feat(logging): add checks for .log and .json files

Author: Psingle20

src/proxy/processors/push-action/checkSensitiveData.js

@@ -0,0 +1,156 @@
+const fs = require('fs');
+const csv = require('csv-parser');
+const XLSX = require('xlsx');
+const path = require('path');
+const { exec: getDiffExec } = require('./getDiff');
+
+// Function to check for sensitive data patterns
+const checkForSensitiveData = (cell) => {
+    const sensitivePatterns = [
+        /\d{3}-\d{2}-\d{4}/, // Social Security Number (SSN)
+        /\b\d{16}\b/, // Credit card numbers
+        /\b\d{5}-\d{4}\b/, // ZIP+4 codes
+        // Add more patterns as needed
+    ];
+    return sensitivePatterns.some(pattern => {
+        if (pattern.test(String(cell))) {
+            console.log(`\x1b[31mDetected sensitive data: ${cell}\x1b[0m`); // Log the detected sensitive data in red
+            return true;
+        }
+        return false;
+    });
+};
+
+// Function to process CSV files
+const processCSV = async (filePath) => {
+    return new Promise((resolve, reject) => {
+        let sensitiveDataFound = false;
+
+        fs.createReadStream(filePath)
+            .pipe(csv())
+            .on('data', (row) => {
+                for (const [key, value] of Object.entries(row)) {
+                    if (checkForSensitiveData(value)) {
+                        console.log(`\x1b[33mSensitive data found in CSV: ${key}: ${value}\x1b[0m`); // Log in yellow
+                        sensitiveDataFound = true;
+                    }
+                }
+            })
+            .on('end', () => {
+                if (!sensitiveDataFound) {
+                    console.log('No sensitive data found in CSV.');
+                }
+                resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found
+            })
+            .on('error', (err) => {
+                console.error(`Error reading CSV file: ${err.message}`);
+                reject(err); // Reject the promise on error
+            });
+    });
+};
+
+// Function to process XLSX files
+const processXLSX = async (filePath) => {
+    return new Promise((resolve, reject) => {
+        let sensitiveDataFound = false;
+
+        try {
+            const workbook = XLSX.readFile(filePath);
+            const sheetName = workbook.SheetNames[0];
+            const sheet = workbook.Sheets[sheetName];
+            const jsonData = XLSX.utils.sheet_to_json(sheet);
+
+            jsonData.forEach((row) => {
+                for (const [key, value] of Object.entries(row)) {
+                    if (checkForSensitiveData(value)) {
+                        console.log(`\x1b[33mSensitive data found in XLSX: ${key}: ${value}\x1b[0m`); // Log in yellow
+                        sensitiveDataFound = true;
+                    }
+                }
+            });
+
+            if (!sensitiveDataFound) {
+                console.log('No sensitive data found in XLSX.');
+            }
+            resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found
+        } catch (error) {
+            console.error(`Error reading XLSX file: ${error.message}`);
+            reject(error); // Reject the promise on error
+        }
+    });
+};
+
+// Function to check for sensitive data in .log and .json files
+const checkLogJsonFiles = async (filePath) => {
+    return new Promise((resolve, reject) => {
+        let sensitiveDataFound = false;
+
+        fs.readFile(filePath, 'utf8', (err, data) => {
+            if (err) {
+                console.error(`Error reading file ${filePath}: ${err.message}`);
+                return reject(err);
+            }
+
+            if (checkForSensitiveData(data)) {
+                console.log(`\x1b[33mSensitive data found in ${filePath}\x1b[0m`);
+                sensitiveDataFound = true;
+            }
+
+            resolve(sensitiveDataFound);
+        });
+    });
+};
+
+// Function to parse the file based on its extension
+const parseFile = async (filePath) => {
+    const ext = path.extname(filePath).toLowerCase();
+    
+    switch (ext) {
+        case '.csv':
+            return await processCSV(filePath);
+        case '.xlsx':
+            return await processXLSX(filePath);
+        case '.log':
+            return await checkLogJsonFiles(filePath);
+        case '.json':
+            return await checkLogJsonFiles(filePath);
+        default:
+            // Skip unsupported file types without logging
+            return false; // Indicate that no sensitive data was found for unsupported types
+    }
+};
+
+// Async exec function to handle actions
+const exec = async (req, action) => {
+    // getDiffExec(req, action); // Call to getDiffExec if necessary
+
+    const diffStep = action.steps.find((s) => s.stepName === 'diff');
+
+    if (diffStep && diffStep.content) {
+        console.log('Diff content:', diffStep.content);
+
+        const filePaths = diffStep.content.filePaths || [];
+
+        if (filePaths.length > 0) {
+            // Check for sensitive data in all files
+            const sensitiveDataFound = await Promise.all(filePaths.map(parseFile));
+            const anySensitiveDataDetected = sensitiveDataFound.some(found => found); // Check if any file reported sensitive data
+
+            if (anySensitiveDataDetected) {
+                action.pushBlocked = true; // Block the push
+                action.error = true; // Set error flag
+                action.errorMessage = 'Your push has been blocked due to sensitive data detection.'; // Set error message
+                console.log(action.errorMessage);
+            }
+        } else {
+            console.log('No file paths provided in the diff step.');
+        }
+    } else {
+        console.log('No diff content available.');
+    }
+
+    return action; // Returning action for testing purposes
+};
+
+exec.displayName = 'logFileChanges.exec';
+exports.exec = exec;

test/CheckSensitive.test.js

@@ -0,0 +1,89 @@
+const path = require('path');
+const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary
+const sinon = require('sinon');
+
+describe('Sensitive Data Detection', () => {
+    let logStub;
+
+    beforeEach(() => {
+        logStub = sinon.stub(console, 'log'); // Stub console.log before each test
+    });
+
+    afterEach(() => {
+        logStub.restore(); // Restore console.log after each test
+    });
+
+    it('should detect sensitive data in CSV file and block execution', async () => {
+        const action = {
+            steps: [{
+                stepName: 'diff',
+                content: {
+                    filePaths: [path.join(__dirname, 'test_data/sensitive_data.csv')] // Ensure this path is correct
+                }
+            }]
+        };
+
+        await exec(null, action);
+
+        const loggedMessages = logStub.getCalls().map(call => call.args[0]);
+        console.log('Captured log messages for CSV:', loggedMessages);
+
+        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
+    });
+
+    it('should detect sensitive data in XLSX file and block execution', async () => {
+        const action = {
+            steps: [{
+                stepName: 'diff',
+                content: {
+                    filePaths: [path.join(__dirname, 'test_data/sensitive_data2.xlsx')] // Ensure this path is correct
+                }
+            }]
+        };
+
+        await exec(null, action);
+
+        const loggedMessages = logStub.getCalls().map(call => call.args[0]);
+        console.log('Captured log messages for XLSX:', loggedMessages);
+
+        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
+    });
+
+    it('should detect sensitive data in a log file and block execution', async () => {
+        const action = {
+            steps: [{
+                stepName: 'diff',
+                content: {
+                    filePaths: [path.join(__dirname, 'test_data/sensitive_data3.log')] // Ensure this path is correct
+                }
+            }]
+        };
+
+        await exec(null, action);
+
+        const loggedMessages = logStub.getCalls().map(call => call.args[0]);
+        console.log('Captured log messages for log file:', loggedMessages);
+
+        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
+    });
+
+    it('should detect sensitive data in a JSON file and block execution', async () => {
+        const action = {
+            steps: [{
+                stepName: 'diff',
+                content: {
+                    filePaths: [path.join(__dirname, 'test_data/sensitive_data4.json')] // Ensure this path is correct
+                }
+            }]
+        };
+
+        await exec(null, action);
+
+        const loggedMessages = logStub.getCalls().map(call => call.args[0]);
+        console.log('Captured log messages for JSON file:', loggedMessages);
+
+        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
+    });
+
+    
+});

test/CreateExcel.js

@@ -0,0 +1,24 @@
+const XLSX = require('xlsx');
+const fs = require('fs');
+const path = require('path');
+
+// Example data with sensitive information
+const data = [
+    { Name: "John Doe", SSN: "123-45-6789", Email: "[email protected]" },
+    { Name: "Jane Smith", SSN: "987-65-4321", Email: "[email protected]" }
+];
+
+const worksheet = XLSX.utils.json_to_sheet(data);
+const workbook = XLSX.utils.book_new();
+XLSX.utils.book_append_sheet(workbook, worksheet, "SensitiveData");
+
+// Create the path to the test_data directory
+const testDataPath = path.join(__dirname, 'test_data'); // Ensure this points to the correct directory
+
+// Create the test_data directory if it doesn't exist
+if (!fs.existsSync(testDataPath)){
+    fs.mkdirSync(testDataPath, { recursive: true }); // Using recursive to ensure all directories are created
+}
+
+// Write the Excel file to the test_data directory
+XLSX.writeFile(workbook, path.join(testDataPath, 'sensitive_data2.xlsx'));

test/test_data/sensitive_data.csv

@@ -0,0 +1,3 @@
+Name,SSN,Email
+John Doe,123-45-6789,[email protected]
+Jane Smith,987-65-4321,[email protected]

test/test_data/sensitive_data2.xlsx

@@ -0,0 +1,4 @@
+{
+    "username": "johndoe",
+    "ssn": "123-45-6789"
+}