fix(hipaa): correct phone masking and provider health discovery

Faxbot Agent · Faxbot Agent · commit 46112ad6db9e · 2025-10-05T22:11:43.000-06:00
CRITICAL HIPAA FIX:
- Fixed phone masking in event emission to show ONLY last 4 digits
- Changed from to[:8] + '***' (shows first 8) to proper masking
- Now shows: *******4567 instead of +1555555***

Provider Health Fix:
- Added lazy discovery of providers in /admin/providers/health endpoint
- Initialize circuit breakers for active_outbound() and active_inbound()
- Provider Health Status now shows configured providers (sinch, humblefax)

This resolves the HIPAA compliance violation and makes Provider Health functional.
diff --git a/api/app/main.py b/api/app/main.py
@@ -4101,11 +4101,13 @@ async def send_fax(background: BackgroundTasks, to: str = Form(...), file: Uploa
         from .services.events import EventType as _EventType
         emitter = get_event_emitter()
         if emitter:
+            # HIPAA-compliant masking: show only last 4 digits
+            masked_to = ("*" * max(0, len(to) - 4)) + to[-4:] if len(to) >= 4 else "***"
             await emitter.emit_event(
                 _EventType.FAX_QUEUED,
                 job_id=job_id,
                 provider_id=ob,
-                payload_meta={"backend": ob, "to": to[:8] + "***"}  # Mask phone for PHI
+                payload_meta={"backend": ob, "to": masked_to}
             )
     except Exception:
         pass  # Non-fatal
diff --git a/api/app/routers/admin_providers.py b/api/app/routers/admin_providers.py
@@ -51,6 +51,19 @@ async def get_provider_health_status(request: Request, admin_auth: dict = Depend
     if not health_monitor:
         raise HTTPException(status_code=503, detail="Health monitor not available")
 
+    # Discover providers from config if circuit_states is empty
+    if not health_monitor.circuit_states:
+        from app.config import active_outbound, active_inbound
+        ob = active_outbound()
+        ib = active_inbound()
+        
+        # Initialize circuit breakers for configured providers
+        from app.monitoring.health import CircuitBreakerState
+        if ob:
+            health_monitor.circuit_states[ob] = CircuitBreakerState(provider_id=ob)
+        if ib and ib != ob:
+            health_monitor.circuit_states[ib] = CircuitBreakerState(provider_id=ib)
+
     provider_statuses = await health_monitor.get_provider_statuses()
 
     # Calculate summary stats
