Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial Obfuscation feature #1

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
Open
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ npm-debug.log
.nyc_output
lib
lib_test
.vscode/
92 changes: 79 additions & 13 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,30 +4,96 @@
[![Coverage Status](https://coveralls.io/repos/github/{{github-user-name}}/{{github-app-name}}/badge.svg?branch=master)](https://coveralls.io/github/{{github-user-name}}/{{github-app-name}}?branch=master)
[![MIT license](http://img.shields.io/badge/license-MIT-brightgreen.svg)](http://opensource.org/licenses/MIT)

# Using this module in other modules
# Setup

Here is a quick example of how this module can be used in other modules. The [TypeScript Module Resolution Logic](https://www.typescriptlang.org/docs/handbook/module-resolution.html) makes it quite easy. The file `src/index.ts` is a [barrel](https://basarat.gitbooks.io/typescript/content/docs/tips/barrel.html) that re-exports selected exports from other files. The _package.json_ file contains `main` attribute that points to the generated `lib/index.js` file and `typings` attribute that points to the generated `lib/index.d.ts` file.
- To set up the `TyranidObfuscator`, mark fields on a collection with `obfuscateable:true` as shown below. In addition provide a collection name that
will be used for storing the metadata for each obfuscation batch

> If you are planning to have code in multiple files (which is quite natural for a NodeJS module) that users can import, make sure you update `src/index.ts` file appropriately.
```ts
export const User = new Tyr.Collection({
id: 'u00',
name: 'user',
dbName: 'dbTest',
fields: {
_id: { is: 'mongoid' },
email: { is: 'email' },
firstName: { is: 'string', obfuscateable: true, required: true },
lastName: { is: 'string', obfuscateable: true },
gender: { is: 'string' },
ip_address: { is: 'string', obfuscateable:true, required: true},
createdAt: { is: 'date' }
}
}) as UserCollection;
```

- Add a call to `TyrObfuscator.validate();` after calling `Tyr.validate();`, this will ensure that fields marked `obfuscateable` are valid

```ts
Tyr.validate();
TyrObfuscator.validate();
```


# Usage

- To preserve data that will be obfuscated, utilize the `Tyr.copyObfuscateableData` function. Provide a query that selects a subset from the target collection as well as a secondary collection to migrate the data to. In the below example, the previously instantiated `User` collection will have the first ten records migrated to a new collection called `copiedPIICollection`

```ts
const copiedPIICollection = new Tyr.Collection({
id: '_c1',
name: 'copiedData',
dbName: 'copiedData',
internal: false,
fields: {
_id: { is: 'mongoid' },
firstName: { is: 'string' },
lastName: { is: 'string' },
ip_address: { is: 'string' }
}
});

Now assuming you have published this amazing module to _npm_ with the name `my-amazing-lib`, and installed it in the module in which you need it -
const query ={ { _id: { $lte: 10 } } ;
await Tyr.copyObfuscateableData(query, Tyr.byName.user, copiedPIICollection);
```

- To use the `Greeter` class in a TypeScript file -
- The preserved data can either be exported, kept in place, or encrypted for secure cold storage. `Tyr.encryptCollection` will use AES encryption across all records of a given collection, secured with the provided password or `masterKey`

```ts
import { Greeter } from "my-amazing-lib";
await Tyr.encryptCollection(copiedPIICollection, masterKey);
```

- Next apply static replacement values to all of the selected records in `User`. Provide the same query to mask a subset of records in `User`. The field name to value object specified for `replacementValues` will replace the data in the `User` collection with the specified values.

- Each record affected will have a corresponding entry in the metadata collection that can be queried to determine fictitious values in the `User` collection. The metadata collection will be named by appending the provided `metadataSuffix` value to the given collection. In the below example, collection `user` will have a metadata collection name of `user__metadata`;



const greeter = new Greeter("World!");
greeter.greet();
```ts
// Again, mask the first ten records
const query = { _id: { $lte: 10 } };

const opts: Tyr.ObfuscateBatchOpts = {
query: query,
collection: Tyr.byName.user,
replacementValues: {
firstName: 'John',
lastName: 'Doe',
ip_address: '0.0.0.0'
},
metadataSuffix: '__metadata'
};

const batchResults: Tyr.ObfuscateBatchResult = await Tyr.obfuscate(opts);
```

- To use the `Greeter` class in a JavaScript file -

```js
const Greeter = require('my-amazing-lib').Greeter;

const greeter = new Greeter('World!');
greeter.greet();
- To restore the obfuscated data to its original state call `Tyr.restoreObfuscatedData` with the collection to restore (`User`), the collection holidng the values to be placed on the collection to restore (`copiedPIICollection`), a query to restore a subset of the records in `copiedPIICollection` and finally the masterKey used to decrypt the collection if it was encrypted.

```ts
// Blank query to restore all records from copiedPIICollection
const query: Tyr.MongoQuery = {};
await Tyr.restoreObfuscatedData(Tyr.byName.user, copiedPIICollection, query, masterKey);
```

## Setting travis and coveralls badges
Expand Down
Loading