From 9addf696c6e6f64e3f163e3653ea5750baf82ae5 Mon Sep 17 00:00:00 2001 From: Iain Sproat <68657+iainsproat@users.noreply.github.com> Date: Fri, 6 Dec 2024 11:57:10 +0000 Subject: [PATCH] fix(logging): sanitize log message to avoid printing db connection string --- .../server/modules/multiregion/dbSelector.ts | 51 ++++++++++++++++--- 1 file changed, 43 insertions(+), 8 deletions(-) diff --git a/packages/server/modules/multiregion/dbSelector.ts b/packages/server/modules/multiregion/dbSelector.ts index 89a3a8407f..d98ee724e4 100644 --- a/packages/server/modules/multiregion/dbSelector.ts +++ b/packages/server/modules/multiregion/dbSelector.ts @@ -25,6 +25,7 @@ import { import { ensureError, MaybeNullOrUndefined } from '@speckle/shared' import { isDevOrTestEnv, isTestEnv } from '@/modules/shared/helpers/envHelper' import { migrateDbToLatest } from '@/db/migrations' +import { get } from 'lodash' let getter: GetProjectDb | undefined = undefined @@ -203,6 +204,12 @@ interface ReplicationArgs { regionName: string } +const sanitizeError = (err: unknown): unknown => { + if (!err) return err + if (get(err, 'where').includes('password=')) + return { ...err, where: '[REDACTED AS IT CONTAINS CONNECTION STRING]' } +} + const setUpUserReplication = async ({ from, to, @@ -219,11 +226,18 @@ const setUpUserReplication = async ({ throw new DatabaseError( 'Could not create publication {pubName} when setting up user replication for region {regionName}', { - cause: ensureError(err, 'Unknown database error when creating publication'), + cause: ensureError( + sanitizeError(err), + 'Unknown database error when creating publication' + ), info: { pubName, regionName } } ) - if (!err.message.includes('already exists')) throw err + if ( + !err.message.includes('already exists') && + !err.message.includes('duplicate key value violates unique constraint') + ) + throw sanitizeError(err) } const fromUrl = new URL( @@ -254,11 +268,18 @@ const setUpUserReplication = async ({ throw new DatabaseError( 'Could not create subscription {subName} to {pubName} when setting up user replication for region {regionName}', { - cause: ensureError(err, 'Unknown database error when creating subscription'), + cause: ensureError( + sanitizeError(err), + 'Unknown database error when creating subscription' + ), info: { subName, pubName, regionName } } ) - if (!err.message.includes('already exists')) throw err + if ( + !err.message.includes('already exists') && + !err.message.includes('duplicate key value violates unique constraint') + ) + throw sanitizeError(err) } } @@ -278,11 +299,18 @@ const setUpProjectReplication = async ({ throw new DatabaseError( 'Could not create publication {pubName} when setting up project replication for region {regionName}', { - cause: ensureError(err, 'Unknown database error when creating publication'), + cause: ensureError( + sanitizeError(err), + 'Unknown database error when creating publication' + ), info: { pubName, regionName } } ) - if (!err.message.includes('already exists')) throw err + if ( + !err.message.includes('already exists') && + !err.message.includes('duplicate key value violates unique constraint') + ) + throw sanitizeError(err) } const fromUrl = new URL( @@ -313,10 +341,17 @@ const setUpProjectReplication = async ({ throw new DatabaseError( 'Could not create subscription {subName} to {pubName} when setting up project replication for region {regionName}', { - cause: ensureError(err, 'Unknown database error when creating subscription'), + cause: ensureError( + sanitizeError(err), + 'Unknown database error when creating subscription' + ), info: { subName, pubName, regionName } } ) - if (!err.message.includes('already exists')) throw err + if ( + !err.message.includes('already exists') && + !err.message.includes('duplicate key value violates unique constraint') + ) + throw sanitizeError(err) } }