-
Notifications
You must be signed in to change notification settings - Fork 22
/
Copy pathredact.go
54 lines (49 loc) · 1.45 KB
/
redact.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package cmd
import (
"strings"
)
// Redactatron - redacts sensitive information from being written to the logs
// Redaction is configurable with Install's Redact boolean config.
// If true (the default), sensitive info will be redacted
func (d *DDConfig) redactatron(l string, on bool) string {
// Redact sensitive data if it's turned on
if on {
// Redact sensitive info from the files in ./logs/
clean := l
r := "[~REDACTED~]"
for i := range d.sensStr {
// Replacement will only be for redacted values
clean = strings.Replace(clean, d.sensStr[i], r, -1)
}
return clean
}
return l
}
// initRedact - sets up the data to be redacted by Redactatron
func (d *DDConfig) initRedact() {
// Setup Default strings to redact
l := []string{
d.conf.Install.DB.Rpass,
d.conf.Install.DB.Pass,
d.conf.Install.OS.Pass,
d.conf.Install.Admin.Pass,
d.conf.Settings.CeleryBrokerPassword,
d.conf.Settings.DatabasePassword,
d.conf.Settings.SecretKey,
d.conf.Settings.CredentialAES256Key,
d.conf.Settings.SocialAuthGoogleOauth2Key,
d.conf.Settings.SocialAuthGoogleOauth2Secret,
d.conf.Settings.SocialAuthOktaOauth2Key,
d.conf.Settings.SocialAuthOktaOauth2Secret,
}
// Add the strings from DojoConfig to be redacted if they have content
for i := range l {
if len(l[i]) > 0 {
d.sensStr = append(d.sensStr, l[i])
}
}
}
func (d *DDConfig) addRedact(s string) {
// Add an additional string to redact from the logs
d.sensStr = append(d.sensStr, s)
}