-4D-5E';
|
||||
$masked2 = $processor->maskMessage($mac2);
|
||||
$this->assertSame('***MAC***', $masked2);
|
||||
$this->assertSame(MaskConstants::MASK_MAC, $masked2);
|
||||
// Edge: not a MAC
|
||||
$notMac = '001A2B3C4D5E';
|
||||
$this->assertSame($notMac, $processor->maskMessage($notMac));
|
||||
|
||||
Reference in New Issue
Block a user