refine tests, add data sanitization test

Author: ahuseyn

plugins/wpgraphql-logging/tests/e2e/constants.js

@@ -8,6 +8,13 @@ export const GET_POSTS_QUERY = `
 				id
 				title
 				date
+				excerpt
+				author {
+					node {
+						id
+						name
+					}
+				}
 			}
 		}
 	}

plugins/wpgraphql-logging/tests/e2e/specs/basic-usage.spec.js

@@ -30,7 +30,6 @@ test.describe("Configure WPGraphQL Logging Plugin and Verify Logging Works", ()
 
 		await expect(page.locator(".notice.notice-success")).toBeVisible();
 
-		// Execute a GraphQL query
 		const response = await executeGraphQLQuery(request, GET_POSTS_QUERY);
 		expect(response.ok()).toBeTruthy();
 

plugins/wpgraphql-logging/tests/e2e/specs/data-cleanup.spec.js

@@ -3,6 +3,7 @@ import {
 	configureDataManagement,
 	goToLoggingSettingsPage,
 	resetPluginSettings,
+	switchToSettingsTab,
 } from "../utils";
 
 test.describe("Data Management - Configure Automatic Cleanup", () => {
@@ -29,10 +30,7 @@ test.describe("Data Management - Configure Automatic Cleanup", () => {
 		// Reload the page to verify settings persisted
 		await page.reload({ waitUntil: "networkidle" });
 
-		await page
-			.locator("#wpbody-content")
-			.getByRole("link", { name: "Data Management" })
-			.click();
+		await switchToSettingsTab(page, "Data Management");
 
 		const deletionCheckbox = page.locator(
 			'input[name="wpgraphql_logging_settings[data_management][data_deletion_enabled]"]'

plugins/wpgraphql-logging/tests/e2e/specs/exclude-and-sanitize.spec.js

@@ -3,6 +3,7 @@ import {
 	goToLoggingSettingsPage,
 	goToLogsListPage,
 	configureLogging,
+	configureDataManagement,
 	executeGraphQLQuery,
 	resetPluginSettings,
 } from "../utils";
@@ -44,36 +45,58 @@ test.describe("Exclude Sensitive Queries from Logging", () => {
 		).toBeVisible();
 	});
 
-	test("should log queries when not excluded", async ({
+	test("should sanitize sensitive data in logs when sanitization is enabled", async ({
 		page,
 		admin,
 		request,
 	}) => {
-		// Set up logging without excluded queries
+		// Set up logging settings and execute a GraphQL query
 		await goToLoggingSettingsPage(admin);
+		await expect(page.locator("h1")).toHaveText("WPGraphQL Logging Settings");
 
 		await configureLogging(page, {
 			enabled: true,
 			dataSampling: "100",
 			eventLogSelection: ["graphql_request_results"],
-			excludeQueries: "",
 		});
 
-		await expect(page.locator(".notice.notice-success")).toBeVisible();
+		await goToLoggingSettingsPage(admin);
+		await configureDataManagement(page, {
+			dataSanitizationEnabled: true,
+			dataSanitizationMethod: "custom",
+			dataSanitizationCustomFieldAnonymize: "request.app_context.viewer",
+		});
 
-		// Execute query
+		// Navigate to log details page
 		await executeGraphQLQuery(request, GET_POSTS_QUERY);
 
-		// Navigate to logs and verify query is logged
 		await goToLogsListPage(admin);
 		await expect(page.locator("h1")).toContainText("WPGraphQL Logs");
 
-		// Verify GetPosts query is logged
-		const getPostsLog = page
+		const logRow = page
 			.locator("#the-list tr")
-			.filter({ hasText: "GetPosts" });
-		await expect(getPostsLog).toBeVisible({ timeout: 10000 });
-	});
+			.filter({ hasText: "GetPosts" })
+			.first();
+		await expect(logRow).toBeVisible({ timeout: 10000 });
+
+		const viewLink = logRow.locator(".row-actions .view a");
+		await expect(viewLink).toBeVisible();
+		await viewLink.focus();
+		await viewLink.click();
 
-	// TODO add sanitization tests here
+		await expect(page.locator("h1")).toContainText("Log Entry");
+
+		const logTable = page.locator(".widefat.striped");
+		const contextRow = logTable
+			.locator("tr")
+			.filter({ has: page.locator("th", { hasText: "Context" }) });
+
+		await expect(contextRow).toBeVisible();
+
+		// Verify sanitization in the content
+		const contextContent = await contextRow.locator("td pre").textContent();
+
+		expect(contextContent).toBeTruthy();
+		expect(contextContent).toContain('"viewer": "***"');
+	});
 });

plugins/wpgraphql-logging/tests/e2e/utils.js

@@ -130,6 +130,16 @@ export async function getLogDetails(page, logId) {
 	return details;
 }
 
+/**
+ * Switch to a settings tab
+ */
+export async function switchToSettingsTab(page, tabName) {
+	await page
+		.locator("#wpbody-content")
+		.getByRole("link", { name: "Data Management" })
+		.click();
+}
+
 /**
  * Configure data management settings
  */
@@ -139,6 +149,9 @@ export async function configureDataManagement(page, settings = {}) {
 		dataRetentionDays = "30",
 		dataSanitizationEnabled = false,
 		dataSanitizationMethod = "recommended",
+		dataSanitizationCustomFieldAnonymize = "",
+		dataSanitizationCustomFieldRemove = "",
+		dataSanitizationCustomFieldTruncate = "",
 	} = settings;
 
 	// Switch to Data Management tab
@@ -178,6 +191,33 @@ export async function configureDataManagement(page, settings = {}) {
 		)
 		.selectOption(dataSanitizationMethod);
 
+	// Set custom field anonymize (if provided)
+	if (dataSanitizationCustomFieldAnonymize) {
+		await page
+			.locator(
+				'input[name="wpgraphql_logging_settings[data_management][data_sanitization_custom_field_anonymize]"]'
+			)
+			.fill(dataSanitizationCustomFieldAnonymize);
+	}
+
+	// Set custom field remove (if provided)
+	if (dataSanitizationCustomFieldRemove) {
+		await page
+			.locator(
+				'input[name="wpgraphql_logging_settings[data_management][data_sanitization_custom_field_remove]"]'
+			)
+			.fill(dataSanitizationCustomFieldRemove);
+	}
+
+	// Set custom field truncate (if provided)
+	if (dataSanitizationCustomFieldTruncate) {
+		await page
+			.locator(
+				'input[name="wpgraphql_logging_settings[data_management][data_sanitization_custom_field_truncate]"]'
+			)
+			.fill(dataSanitizationCustomFieldTruncate);
+	}
+
 	await page.getByRole("button", { name: "Save Changes" }).click();
 	await page.waitForSelector(".notice.notice-success");
 }