[#154] Add debug logging for rejected attachment types & strip meta-info from mime-type (#155)

2024-12-17 19:44:36 -05:00 · 2023-11-23 10:36:36 +01:00 · 2023-11-23 10:36:36 +01:00 · dc47bf0861
commit dc47bf0861
parent eb2bce3119
4 changed files with 20 additions and 2 deletions
--- a/cmd/ots-cli/cmd_root.go
+++ b/cmd/ots-cli/cmd_root.go
@ -3,6 +3,7 @@ package main
 import (
 	"fmt"

+	"github.com/Luzifer/ots/pkg/client"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 )
@ -28,5 +29,7 @@ func rootPersistentPreRunE(cmd *cobra.Command, _ []string) error {
 	}
 	logrus.SetLevel(ll)

+	client.Logger = logrus.NewEntry(logrus.StandardLogger())
+
 	return nil
 }
--- a/cmd/ots-cli/main.go
+++ b/cmd/ots-cli/main.go
@ -1,6 +1,8 @@
 package main

-import "os"
+import (
+	"os"
+)

 func main() {
 	if err := rootCmd.Execute(); err != nil {
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@ -17,6 +17,7 @@ import (
 	"time"

 	"github.com/Luzifer/go-openssl/v4"
+	"github.com/sirupsen/logrus"
 )

 type (
@ -41,6 +42,10 @@ var HTTPClient HTTPClientIntf = http.DefaultClient
 // source code.
 var KeyDerivationFunc = openssl.NewPBKDF2Generator(sha512.New, 300000) //nolint:gomnd // that's the definition

+// Logger can be set to enable logging from the library. By default
+// all log-messages will be discarded.
+var Logger *logrus.Entry
+
 // PasswordLength defines the length of the generated encryption password
 var PasswordLength = 20

@ -54,6 +59,12 @@ var RequestTimeout = 5 * time.Second
 // provide an URL to useful information about your tool.
 var UserAgent = "ots-client/1.x +https://github.com/Luzifer/ots"

+func init() {
+	l := logrus.New()
+	l.SetOutput(io.Discard)
+	Logger = logrus.NewEntry(l)
+}
+
 // Create serializes the secret and creates a new secret on the
 // instance given by its URL.
 //
--- a/pkg/client/sanity.go
+++ b/pkg/client/sanity.go
@ -72,11 +72,12 @@ func SanityCheck(instanceURL string, secret Secret) error {
 }

 func attachmentAllowed(file SecretAttachment, allowed []string) bool {
+	mimeType, _, _ := strings.Cut(file.Type, ";")
 	for _, a := range allowed {
 		switch {
 		case mimeRegex.MatchString(a):
 			// That's a mime type
-			if glob.Glob(a, file.Type) {
+			if glob.Glob(a, mimeType) {
 				// The mime "glob" matches the file type
 				return true
 			}
@ -90,6 +91,7 @@ func attachmentAllowed(file SecretAttachment, allowed []string) bool {
 		}
 	}

+	Logger.WithField("content-type", mimeType).Debug("attachment type not allowed")
 	return false
 }