Added tests for Data Sanisation.

Author: colinmurphy

plugins/wpgraphql-logging/src/Logger/Processors/DataSanitizationProcessor.php

@@ -35,7 +35,7 @@ public function __construct() {
 	/**
 	 * Check if data sanitization is enabled.
 	 */
-	protected function is_enabled(): bool {
+	public function is_enabled(): bool {
 		$is_enabled = (bool) ( $this->config[ DataManagementTab::DATA_SANITIZATION_ENABLED ] ?? false );
 		return apply_filters( 'wpgraphql_logging_data_sanitization_enabled', $is_enabled );
 	}
@@ -52,7 +52,8 @@ protected function get_rules(): array {
 		if ( 'recommended' === $method ) {
 			return apply_filters( 'wpgraphql_logging_data_sanitization_rules', $this->get_recommended_rules() );
 		}
-			return apply_filters( 'wpgraphql_logging_data_sanitization_rules', $this->get_custom_rules() );
+
+		return apply_filters( 'wpgraphql_logging_data_sanitization_rules', $this->get_custom_rules() );
 	}
 
 	/**
@@ -92,7 +93,7 @@ protected function get_custom_rules(): array {
 
 			$field_string = trim( $field_string );
 			$field_list   = array_filter(
-				explode( ',', $field_string ),
+				array_map( 'trim', explode( ',', $field_string ) ),
 				static function ($value) {
 					return '' !== $value;
 				}
@@ -102,6 +103,7 @@ static function ($value) {
 				$rules[ $field ] = $action;
 			}
 		}
+
 		return $rules;
 	}
 
@@ -140,8 +142,7 @@ protected function &navigate_to_parent(array &$data, array $keys): ?array {
 		$current = &$data;
 		foreach ( $keys as $segment ) {
 			if ( ! is_array( $current ) || ! isset( $current[ $segment ] ) ) {
-				$null = null;
-				return $null;
+				return null;
 			}
 			$current = &$current[ $segment ];
 		}

plugins/wpgraphql-logging/tests/wpunit/Logger/Processors/DataSanizationProcessorTest.php

@@ -0,0 +1,182 @@
+<?php
+
+namespace WPGraphQL\Logging\Tests\Logger\Processors;
+
+use WPGraphQL\Logging\Logger\Processors\DataSanitizationProcessor;
+use WPGraphQL\Logging\Admin\Settings\ConfigurationHelper;
+use lucatume\WPBrowser\TestCase\WPTestCase;
+use WPGraphQL\Logging\Admin\Settings\Fields\Tab\DataManagementTab;
+use Monolog\LogRecord;
+use Monolog\Level;
+use DateTimeImmutable;
+
+/**
+ * Test cases for the DataSanitizationProcessor
+ *
+ * @package WPGraphQL\Logging
+ *
+ * @since 0.0.1
+ */
+class DataSanitizationProcessorTest extends WPTestCase {
+
+
+	public function create_mock_processor(array $config) : DataSanitizationProcessor {
+		$processor = new DataSanitizationProcessor();
+		$reflection = new \ReflectionClass($processor);
+		$configProperty = $reflection->getProperty('config');
+		$configProperty->setAccessible(true);
+		$configProperty->setValue($processor, $config);
+		return $processor;
+	}
+
+	public function test_process_record_not_enabled(): void
+	{
+		$processor = $this->create_mock_processor(
+			[
+				DataManagementTab::DATA_SANITIZATION_ENABLED => false,
+				DataManagementTab::DATA_SANITIZATION_METHOD => 'recommended',
+			]
+		);
+
+		$record = new LogRecord(
+			new DateTimeImmutable('now'),
+			'wpgraphql_logging',
+			Level::Info,
+			'Test log message',
+			['test_field' => 'test_value'],
+			[]
+		);
+		$result = $processor->__invoke($record);
+		$this->assertSame($record, $result);
+	}
+
+
+	public function test_process_record_empty_custom_rules_no_processing(): void {
+
+		$processor = $this->create_mock_processor(
+			[
+				DataManagementTab::DATA_SANITIZATION_ENABLED => true,
+				DataManagementTab::DATA_SANITIZATION_METHOD => 'custom',
+				DataManagementTab::DATA_SANITIZATION_CUSTOM_FIELD_ANONYMIZE => '',
+				DataManagementTab::DATA_SANITIZATION_CUSTOM_FIELD_REMOVE => '',
+				DataManagementTab::DATA_SANITIZATION_CUSTOM_FIELD_TRUNCATE => ''
+			]
+		);
+
+		$record = new LogRecord(
+			new DateTimeImmutable('now'),
+			'wpgraphql_logging',
+			Level::Info,
+			'Test log message',
+			['test_field' => 'test_value'],
+			[]
+		);
+		$result = $processor->__invoke($record);
+		$this->assertSame($record, $result);
+	}
+
+
+	public function test_process_record_process_recommended_rules(): void
+	{
+		$processor = $this->create_mock_processor(
+			[
+				DataManagementTab::DATA_SANITIZATION_ENABLED => true,
+				DataManagementTab::DATA_SANITIZATION_METHOD => 'recommended',
+			]
+		);
+
+		$record = new LogRecord(
+			new DateTimeImmutable('now'),
+			'wpgraphql_logging',
+			Level::Info,
+			'Test log message',
+			[
+				'request' => [
+					'app_context' => [
+						'viewer' => [
+							'data' => [
+								'user_email' => 'sensitive_data',
+							],
+							'allcaps' => 'administrator',
+							'cap_key' => 'sensitive_data',
+							'caps' => 'sensitive_data',
+							'safe_field' => 'safe_data'
+						]
+					]
+				],
+				'query' => 'query { posts { id } }'
+			],
+			[]
+		);
+		$result = $processor->__invoke($record);
+		$this->assertNotSame($record, $result);
+
+		$data = $result->toArray();
+
+		$this->assertSame($data['context'], [
+			'request' => [
+				'app_context' => [
+					'viewer' => [
+						'safe_field' => 'safe_data'
+					]
+				]
+			],
+			'query' => 'query { posts { id } }'
+		]);
+	}
+
+
+	public function test_process_record_process_custom_rules(): void
+	{
+		$processor = $this->create_mock_processor(
+			[
+				DataManagementTab::DATA_SANITIZATION_ENABLED => true,
+				DataManagementTab::DATA_SANITIZATION_METHOD => 'custom',
+				DataManagementTab::DATA_SANITIZATION_CUSTOM_FIELD_ANONYMIZE => 'request.app_context.viewer.user_email, request.app_context.viewer.display_name',
+				DataManagementTab::DATA_SANITIZATION_CUSTOM_FIELD_REMOVE => 'request.app_context.viewer.allcaps, request.app_context.viewer.cap_key',
+				DataManagementTab::DATA_SANITIZATION_CUSTOM_FIELD_TRUNCATE => 'request.app_context.viewer.caps'
+			]
+		);
+
+		$record = new LogRecord(
+			new DateTimeImmutable('now'),
+			'wpgraphql_logging',
+			Level::Info,
+			'Test log message',
+			[
+				'request' => [
+					'app_context' => [
+						'viewer' => [
+							'display_name' => 'Sensitive Name',
+							'user_email' => 'sensitive_data',
+							'allcaps' => 'administrator',
+							'cap_key' => 'sensitive_data',
+							'caps' => 'This is a really long string that should be truncated',
+							'safe_field' => 'safe_data'
+						]
+					]
+				],
+				'query' => 'query { posts { id } }'
+			],
+			[]
+		);
+		$result = $processor->__invoke($record);
+		$this->assertNotSame($record, $result);
+
+		$data = $result->toArray();
+
+		$this->assertSame($data['context'], [
+			'request' => [
+				'app_context' => [
+					'viewer' => [
+						'display_name' => '***',
+						'user_email' => '***',
+						'caps' => 'This is a really long string that should be tru...',
+						'safe_field' => 'safe_data',
+					]
+				]
+			],
+			'query' => 'query { posts { id } }'
+		]);
+	}
+}

plugins/wpgraphql-logging/tests/wpunit/Rules/AdminUserRuleTest.php renamed to plugins/wpgraphql-logging/tests/wpunit/Logger/Rules/AdminUserRuleTest.php

@@ -0,0 +1,105 @@
+<?php
+
+declare(strict_types=1);
+
+namespace WPGraphQL\Logging\Tests\Logging\Rules;
+
+use WPGraphQL\Logging\Logger\Rules\RuleManager;
+use WPGraphQL\Logging\Logger\Rules\LoggingRuleInterface;
+use lucatume\WPBrowser\TestCase\WPTestCase;
+
+/**
+ * Test the RuleManager class.
+ *
+ * @package WPGraphQL\Logging
+ *
+ * @since 0.0.1
+ */
+class RuleManagerTest extends WPTestCase {
+
+	private RuleManager $rule_manager;
+
+	public function setUp(): void {
+		parent::setUp();
+		$this->rule_manager = new RuleManager();
+	}
+
+	public function test_add_rule(): void {
+		$rule = $this->createMock(LoggingRuleInterface::class);
+		$rule->method('get_name')->willReturn('test_rule');
+
+		$this->rule_manager->add_rule($rule);
+
+		// Test that all_rules_pass works with the added rule
+		$rule->method('passes')->willReturn(true);
+		$this->assertTrue($this->rule_manager->all_rules_pass([]));
+	}
+
+	public function test_all_rules_pass_with_no_rules(): void {
+		$this->assertTrue($this->rule_manager->all_rules_pass([]));
+	}
+
+	public function test_all_rules_pass_with_single_passing_rule(): void {
+		$rule = $this->createMock(LoggingRuleInterface::class);
+		$rule->method('get_name')->willReturn('passing_rule');
+		$rule->method('passes')->willReturn(true);
+
+		$this->rule_manager->add_rule($rule);
+
+		$this->assertTrue($this->rule_manager->all_rules_pass(['key' => 'value']));
+	}
+
+	public function test_all_rules_pass_with_single_failing_rule(): void {
+		$rule = $this->createMock(LoggingRuleInterface::class);
+		$rule->method('get_name')->willReturn('failing_rule');
+		$rule->method('passes')->willReturn(false);
+
+		$this->rule_manager->add_rule($rule);
+
+		$this->assertFalse($this->rule_manager->all_rules_pass(['key' => 'value']));
+	}
+
+	public function test_all_rules_pass_with_multiple_passing_rules(): void {
+		$rule1 = $this->createMock(LoggingRuleInterface::class);
+		$rule1->method('get_name')->willReturn('rule_1');
+		$rule1->method('passes')->willReturn(true);
+
+		$rule2 = $this->createMock(LoggingRuleInterface::class);
+		$rule2->method('get_name')->willReturn('rule_2');
+		$rule2->method('passes')->willReturn(true);
+
+		$this->rule_manager->add_rule($rule1);
+		$this->rule_manager->add_rule($rule2);
+
+		$this->assertTrue($this->rule_manager->all_rules_pass(['key' => 'value']));
+	}
+
+	public function test_all_rules_pass_with_mixed_rules(): void {
+		$passing_rule = $this->createMock(LoggingRuleInterface::class);
+		$passing_rule->method('get_name')->willReturn('passing_rule');
+		$passing_rule->method('passes')->willReturn(true);
+
+		$failing_rule = $this->createMock(LoggingRuleInterface::class);
+		$failing_rule->method('get_name')->willReturn('failing_rule');
+		$failing_rule->method('passes')->willReturn(false);
+
+		$this->rule_manager->add_rule($passing_rule);
+		$this->rule_manager->add_rule($failing_rule);
+
+		$this->assertFalse($this->rule_manager->all_rules_pass(['key' => 'value']));
+	}
+
+	public function test_all_rules_pass_with_query_string(): void {
+		$rule = $this->createMock(LoggingRuleInterface::class);
+		$rule->method('get_name')->willReturn('query_rule');
+		$rule->expects($this->once())
+			->method('passes')
+			->with(['key' => 'value'], 'query { user { name } }')
+			->willReturn(true);
+
+		$this->rule_manager->add_rule($rule);
+
+		$this->assertTrue($this->rule_manager->all_rules_pass(['key' => 'value'], 'query { user { name } }'));
+	}
+
+}