securefmt 0.1.5

Drop-in replacement for the Debug derive macro that hides fields marked as sensitive.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

use proc_macro2::{Ident, TokenStream};
use quote::{format_ident, quote};

use crate::errors::Result;
use crate::implementation::FmtBodySource;

pub fn debug(ident: &Ident, fmt_body_source: &impl FmtBodySource) -> Result<TokenStream> {
    let fmt_body = fmt_body_source.generate_fmt_body(&ident.to_string())?;
    let once_ident = format_ident!("WARN_ONCE_{}", ident.to_string().to_uppercase());
    let warning = warning(&once_ident);
    Ok(quote! {
        static #once_ident: std::sync::Once = std::sync::Once::new();

        impl core::fmt::Debug for #ident {
            fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
                #warning
                #fmt_body
            }
        }
    })
}

#[cfg(feature = "debug_mode")]
fn warning(once_ident: &Ident) -> TokenStream {
    quote! {
        #once_ident.call_once(|| {
            log::warn!("WARNING: securefmt debug_mode feature is active. Sensitive data may be leaked. It is strongly recommended to disable debug_mode in production releases.");
        });
    }
}

#[cfg(not(feature = "debug_mode"))]
fn warning(_: &Ident) -> TokenStream {
    TokenStream::new()
}

#[cfg(test)]
mod tests {
    use mockall::predicate;
    use pretty_assertions::assert_eq;
    use quote::{format_ident, quote};

    use crate::implementation::*;

    #[test]
    #[cfg_attr(feature = "debug_mode", ignore)]
    fn should_generate_debug_implementation_without_warning_when_debug_mode_is_inactive() {
        let ident = format_ident!("TestStruct");
        let mut formatting_data = MockFmtBodySource::new();
        formatting_data
            .expect_generate_fmt_body()
            .with(predicate::eq("TestStruct"))
            .returning(|_| Ok(quote! { FMTBODY }));

        assert_eq!(
            super::debug(&ident, &formatting_data)
                .expect("Should have succeeded")
                .to_string(),
            quote!(
                static WARN_ONCE_TESTSTRUCT: std::sync::Once = std::sync::Once::new();

                impl core::fmt::Debug for TestStruct {
                    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
                        FMTBODY
                    }
                }
            )
            .to_string()
        );
    }

    #[test]
    #[cfg(feature = "debug_mode")]
    fn should_generate_debug_implementation_with_warning_when_debug_mode_is_active() {
        let ident = format_ident!("TestStruct");
        let mut formatting_data = MockFmtBodySource::new();
        formatting_data
            .expect_generate_fmt_body()
            .with(predicate::eq("TestStruct"))
            .returning(|_| Ok(quote! { FMTBODY }));
        assert_eq!(
            super::debug(&ident, &formatting_data).expect("Should have succeeded").to_string(),
            quote!(
                static WARN_ONCE_TESTSTRUCT: std::sync::Once = std::sync::Once::new();

                impl core::fmt::Debug for TestStruct {
                    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
                        WARN_ONCE_TESTSTRUCT.call_once(|| {
                            log::warn!("WARNING: securefmt debug_mode feature is active. Sensitive data may be leaked. It is strongly recommended to disable debug_mode in production releases.");
                        });
                        FMTBODY
                    }
                }
            ).to_string()
        );
    }
}