SEC-331: cut secrets from logs (#35)

* SEC-331: cut secrets from logs

* SEC-331: fix formatting

* SEC-331: fix dialyzer

* SEC-331: cleanup logs

---------

Co-authored-by: anatoliy.losev <losto@nix>

apps/party_management/src/party_management.erl

@@ -59,7 +59,7 @@ get_api_child_spec(MachineHandlers, Opts) ->
             port => genlib_app:env(?MODULE, port, 8022),
             transport_opts => genlib_app:env(?MODULE, transport_opts, #{}),
             protocol_opts => genlib_app:env(?MODULE, protocol_opts, #{}),
-            event_handler => {scoper_woody_event_handler, EventHandlerOpts},
+            event_handler => {pm_woody_event_handler, EventHandlerOpts},
             handlers =>
                 pm_machine:get_service_handlers(MachineHandlers, Opts) ++
                 [

apps/party_management/src/pm_claim_committer_validator.erl

@@ -107,12 +107,6 @@ assert_shop_contract_valid(
         payments = #domain_PaymentsServiceTerms{categories = CategorySelector}
     } = Terms,
     Categories = pm_selector:reduce_to_value(CategorySelector, #{}, Revision),
-    logger:log(
-        info,
-        "Assert shop contract valid, contract: ~p, category: ~p, categorySelector: ~p",
-        [pm_contract:get_id(Contract), CategoryRef, CategorySelector],
-        logger:get_process_metadata()
-    ),
     _ =
         ordsets:is_element(CategoryRef, Categories) orelse
             throw(
@@ -213,12 +207,6 @@ assert_currency_valid(
 
 assert_currency_valid(Prefix, ContractID, CurrencyRef, Selector, Terms, Revision) ->
     Currencies = pm_selector:reduce_to_value(Selector, #{}, Revision),
-    logger:log(
-        info,
-        "Assert currency valid, selector: ~p, currency: ~p, currencies: ~p",
-        [Selector, CurrencyRef, Currencies],
-        logger:get_process_metadata()
-    ),
     _ = ordsets:is_element(CurrencyRef, Currencies) orelse raise_contract_terms_violated(Prefix, ContractID, Terms).
 
 -spec raise_contract_terms_violated(

apps/party_management/src/pm_woody_client.erl

@@ -24,7 +24,7 @@ new(Opts = #{url := _}) ->
     EventHandlerOpts = genlib_app:env(party_management, scoper_event_handler_options, #{}),
     maps:merge(
         #{
-            event_handler => {scoper_woody_event_handler, EventHandlerOpts}
+            event_handler => {pm_woody_event_handler, EventHandlerOpts}
         },
         maps:with([url, event_handler, transport_opts], Opts)
     );

apps/party_management/src/pm_woody_event_handler.erl

@@ -0,0 +1,101 @@
+-module(pm_woody_event_handler).
+
+-behaviour(woody_event_handler).
+
+-include_lib("damsel/include/dmsl_base_thrift.hrl").
+-include_lib("damsel/include/dmsl_domain_thrift.hrl").
+-include_lib("damsel/include/dmsl_payproc_thrift.hrl").
+
+%% woody_event_handler behaviour callbacks
+-export([handle_event/4]).
+
+-spec handle_event(Event, RpcId, Meta, Opts) -> ok when
+    Event :: woody_event_handler:event(),
+    RpcId :: woody:rpc_id() | undefined,
+    Meta :: woody_event_handler:event_meta(),
+    Opts :: woody:options().
+handle_event(Event, RpcID, RawMeta, Opts) ->
+    FilteredMeta = filter_meta(RawMeta),
+    scoper_woody_event_handler:handle_event(Event, RpcID, FilteredMeta, Opts).
+
+%% Internals
+
+filter_meta(RawMeta0) ->
+    maps:map(fun do_filter_meta/2, RawMeta0).
+
+do_filter_meta(args, Args) ->
+    filter(Args);
+do_filter_meta(_Key, Value) ->
+    Value.
+
+%% cut secrets
+filter(#payproc_ProviderTerminal{proxy = Proxy} = ProviderTerminal) ->
+    #domain_ProxyDefinition{options = Options} = Proxy,
+    ProviderTerminal#payproc_ProviderTerminal{
+        proxy = Proxy#domain_ProxyDefinition{options = maps:without([<<"api-key">>, <<"secret-key">>], Options)}
+    };
+%% common
+filter(L) when is_list(L) ->
+    [filter(E) || E <- L];
+filter(T) when is_tuple(T) ->
+    list_to_tuple(filter(tuple_to_list(T)));
+%% default
+filter(V) ->
+    V.
+
+-ifdef(TEST).
+
+-include_lib("eunit/include/eunit.hrl").
+
+-define(ARG_W_SECRET,
+    {
+        #payproc_ProviderTerminal{
+            ref = #domain_TerminalRef{id = 128},
+            name = <<"TestTerm">>,
+            provider = #payproc_ProviderDetails{
+                ref = #domain_ProviderRef{id = 1},
+                name = <<"Provider1">>
+            },
+            proxy = #domain_ProxyDefinition{
+                name = <<"Proxy">>,
+                description = <<"Desc">>,
+                url = <<"http://127.0.0.1">>,
+                options = #{<<"api-key">> => <<"secret">>, <<"secret-key">> => <<"secret">>}
+            }
+        }
+    }
+).
+
+-define(ARG_WO_SECRET,
+    {
+        #payproc_ProviderTerminal{
+            ref = #domain_TerminalRef{id = 128},
+            name = <<"TestTerm">>,
+            provider = #payproc_ProviderDetails{
+                ref = #domain_ProviderRef{id = 1},
+                name = <<"Provider1">>
+            },
+            proxy = #domain_ProxyDefinition{
+                name = <<"Proxy">>,
+                description = <<"Desc">>,
+                url = <<"http://127.0.0.1">>,
+                options = #{}
+            }
+        }
+    }
+).
+
+-spec test() -> _.
+
+-spec format_event_w_secret_test_() -> _.
+format_event_w_secret_test_() ->
+    [
+        ?_assertEqual(
+            #{args => {some_data, ?ARG_WO_SECRET}, code => 200, function => 'ComputePaymentInstitutionTerms'},
+            filter_meta(
+                #{args => {some_data, ?ARG_W_SECRET}, code => 200, function => 'ComputePaymentInstitutionTerms'}
+            )
+        )
+    ].
+
+-endif.