Merge pull request #8 from philips-software/feature/replace-scary-characters

💀 Replace scary characters

Author: loafoe

iam/client.go

@@ -550,7 +550,7 @@ func (c *Client) Do(req *http.Request, v interface{}) (*Response, error) {
 		if c.debugFile != nil {
 			c.debugFile.WriteString(out)
 		} else {
-			fmt.Printf(out)
+			fmt.Println(out)
 		}
 	}
 	if err != nil {

logging/bundle.go

@@ -46,8 +46,13 @@ type LogData struct {
 
 // Valid returns true if a resource is valid according to HSDP rules, false otherwise
 func (r *Resource) Valid() bool {
-	if r.EventID != "" && r.TransactionID != "" && r.LogTime != "" && r.LogData.Message != "" {
-		return true
+	var u map[string]interface{}
+
+	if r.EventID == "" || r.TransactionID == "" || r.LogTime == "" || r.LogData.Message == "" {
+		return false
+	}
+	if len(r.Custom) > 0 && json.Unmarshal(r.Custom, &u) != nil {
+		return false
 	}
-	return false
+	return true
 }

logging/client.go

@@ -12,6 +12,7 @@ import (
 	"net/http/httputil"
 	"net/url"
 	"os"
+	"strings"
 
 	"github.com/philips-software/go-hsdp-api/fhir"
 	signer "github.com/philips-software/go-hsdp-signer"
@@ -32,6 +33,22 @@ var (
 	ErrMissingSharedSecret = errors.New("missing shared secret")
 	ErrMissingBaseURL      = errors.New("missing base URL")
 	ErrMissingProductKey   = errors.New("missing ProductKey")
+
+	scaryMap = map[string]string{
+		";":    "💀[semicolon]",
+		"\\\\": "🎃[backslash]",
+		"&":    "👻[amp]",
+		">":    "👿[gt]",
+		"<":    "👾[lt]",
+		"=":    "👾[equal]",
+		"\\u":  "🎃[utf]",
+		"\\f":  "🎃[ff]",
+		"\\b":  "🎃[bs]",
+		"\\r":  "🎃[cr]",
+		"\\n":  "🎃[lf]",
+		"\\t":  "🎃[tab]",
+		"\\\"": "🎃[quote]",
+	}
 )
 
 // Storer defines the store operations for logging
@@ -71,7 +88,6 @@ type Client struct {
 	url        *url.URL
 	httpClient *http.Client
 	httpSigner *signer.Signer
-	debugFile  *os.File
 }
 
 // Response holds a LogEvent response
@@ -215,6 +231,7 @@ func (c *Client) StoreResources(msgs []Resource, count int) (*Response, error) {
 	j := 0
 	for i := 0; i < count; i++ {
 		msg := msgs[i]
+		replaceScaryCharacters(&msg)
 		if !msg.Valid() {
 			invalid = append(invalid, msg)
 			continue
@@ -268,3 +285,15 @@ func (c *Client) StoreResources(msgs []Resource, count int) (*Response, error) {
 
 	return resp, err
 }
+
+func replaceScaryCharacters(msg *Resource) {
+	if len(msg.Custom) == 0 {
+		return
+	}
+	stringCustom := strings.Replace(string(msg.Custom), "\\\\", "🎃[backslash]", -1)
+
+	for s, r := range scaryMap {
+		stringCustom = strings.Replace(stringCustom, s, r, -1)
+	}
+	msg.Custom = []byte(stringCustom)
+}

logging/client_test.go

@@ -1,13 +1,16 @@
 package logging
 
 import (
+	"encoding/json"
 	"io"
 	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"os"
 	"testing"
 
+	"github.com/stretchr/testify/assert"
+
 	"github.com/Jeffail/gabs"
 	signer "github.com/philips-software/go-hsdp-signer"
 )
@@ -187,17 +190,10 @@ func TestStoreResourcesWithInvalidKeypair(t *testing.T) {
 	}
 
 	resp, err := client.StoreResources(resource, len(resource))
-	if resp == nil {
-		t.Errorf("Unexpected nil value for response")
-		return
-	}
+	assert.NotNil(t, resp)
 	_ = err.Error() // Just to up coverage
-	if resp.StatusCode != http.StatusForbidden {
-		t.Errorf("Expected HTTP 403, Got: %d", resp.StatusCode)
-	}
-	if err == nil {
-		t.Errorf("Expected error response")
-	}
+	assert.Equal(t, http.StatusForbidden, resp.StatusCode)
+	assert.NotNil(t, err)
 }
 
 func TestConfig(t *testing.T) {
@@ -219,3 +215,30 @@ func TestConfig(t *testing.T) {
 		}
 	}
 }
+
+func TestReplaceScaryCharacters(t *testing.T) {
+	var invalidResource = Resource{
+		ResourceType: "LogEvent",
+		Custom: []byte(`{
+	"foo": "bar",
+	"bad1": ";",
+	"bad2": "<key/>",
+	"bad3": "&amp;",
+	"bad4": "a\\b",
+	"bad5": "a\b"
+}`),
+	}
+	replaceScaryCharacters(&invalidResource)
+
+	var custom map[string]interface{}
+	err := json.Unmarshal(invalidResource.Custom, &custom)
+	if !assert.Nil(t, err) {
+		return
+	}
+	assert.Equal(t, "bar", custom["foo"].(string))
+	assert.Equal(t, "💀[semicolon]", custom["bad1"].(string))
+	assert.Equal(t, "👾[lt]key/👿[gt]", custom["bad2"].(string))
+	assert.Equal(t, "👻[amp]amp💀[semicolon]", custom["bad3"].(string))
+	assert.Equal(t, "a🎃[backslash]b", custom["bad4"].(string))
+	assert.Equal(t, "a🎃[bs]", custom["bad5"].(string))
+}