🔒 (logs) Remove some logs from API response to avoid sensit…

2024-01-02 15:18:20 +01:00
parent 7a417c79a5
commit b5fbba7072
5 changed files with 38 additions and 8 deletions
--- a/apps/viewer/src/features/chat/api/continueChat.ts
+++ b/apps/viewer/src/features/chat/api/continueChat.ts
@ -5,8 +5,9 @@ import { getSession } from '@typebot.io/bot-engine/queries/getSession'
 import { saveStateToDatabase } from '@typebot.io/bot-engine/saveStateToDatabase'
 import { continueBotFlow } from '@typebot.io/bot-engine/continueBotFlow'
 import { parseDynamicTheme } from '@typebot.io/bot-engine/parseDynamicTheme'
-import { isDefined } from '@typebot.io/lib/utils'
+import { isDefined, isNotDefined } from '@typebot.io/lib/utils'
 import { z } from 'zod'
+import { filterPotentiallySensitiveLogs } from '@typebot.io/bot-engine/logs/filterPotentiallySensitiveLogs'

 export const continueChat = publicProcedure
  .meta({
@ -74,12 +75,14 @@ export const continueChat = publicProcedure
        visitedEdges,
      })

+    const isPreview = isNotDefined(session.state.typebotsQueue[0].resultId)
+
    return {
      messages,
      input,
      clientSideActions,
      dynamicTheme: parseDynamicTheme(newSessionState),
-      logs,
+      logs: isPreview ? logs : logs?.filter(filterPotentiallySensitiveLogs),
      lastMessageNewFormat,
    }
  })
--- a/apps/viewer/src/features/chat/api/startChat.ts
+++ b/apps/viewer/src/features/chat/api/startChat.ts
@ -6,6 +6,7 @@ import {
 import { startSession } from '@typebot.io/bot-engine/startSession'
 import { saveStateToDatabase } from '@typebot.io/bot-engine/saveStateToDatabase'
 import { restartSession } from '@typebot.io/bot-engine/queries/restartSession'
+import { filterPotentiallySensitiveLogs } from '@typebot.io/bot-engine/logs/filterPotentiallySensitiveLogs'

 export const startChat = publicProcedure
  .meta({
@ -76,7 +77,7 @@ export const startChat = publicProcedure
        input,
        resultId,
        dynamicTheme,
-        logs,
+        logs: logs?.filter(filterPotentiallySensitiveLogs),
        clientSideActions,
      }
    }
--- a/packages/bot-engine/blocks/integrations/sendEmail/executeSendEmailBlock.tsx
+++ b/packages/bot-engine/blocks/integrations/sendEmail/executeSendEmailBlock.tsx
@ -21,6 +21,9 @@ import prisma from '@typebot.io/lib/prisma'
 import { parseVariables } from '@typebot.io/variables/parseVariables'
 import { defaultSendEmailOptions } from '@typebot.io/schemas/features/blocks/integrations/sendEmail/constants'

+export const sendEmailSuccessDescription = 'Email successfully sent'
+export const sendEmailErrorDescription = 'Email not sent'
+
 export const executeSendEmailBlock = async (
  state: SessionState,
  block: SendEmailBlock
@ -143,7 +146,7 @@ const sendEmail = async ({
  if (!emailBody) {
    logs.push({
      status: 'error',
-      description: 'Email not sent',
+      description: sendEmailErrorDescription,
      details: {
        error: 'No email body found',
        transportConfig,
@ -177,7 +180,7 @@ const sendEmail = async ({
    await transporter.sendMail(email)
    logs.push({
      status: 'success',
-      description: 'Email successfully sent',
+      description: sendEmailSuccessDescription,
      details: {
        transportConfig: {
          ...transportConfig,
@ -189,7 +192,7 @@ const sendEmail = async ({
  } catch (err) {
    logs.push({
      status: 'error',
-      description: 'Email not sent',
+      description: sendEmailErrorDescription,
      details: {
        error: err instanceof Error ? err.toString() : err,
        transportConfig: {
--- a/packages/bot-engine/blocks/integrations/webhook/executeWebhookBlock.ts
+++ b/packages/bot-engine/blocks/integrations/webhook/executeWebhookBlock.ts
@ -41,6 +41,9 @@ export const longReqTimeoutWhitelist = [
  'https://api.anthropic.com',
 ]

+export const webhookSuccessDescription = `Webhook successfuly executed.`
+export const webhookErrorDescription = `Webhook returned an error.`
+
 type Params = { disableRequestTimeout?: boolean }

 export const executeWebhookBlock = async (
@ -201,7 +204,7 @@ export const executeWebhook = async (
    const response = await got(request.url, omit(request, 'url'))
    logs.push({
      status: 'success',
-      description: `Webhook successfuly executed.`,
+      description: webhookSuccessDescription,
      details: {
        statusCode: response.statusCode,
        request,
@ -224,7 +227,7 @@ export const executeWebhook = async (
      }
      logs.push({
        status: 'error',
-        description: `Webhook returned an error.`,
+        description: webhookErrorDescription,
        details: {
          statusCode: error.response.statusCode,
          request,
--- a/packages/bot-engine/logs/filterPotentiallySensitiveLogs.ts
+++ b/packages/bot-engine/logs/filterPotentiallySensitiveLogs.ts
@ -0,0 +1,20 @@
+import {
+  sendEmailErrorDescription,
+  sendEmailSuccessDescription,
+} from '../blocks/integrations/sendEmail/executeSendEmailBlock'
+import {
+  webhookErrorDescription,
+  webhookSuccessDescription,
+} from '../blocks/integrations/webhook/executeWebhookBlock'
+
+export const filterPotentiallySensitiveLogs = (log: {
+  status: string
+  description: string
+  details?: unknown
+}) =>
+  ![
+    webhookErrorDescription,
+    webhookSuccessDescription,
+    sendEmailErrorDescription,
+    sendEmailSuccessDescription,
+  ].includes(log.description)