Harden URL redaction in inventory/review failure output (Issue #171)
This commit is contained in:
@@ -59,6 +59,33 @@ class TestRedaction(unittest.TestCase):
|
||||
self.assertEqual(gitea_audit.redact(42), 42)
|
||||
self.assertIsNone(gitea_audit.redact(None))
|
||||
|
||||
def test_redacts_urls(self):
|
||||
# 1. Real service URLs are completely redacted
|
||||
self.assertEqual(
|
||||
gitea_audit._redact_str("failed for http://gitea.prgs.cc/api/v1/repos/x"),
|
||||
"failed for [REDACTED_URL]"
|
||||
)
|
||||
# 2. Hostname is redacted even without full URL prefix
|
||||
self.assertEqual(
|
||||
gitea_audit._redact_str("error contacting gitea.prgs.cc directly"),
|
||||
"error contacting [REDACTED_HOST] directly"
|
||||
)
|
||||
# 3. Synthetic test-only URLs are preserved
|
||||
self.assertEqual(
|
||||
gitea_audit._redact_str("mock URL: https://gitea.example.com/api/v1/repos/x"),
|
||||
"mock URL: https://gitea.example.com/api/v1/repos/x"
|
||||
)
|
||||
# 4. Embedded credentials in synthetic URLs are redacted
|
||||
self.assertEqual(
|
||||
gitea_audit._redact_str("mock creds: https://user:[email protected]/path"),
|
||||
"mock creds: https://[REDACTED_USER]:[REDACTED_PASS]@example.com/path"
|
||||
)
|
||||
# 5. Query secrets in synthetic URLs are redacted
|
||||
self.assertEqual(
|
||||
gitea_audit._redact_str("mock query: https://localhost:3003/api?token=abc-123&other=val"),
|
||||
"mock query: https://localhost:3003/api?token=%5BREDACTED%5D&other=val"
|
||||
)
|
||||
|
||||
|
||||
class TestBuildEvent(unittest.TestCase):
|
||||
|
||||
|
||||
@@ -209,6 +209,28 @@ class TestPRQueueInventory(unittest.TestCase):
|
||||
# uses project's redaction pattern (token prefix -> [REDACTED])
|
||||
# even if url leaks, the exception is redacted per pattern
|
||||
|
||||
@patch("mcp_server.api_get_all")
|
||||
@patch("mcp_server.api_request")
|
||||
@patch("mcp_server.get_auth_header", return_value=FAKE_AUTH)
|
||||
@patch("mcp_server.get_profile")
|
||||
def test_inventory_failure_output_redacts_real_service_urls(self, mock_get_profile, _auth, mock_api, mock_get_all):
|
||||
"""Failure paths must fully redact real service hostnames and URLs from inventory output."""
|
||||
mock_get_profile.return_value = {
|
||||
"profile_name": "gitea-author",
|
||||
"allowed_operations": ["read"],
|
||||
"forbidden_operations": [],
|
||||
"base_url": None,
|
||||
}
|
||||
mock_get_all.side_effect = Exception("failed to connect to https://gitea.prgs.cc/api/v1/repos/x")
|
||||
mock_api.return_value = {"login": "jcwalker3"}
|
||||
|
||||
result = gitea_review_pr(pr_number=42, event="APPROVE", remote="prgs")
|
||||
self.assertFalse(result["success"])
|
||||
msg = result.get("message", "")
|
||||
self.assertIn("=== PR Queue Inventory ===", msg)
|
||||
self.assertIn("[REDACTED_URL]", msg)
|
||||
self.assertNotIn("gitea.prgs.cc", msg)
|
||||
|
||||
@patch("mcp_server.api_get_all")
|
||||
@patch("mcp_server.api_request")
|
||||
@patch("mcp_server.get_auth_header", return_value=FAKE_AUTH)
|
||||
|
||||
Reference in New Issue
Block a user