QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-04-19 08:04:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: improve mask/unmask encrypted_extra (#29943)

Browse Source
This commit is contained in:
Beto Dealmeida
2024-08-22 16:45:32 -04:00
committed by GitHub
parent bf94370d38
commit 4b59e42d3f
13 changed files with 490 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
tests/unit_tests/utils/json_tests.py
View File

@@ -14,6 +14,7 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import copy
import datetime
import math
from unittest.mock import MagicMock
@@ -146,3 +147,48 @@ def test_validate_json():
str(excinfo.value)
== "Unterminated string starting at: line 1 column 28 (char 27)"
)
def test_sensitive_fields() -> None:
"""
Test masking/unmasking of sensitive fields.
"""
payload = {
"password": "SECRET",
"credentials": {
"user_id": "alice",
"user_token": "TOKEN",
},
}
sensitive_fields = {"$.password", "$.credentials.user_token"}
redacted_payload = json.redact_sensitive(payload, sensitive_fields)
assert redacted_payload == {
"password": "XXXXXXXXXX",
"credentials": {
"user_id": "alice",
"user_token": "XXXXXXXXXX",
},
}
new_payload = copy.deepcopy(redacted_payload)
new_payload["credentials"]["user_id"] = "bob"
assert json.reveal_sensitive(payload, new_payload, sensitive_fields) == {
"password": "SECRET",
"credentials": {
"user_id": "bob",
"user_token": "TOKEN",
},
}
new_payload = copy.deepcopy(redacted_payload)
new_payload["credentials"]["user_token"] = "NEW_TOKEN"
assert json.reveal_sensitive(payload, new_payload, sensitive_fields) == {
"password": "SECRET",
"credentials": {
"user_id": "alice",
"user_token": "NEW_TOKEN",
},
}