🔒 (logs) Remove some logs from API response to avoid sensit…

baptisteArno · Jan 2, 2024 · b5fbba7 · b5fbba7
1 parent 7a417c7
commit b5fbba7
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 8 deletions.
diff --git a/apps/viewer/src/features/chat/api/continueChat.ts b/apps/viewer/src/features/chat/api/continueChat.ts
@@ -5,8 +5,9 @@ import { getSession } from '@typebot.io/bot-engine/queries/getSession'
 import { saveStateToDatabase } from '@typebot.io/bot-engine/saveStateToDatabase'
 import { continueBotFlow } from '@typebot.io/bot-engine/continueBotFlow'
 import { parseDynamicTheme } from '@typebot.io/bot-engine/parseDynamicTheme'
-import { isDefined } from '@typebot.io/lib/utils'
+import { isDefined, isNotDefined } from '@typebot.io/lib/utils'
 import { z } from 'zod'
+import { filterPotentiallySensitiveLogs } from '@typebot.io/bot-engine/logs/filterPotentiallySensitiveLogs'
 
 export const continueChat = publicProcedure
   .meta({
@@ -74,12 +75,14 @@ export const continueChat = publicProcedure
         visitedEdges,
       })
 
+    const isPreview = isNotDefined(session.state.typebotsQueue[0].resultId)
+
     return {
       messages,
       input,
       clientSideActions,
       dynamicTheme: parseDynamicTheme(newSessionState),
-      logs,
+      logs: isPreview ? logs : logs?.filter(filterPotentiallySensitiveLogs),
       lastMessageNewFormat,
     }
   })
diff --git a/apps/viewer/src/features/chat/api/startChat.ts b/apps/viewer/src/features/chat/api/startChat.ts
@@ -6,6 +6,7 @@ import {
 import { startSession } from '@typebot.io/bot-engine/startSession'
 import { saveStateToDatabase } from '@typebot.io/bot-engine/saveStateToDatabase'
 import { restartSession } from '@typebot.io/bot-engine/queries/restartSession'
+import { filterPotentiallySensitiveLogs } from '@typebot.io/bot-engine/logs/filterPotentiallySensitiveLogs'
 
 export const startChat = publicProcedure
   .meta({
@@ -76,7 +77,7 @@ export const startChat = publicProcedure
         input,
         resultId,
         dynamicTheme,
-        logs,
+        logs: logs?.filter(filterPotentiallySensitiveLogs),
         clientSideActions,
       }
     }

diff --git a/packages/bot-engine/blocks/integrations/sendEmail/executeSendEmailBlock.tsx b/packages/bot-engine/blocks/integrations/sendEmail/executeSendEmailBlock.tsx
@@ -21,6 +21,9 @@ import prisma from '@typebot.io/lib/prisma'
 import { parseVariables } from '@typebot.io/variables/parseVariables'
 import { defaultSendEmailOptions } from '@typebot.io/schemas/features/blocks/integrations/sendEmail/constants'
 
+export const sendEmailSuccessDescription = 'Email successfully sent'
+export const sendEmailErrorDescription = 'Email not sent'
+
 export const executeSendEmailBlock = async (
   state: SessionState,
   block: SendEmailBlock
@@ -143,7 +146,7 @@ const sendEmail = async ({
   if (!emailBody) {
     logs.push({
       status: 'error',
-      description: 'Email not sent',
+      description: sendEmailErrorDescription,
       details: {
         error: 'No email body found',
         transportConfig,
@@ -177,7 +180,7 @@ const sendEmail = async ({
     await transporter.sendMail(email)
     logs.push({
       status: 'success',
-      description: 'Email successfully sent',
+      description: sendEmailSuccessDescription,
       details: {
         transportConfig: {
           ...transportConfig,
@@ -189,7 +192,7 @@ const sendEmail = async ({
   } catch (err) {
     logs.push({
       status: 'error',
-      description: 'Email not sent',
+      description: sendEmailErrorDescription,
       details: {
         error: err instanceof Error ? err.toString() : err,
         transportConfig: {

diff --git a/packages/bot-engine/blocks/integrations/webhook/executeWebhookBlock.ts b/packages/bot-engine/blocks/integrations/webhook/executeWebhookBlock.ts
@@ -41,6 +41,9 @@ export const longReqTimeoutWhitelist = [
   'https://api.anthropic.com',
 ]
 
+export const webhookSuccessDescription = `Webhook successfuly executed.`
+export const webhookErrorDescription = `Webhook returned an error.`
+
 type Params = { disableRequestTimeout?: boolean }
 
 export const executeWebhookBlock = async (
@@ -201,7 +204,7 @@ export const executeWebhook = async (
     const response = await got(request.url, omit(request, 'url'))
     logs.push({
       status: 'success',
-      description: `Webhook successfuly executed.`,
+      description: webhookSuccessDescription,
       details: {
         statusCode: response.statusCode,
         request,
@@ -224,7 +227,7 @@ export const executeWebhook = async (
       }
       logs.push({
         status: 'error',
-        description: `Webhook returned an error.`,
+        description: webhookErrorDescription,
         details: {
           statusCode: error.response.statusCode,
           request,

diff --git a/packages/bot-engine/logs/filterPotentiallySensitiveLogs.ts b/packages/bot-engine/logs/filterPotentiallySensitiveLogs.ts
@@ -0,0 +1,20 @@
+import {
+  sendEmailErrorDescription,
+  sendEmailSuccessDescription,
+} from '../blocks/integrations/sendEmail/executeSendEmailBlock'
+import {
+  webhookErrorDescription,
+  webhookSuccessDescription,
+} from '../blocks/integrations/webhook/executeWebhookBlock'
+
+export const filterPotentiallySensitiveLogs = (log: {
+  status: string
+  description: string
+  details?: unknown
+}) =>
+  ![
+    webhookErrorDescription,
+    webhookSuccessDescription,
+    sendEmailErrorDescription,
+    sendEmailSuccessDescription,
+  ].includes(log.description)