Skip to content

Commit

Permalink
Merge pull request #847 from lenisko/hide_pii_log
Browse files Browse the repository at this point in the history 
feat: switch for hiding pii on channel log
  • Loading branch information
@TurtIeSocks
TurtIeSocks authored Sep 14, 2023
2 parents 4cff1c1 + 69d3ebb commit 2cee7b2
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 2 deletions.
1 change: 1 addition & 0 deletions server/src/configs/default.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -627,6 +627,7 @@
"type": "discord",
"enabled": false,
"logChannelId": "",
"logChannelHidePii": false,
"scanNextLogChannelId": "",
"scanZoneLogChannelId": "",
"eventLogChannelId": "",
Expand Down
3 changes: 2 additions & 1 deletion server/src/services/DiscordClient.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ class DiscordClient {
scanNext: strategy.scanNextLogChannelId,
scanZone: strategy.scanZoneLogChannelId,
}
this.loggingChannelHidePii = strategy.loggingChannelHidePii
this.perms = config.getSafe('authentication.perms')
this.alwaysEnabledPerms = config.getSafe(
'authentication.alwaysEnabledPerms',
Expand Down Expand Up @@ -269,7 +270,7 @@ class DiscordClient {
}
discordUser.valid = discordUser.perms.map !== false

const embed = await logUserAuth(req, discordUser, 'Discord')
const embed = await logUserAuth(req, discordUser, 'Discord', this.loggingChannelHidePii)
await this.sendMessage(embed)

if (discordUser.perms.blocked) {
Expand Down
11 changes: 10 additions & 1 deletion server/src/services/logUserAuth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
const { default: fetch } = require('node-fetch')
const { log, HELPERS } = require('@rm/logger')

// PII fields inside getAuthInfo embed
const PII_FIELDS = ['Ip Address', 'Geo Lookup', 'Google Map', 'Network Provider']

/**
* Convert camelCase to Capitalized Words
* @param {string} str
Expand Down Expand Up @@ -31,9 +34,10 @@ const mapPerms = (perms, userPerms) =>
* @param {import('express').Request} req
* @param {{ id: string, username: string, perms: import("@rm/types").Permissions, valid: boolean, avatar: string }} user
* @param {string} strategy
* @param {boolean} hidePii
* @returns {Promise<import('discord.js').APIEmbed>}
*/
async function getAuthInfo(req, user, strategy = 'custom') {
async function getAuthInfo(req, user, strategy = 'custom', hidePii) {

Check failure on line 40 in server/src/services/logUserAuth.js

View workflow job for this annotation

GitHub Actions / Run Basic Checks 

Default parameters should be last
const ip =
req.headers['cf-connecting-ip'] ||
`${req.headers['x-forwarded-for'] || ''}`.split(', ')[0] ||
Expand Down Expand Up @@ -199,6 +203,11 @@ async function getAuthInfo(req, user, strategy = 'custom') {
'Not authorized to access map',
)
}
if (hidePii) {
embed.fields = embed.fields.filter(field => {

Check failure on line 207 in server/src/services/logUserAuth.js

View workflow job for this annotation

GitHub Actions / Run Basic Checks 

Unexpected block statement surrounding arrow body; move the returned value immediately after the `=>`
return !PII_FIELDS.includes(field.name)
});
}
return embed
}

Expand Down

0 comments on commit 2cee7b2

Please sign in to comment.