git-proxy/test/CheckSensitive.test.js at CitiHackathon · Psingle20/git-proxy · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
// const path = require('path');
const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary
const sinon = require('sinon');
const {Action}=require('../src/proxy/actions/Action.js')
const {Step}=require('../src/proxy/actions/Step.js')


describe('Sensitive Data Detection', () => {
    let logStub;

    beforeEach(() => {
        logStub = sinon.stub(console, 'log'); // Stub console.log before each test
    });

    afterEach(() => {
        logStub.restore(); // Restore console.log after each test
    });

    const createDiffContent = (filePaths) => {
        // Format file paths in diff format
        return filePaths.map(filePath => `diff --git a/${filePath} b/${filePath}`).join('\n');
    };
// make sure the file types are added in proxyfiletypes in proxy.config.json
    it('should detect sensitive data in CSV file and block execution', async () => {
        const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo');
        const step = new Step('diff');

        // Create diff content simulating sensitive data in CSV
        step.setContent(createDiffContent(['test/test_data/sensitveDatalikecsv/sensitive_data.csv']));
        action.addStep(step)

        await exec(null, action);
        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
    });

    it('should detect sensitive data in XLSX file and block execution', async () => {
        const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo');
        const step = new Step('diff');
        step.setContent(createDiffContent(['test/test_data/sensitveDatalikecsv/sensitive_data2.xlsx']));
        action.addStep(step);

        await exec(null, action);
        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
    });

    it('should detect sensitive data in a log file and block execution', async () => {
       // need to create the sample data
        const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo');
        const step = new Step('diff');
        step.setContent(createDiffContent(['test/test_data/sensitveDatalikecsv/sensitive_data3.log']));
        action.addStep(step);
        await exec(null, action);
        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
    });

    it('should detect sensitive data in a JSON file and block execution', async () => {


        const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo');
        const step = new Step('diff');
        step.setContent(createDiffContent(['test/test_data/sensitveDatalikecsv/sensitive_data4.json']));
        action.addStep(step);
        await exec(null, action);
        sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
    });

    it('should allow execution if no sensitive data is found', async () => {
         // need to create sample data


        const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo');
        const step = new Step('diff');
        step.setContent(createDiffContent(['test_data/sensitveDatalikecsv/no_sensitive_data.txt']));
        action.addStep(step);
        await exec(null, action);
        sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
    });

    it('should allow execution for an empty file', async () => {
        // need to create sample data


        const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo');
        const step = new Step('diff');
        step.setContent(createDiffContent(['test_data/sensitveDatalikecsv/empty_file.txt']));
        action.addStep(step);
        await exec(null, action);
        sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/));
    });

    it('should handle file-not-found scenario gracefully', async () => {

        const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo');
        const step = new Step('diff');
        step.setContent(createDiffContent(['test_data/sensitveDatalikecsv/non_existent_file.txt']));
        action.addStep(step);
        try {
            await exec(null, action);
        } catch (error) {
            sinon.assert.match(error.message, /ENOENT: no such file or directory/);
        }
    });
});