Merge pull request #2 from bfoley13/bfole13/redact

Extending for map/list/embedded structs

Author: bfoley13

redact.go

@@ -25,6 +25,7 @@ func Redact(iface interface{}) error {
 	if ifv.Kind() != reflect.Ptr {
 		return errors.New("Not a pointer")
 	}
+
 	ift := reflect.Indirect(ifv).Type()
 	if ift.Kind() != reflect.Struct {
 		return nil
@@ -33,42 +34,6 @@ func Redact(iface interface{}) error {
 		v := ift.Field(i)
 		el := reflect.Indirect(ifv.Elem().FieldByName(v.Name))
 		switch el.Kind() {
-		case reflect.Slice:
-			if el.CanInterface() {
-				elType := getSliceElemType(v.Type)
-
-				// allow strings and string pointers
-				str := ""
-				if (elType.ConvertibleTo(reflect.TypeOf(str)) && reflect.TypeOf(str).ConvertibleTo(elType)) ||
-					(elType.ConvertibleTo(reflect.TypeOf(&str)) && reflect.TypeOf(&str).ConvertibleTo(elType)) {
-					tagVal := v.Tag.Get(tagName)
-					for i := 0; i < el.Len(); i++ {
-						el.Index(i).Set(transformValue(tagVal, el.Index(i)))
-					}
-				} else {
-					val := reflect.ValueOf(el.Interface())
-					for i := 0; i < val.Len(); i++ {
-						elVal := val.Index(i)
-						if elVal.Kind() != reflect.Ptr {
-							elVal = elVal.Addr()
-						}
-						Redact(elVal.Interface())
-					}
-				}
-			}
-		case reflect.Map:
-			if el.CanInterface() {
-				val := reflect.ValueOf(el.Interface())
-				for _, key := range val.MapKeys() {
-					mapValue := val.MapIndex(key)
-					mapValuePtr := reflect.New(mapValue.Type())
-					mapValuePtr.Elem().Set(mapValue)
-					if mapValuePtr.Elem().CanAddr() {
-						Redact(mapValuePtr.Elem().Addr().Interface())
-					}
-					val.SetMapIndex(key, reflect.Indirect(mapValuePtr))
-				}
-			}
 		case reflect.Struct:
 			if el.CanAddr() && el.Addr().CanInterface() {
 				Redact(el.Addr().Interface())
@@ -79,6 +44,72 @@ func Redact(iface interface{}) error {
 				input := el.String()
 				el.SetString(transformString(input, tagVal))
 			}
+		default:
+			tagVal := v.Tag.Get(tagName)
+			if el.CanAddr() && el.Addr().CanInterface() {
+				redactHelper(el.Addr().Interface(), tagVal)
+			}
+
+		}
+	}
+	return nil
+}
+
+func redactHelper(iface interface{}, tagVal string) error {
+	ifv := reflect.ValueOf(iface)
+	if ifv.Kind() != reflect.Ptr {
+		return errors.New("Not a pointer")
+	}
+
+	ifIndirectValue := reflect.Indirect(ifv)
+	switch ifIndirectValue.Kind() {
+	case reflect.Slice:
+		if ifIndirectValue.CanInterface() {
+			elType := getSliceElemType(ifIndirectValue.Type())
+
+			// allow strings and string pointers
+			str := ""
+			if (elType.ConvertibleTo(reflect.TypeOf(str)) && reflect.TypeOf(str).ConvertibleTo(elType)) ||
+				(elType.ConvertibleTo(reflect.TypeOf(&str)) && reflect.TypeOf(&str).ConvertibleTo(elType)) {
+				for i := 0; i < ifIndirectValue.Len(); i++ {
+					ifIndirectValue.Index(i).Set(transformValue(tagVal, ifIndirectValue.Index(i)))
+				}
+			} else {
+				val := reflect.ValueOf(ifIndirectValue.Interface())
+				for i := 0; i < val.Len(); i++ {
+					elVal := val.Index(i)
+					if elVal.Kind() != reflect.Ptr {
+						elVal = elVal.Addr()
+					}
+					redactHelper(elVal.Interface(), tagVal)
+				}
+			}
+		}
+	case reflect.Map:
+		if ifIndirectValue.CanInterface() {
+			val := reflect.ValueOf(ifIndirectValue.Interface())
+			for _, key := range val.MapKeys() {
+				mapValue := val.MapIndex(key)
+				mapValuePtr := reflect.New(mapValue.Type())
+				mapValuePtr.Elem().Set(mapValue)
+				if mapValuePtr.Elem().CanAddr() {
+					redactHelper(mapValuePtr.Elem().Addr().Interface(), tagVal)
+				}
+				val.SetMapIndex(key, reflect.Indirect(mapValuePtr))
+			}
+		}
+	case reflect.Struct:
+		if ifIndirectValue.CanAddr() && ifIndirectValue.Addr().CanInterface() {
+			Redact(ifIndirectValue.Addr().Interface())
+		}
+	case reflect.String:
+		if ifIndirectValue.CanSet() {
+			input := ifIndirectValue.String()
+			ifIndirectValue.SetString(transformString(input, tagVal))
+		}
+	case reflect.Ptr:
+		if ifIndirectValue.CanInterface() {
+			redactHelper(ifIndirectValue.Interface(), tagVal)
 		}
 	}
 	return nil

redact_test.go

@@ -26,6 +26,16 @@ type TestStructList struct {
 	Data []*TestStruct
 }
 
+type TestMaps struct {
+	Secrets           map[string]string
+	SecretPtrs        map[string]*string
+	TestStructSecrets map[string]*TestStruct
+}
+
+type TestMapList struct {
+	Data []*TestMaps
+}
+
 func TestStringTestStruct(t *testing.T) {
 	t.Run("Basic Secret Redaction", func(t *testing.T) {
 		tStruct := &TestStruct{
@@ -103,3 +113,67 @@ func TestStringTestStructList(t *testing.T) {
 	})
 
 }
+
+func TestStringTestMapAndEmbedded(t *testing.T) {
+	t.Run("Should Redact Map And Slice Structs", func(t *testing.T) {
+		tMaps := &TestMaps{
+			Secrets: map[string]string{
+				"secret-key-old": secretVal,
+				"secret-key-new": secretVal,
+			},
+			SecretPtrs: map[string]*string{
+				"ptr-secret-key": &secretPtrVal,
+			},
+			TestStructSecrets: map[string]*TestStruct{
+				"ptr-test-struct-key": {
+					NonSecret: nonSecretVal,
+					Secret:    secretVal,
+					SecretPtr: &secretPtrVal,
+				},
+			},
+		}
+
+		err := redact.Redact(tMaps)
+		assert.NoError(t, err, "should not fail to redact struct")
+
+		assert.Equal(t, redact.RedactStrConst, tMaps.Secrets["secret-key-old"], "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, tMaps.Secrets["secret-key-new"], "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, *tMaps.SecretPtrs["ptr-secret-key"], "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, tMaps.TestStructSecrets["ptr-test-struct-key"].Secret, "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, *tMaps.TestStructSecrets["ptr-test-struct-key"].SecretPtr, "should redact secret value")
+		assert.Equal(t, nonSecretVal, tMaps.TestStructSecrets["ptr-test-struct-key"].NonSecret, "should redact secret value")
+	})
+
+	t.Run("Should Redact Map And Slice Structs", func(t *testing.T) {
+		tMaps := &TestMaps{
+			Secrets: map[string]string{
+				"secret-key-old": secretVal,
+				"secret-key-new": secretVal,
+			},
+			SecretPtrs: map[string]*string{
+				"ptr-secret-key": &secretPtrVal,
+			},
+			TestStructSecrets: map[string]*TestStruct{
+				"ptr-test-struct-key": {
+					NonSecret: nonSecretVal,
+					Secret:    secretVal,
+					SecretPtr: &secretPtrVal,
+				},
+			},
+		}
+
+		testMapList := &TestMapList{
+			Data: []*TestMaps{tMaps},
+		}
+
+		err := redact.Redact(testMapList)
+		assert.NoError(t, err, "should not fail to redact struct")
+
+		assert.Equal(t, redact.RedactStrConst, testMapList.Data[0].Secrets["secret-key-old"], "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, testMapList.Data[0].Secrets["secret-key-new"], "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, *testMapList.Data[0].SecretPtrs["ptr-secret-key"], "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, testMapList.Data[0].TestStructSecrets["ptr-test-struct-key"].Secret, "should redact secret value")
+		assert.Equal(t, redact.RedactStrConst, *testMapList.Data[0].TestStructSecrets["ptr-test-struct-key"].SecretPtr, "should redact secret value")
+		assert.Equal(t, nonSecretVal, testMapList.Data[0].TestStructSecrets["ptr-test-struct-key"].NonSecret, "should redact secret value")
+	})
+}