forked from getsentry/sentry-elixir
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplug_test.exs
130 lines (111 loc) · 5.07 KB
/
plug_test.exs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
defmodule Sentry.PlugTest do
use ExUnit.Case
use Plug.Test
import Sentry.TestEnvironmentHelper
test "non-existent route exceptions are ignored" do
exception = %FunctionClauseError{arity: 4,
function: :do_match,
module: Sentry.ExampleApp}
assert ^exception = assert_raise(FunctionClauseError, "no function clause matching in Sentry.ExampleApp.do_match/4", fn ->
conn(:get, "/not_found")
|> Sentry.ExampleApp.call([])
end)
end
test "exception makes call to Sentry API" do
bypass = Bypass.open
Bypass.expect bypass, fn conn ->
{:ok, body, conn} = Plug.Conn.read_body(conn)
assert body =~ "RuntimeError"
assert body =~ "ExampleApp"
assert conn.request_path == "/api/1/store/"
assert conn.method == "POST"
Plug.Conn.resp(conn, 200, ~s<{"id": "340"}>)
end
modify_env(:sentry, dsn: "http://public:secret@localhost:#{bypass.port}/1")
assert_raise(RuntimeError, "Error", fn ->
conn(:get, "/error_route")
|> Sentry.ExampleApp.call([])
end)
end
test "builds request data" do
conn = conn(:get, "/error_route?key=value")
|> put_req_cookie("cookie_key", "cookie_value")
|> put_req_header("accept-language", "en-US")
request_data = Sentry.Plug.build_request_interface_data(conn, [header_scrubber: &Sentry.Plug.default_header_scrubber/1])
assert request_data[:url] =~ ~r/\/error_route$/
assert request_data[:method] == "GET"
assert request_data[:data] == %{}
assert request_data[:headers] == %{"cookie" => "cookie_key=cookie_value", "accept-language" => "en-US"}
assert request_data[:cookies] == %{"cookie_key" => "cookie_value"}
assert request_data[:query_string] == "key=value"
assert is_binary(request_data[:env]["REMOTE_ADDR"])
assert is_integer(request_data[:env]["REMOTE_PORT"])
assert is_binary(request_data[:env]["SERVER_NAME"])
assert is_integer(request_data[:env]["SERVER_PORT"])
end
test "handles data scrubbing" do
conn = conn(:post, "/error_route", %{
"hello" => "world",
"password" => "test",
"cc" => "4242424242424242"})
|> put_req_cookie("cookie_key", "cookie_value")
|> put_req_header("accept-language", "en-US")
|> put_req_header("authorization", "ignorme")
scrubber = fn conn ->
conn.params
|> Enum.filter(fn {key, val} ->
!(key in ~w(password passwd secret credit_card) ||
Regex.match?(~r/^(?:\d[ -]*?){13,16}$/, val)) # Matches Credit Cards
end)
|> Enum.into(%{})
end
options = [body_scrubber: scrubber, header_scrubber: &Sentry.Plug.default_header_scrubber/1]
request_data = Sentry.Plug.build_request_interface_data(conn, options)
assert request_data[:method] == "POST"
assert request_data[:data] == %{"hello" => "world"}
assert request_data[:headers] == %{"cookie" => "cookie_key=cookie_value", "accept-language" => "en-US", "content-type" => "multipart/mixed; boundary=plug_conn_test"}
assert request_data[:cookies] == %{"cookie_key" => "cookie_value"}
end
test "gets request_id" do
conn = conn(:get, "/error_route")
|> Plug.Conn.put_resp_header("x-request-id", "my_request_id")
request_data = Sentry.Plug.build_request_interface_data(conn, [request_id_header: "x-request-id"])
assert request_data[:env]["REQUEST_ID"] == "my_request_id"
end
test "default data scrubbing" do
conn = conn(:post, "/error_route", %{
"secret" => "world",
"password" => "test",
"passwd" => "4242424242424242",
"credit_card" => "4197 7215 7810 8280",
"count" => 334,
"is_admin" => false,
"cc" => "4197-7215-7810-8280",
"another_cc" => "4197721578108280",
"user" => %{"password" => "mypassword"}})
request_data = Sentry.Plug.build_request_interface_data(conn, body_scrubber: &Sentry.Plug.default_body_scrubber/1)
assert request_data[:method] == "POST"
assert request_data[:data] == %{"secret" => "*********", "password" => "*********", "count" => 334,
"is_admin" => false, "passwd" => "*********", "credit_card" => "*********", "cc" => "*********",
"another_cc" => "*********", "user" => %{"password" => "*********"}}
end
test "handles data scrubbing with file upload" do
bypass = Bypass.open
Bypass.expect bypass, fn conn ->
{:ok, body, conn} = Plug.Conn.read_body(conn)
json = Poison.decode!(body)
assert is_map(json["request"]["data"]["image"])
assert json["request"]["data"]["password"] == "*********"
Plug.Conn.resp(conn, 200, ~s<{"id": "340"}>)
end
modify_env(:sentry, dsn: "http://public:secret@localhost:#{bypass.port}/1")
upload = %Plug.Upload{path: "test/fixtures/my_image.png", filename: "my_image.png"}
assert_raise(RuntimeError, "Error", fn ->
conn(:post, "/error_route", %{"image" => upload, "password" => "my_password"})
|> put_req_cookie("cookie_key", "cookie_value")
|> put_req_header("accept-language", "en-US")
|> put_req_header("authorization", "ignorme")
|> Sentry.ExampleApp.call([])
end)
end
end