def test_redact_existing_token(
monkeypatch,
proxy_context,
flow_context,
route_context,
):
monkeypatch.setattr(
'satellite.aliases.store.get_session',
Mock(),
)
monkeypatch.setattr(
'satellite.aliases.store.AliasStore.get_by_value',
Mock(return_value=[
Mock(
id='ead9d833-eb9a-474c-9894-16de59682dce',
public_alias='tok_sat_medNmHNXKxwuHq8AvfAhmo',
)
]),
)
emit_audit_log = Mock()
monkeypatch.setattr(
'satellite.aliases.manager.audit_logs.emit',
emit_audit_log,
)
monkeypatch.setattr(
'satellite.aliases.manager.uuid.uuid4',
Mock(return_value='ead9d833-eb9a-474c-9894-16de59682dce'),
)
with ctx.use_context(proxy_context), ctx.use_context(
flow_context), ctx.use_context(route_context):
alias = alias_manager.redact(
'value',
generator_type=AliasGeneratorType.UUID,
store_type=AliasStoreType.PERSISTENT,
)
assert alias.public_alias == 'tok_sat_medNmHNXKxwuHq8AvfAhmo'
emit_audit_log.assert_called_once_with(
records.VaultRecordUsageLogRecord(
action_type=records.ActionType.DE_DUPE,
alias_generator=AliasGeneratorType.UUID,
flow_id='313980a8-ff6c-4b13-b5a3-03909389295b',
phase=Phase.REQUEST,
proxy_mode=ProxyMode.REVERSE,
record_id='ead9d833-eb9a-474c-9894-16de59682dce',
record_type=AliasStoreType.PERSISTENT,
route_id='41265f94-3ea5-46ad-b5f5-26221a41db34',
))
def test_ok(self):
self.proxy_manager.get_audit_logs = Mock(return_value=[
records.VaultRequestAuditLogRecord(
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
proxy_mode=ProxyMode.REVERSE,
method='POST',
uri='http://httpbin.org/post',
),
records.UpstreamResponseLogRecord(
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
proxy_mode=ProxyMode.REVERSE,
status_code=200,
upstream='httpbin.org',
),
records.VaultRecordUsageLogRecord(
action_type=records.ActionType.CREATED,
alias_generator=AliasGeneratorType.UUID,
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
phase=Phase.REQUEST,
proxy_mode=ProxyMode.REVERSE,
record_id='75dc92d5-e9ec-45b9-a63a-5bdeb5a2fc91',
record_type=AliasStoreType.PERSISTENT,
route_id='01058009-1693-4177-bcf6-fc87c57a4bfd',
),
records.RouteEvaluationLogRecord(
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
matched=True,
phase=Phase.REQUEST,
proxy_mode=ProxyMode.REVERSE,
route_id='01058009-1693-4177-bcf6-fc87c57a4bfd',
),
records.FilterEvaluationLogRecord(
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
matched=True,
phase=Phase.REQUEST,
proxy_mode=ProxyMode.REVERSE,
route_id='01058009-1693-4177-bcf6-fc87c57a4bfd',
filter_id='d5e8d035-f70f-416b-8021-812d55d0c360',
),
records.VaultTrafficLogRecord(
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
proxy_mode=ProxyMode.REVERSE,
bytes=123,
label=records.TrafficLabel.FROM_SERVER,
),
records.OperationLogRecord(
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
proxy_mode=ProxyMode.REVERSE,
route_id='01058009-1693-4177-bcf6-fc87c57a4bfd',
filter_id='d93d3034-6f78-4f00-842b-c4f9d351b4ef',
phase=Phase.REQUEST,
operation_name='github.com/verygoodsecurity/common/script',
execution_time_ms=1,
execution_time_ns=1000000,
status=records.OperationStatus.OK,
error_message=None,
),
records.OperationPipelineEvaluationLogRecord(
flow_id='c8973f85-bb66-450b-9dd1-5f6e2c57b8bd',
proxy_mode=ProxyMode.REVERSE,
route_id='01058009-1693-4177-bcf6-fc87c57a4bfd',
filter_id='d93d3034-6f78-4f00-842b-c4f9d351b4ef',
phase=Phase.REQUEST,
execution_time_ms=1,
execution_time_ns=1000000,
operations=['github.com/verygoodsecurity/common/script'],
),
])
response = self.fetch(
self.get_url('/logs/f15ccebf-6b79-4386-a4ec-0e7e3b119c03'))
self.assertEqual(response.code, 200)
self.assertMatchSnapshot(json.loads(response.body))