feat(httpapi): REST resources for endpoints/tasks/accounts/csv/run
This commit is contained in:
@@ -0,0 +1,21 @@
|
||||
package httpapi
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/vasyansk/imap-copier/internal/store"
|
||||
)
|
||||
|
||||
func TestAccountDTOHidesPasswords(t *testing.T) {
|
||||
a := store.Account{ID: 1, SrcLogin: "u", SrcPassEnc: "SECRET_ENC", DstLogin: "v", DstPassEnc: "SECRET2"}
|
||||
b, _ := json.Marshal(accountDTO(a))
|
||||
s := string(b)
|
||||
if strings.Contains(s, "SECRET_ENC") || strings.Contains(s, "SECRET2") || strings.Contains(strings.ToLower(s), "pass") {
|
||||
t.Fatalf("DTO leaks password material: %s", s)
|
||||
}
|
||||
if !strings.Contains(s, `"src_login":"u"`) {
|
||||
t.Fatalf("DTO missing login: %s", s)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user