feat(gui): module diagnostics — payload liste-blanche RGPD (E2)
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
46
tests/unit/test_gui_v6_diagnostics.py
Normal file
46
tests/unit/test_gui_v6_diagnostics.py
Normal file
@@ -0,0 +1,46 @@
|
||||
import json
|
||||
from types import SimpleNamespace
|
||||
|
||||
from gui_v6 import diagnostics
|
||||
|
||||
|
||||
def _doc(**kw):
|
||||
base = dict(ordinal=0, status="success", error_type=None, error_code=None, duration_ms=12)
|
||||
base.update(kw)
|
||||
return SimpleNamespace(**base)
|
||||
|
||||
|
||||
def test_new_run_id_is_hex():
|
||||
rid = diagnostics.new_run_id()
|
||||
assert isinstance(rid, str) and len(rid) >= 16
|
||||
|
||||
|
||||
def test_items_from_summary_whitelist_only():
|
||||
summary = SimpleNamespace(documents=[
|
||||
_doc(ordinal=0, status="success"),
|
||||
_doc(ordinal=1, status="failed", error_type="ValueError", error_code="processing_error"),
|
||||
])
|
||||
items = diagnostics.items_from_summary(summary)
|
||||
assert items[1]["error_type"] == "ValueError"
|
||||
assert set(items[0]) <= {"ordinal", "status", "error_type", "error_code", "duration_ms"}
|
||||
|
||||
|
||||
def test_build_payload_counts_and_no_pii_leak():
|
||||
# On INJECTE de la PII via des clés interdites + un faux message d'erreur :
|
||||
raw_docs = [
|
||||
{"ordinal": 0, "status": "success", "duration_ms": 5,
|
||||
"filename": "LETTRE Dupont 1980.pdf", "path": "/home/dom/secret.pdf"},
|
||||
{"ordinal": 1, "status": "failed", "error_type": "ValueError",
|
||||
"error_code": "processing_error", "error_message": "patient Dupont Jean"},
|
||||
]
|
||||
payload = diagnostics.build_diagnostics_payload(
|
||||
run_id="r" * 16, app_name="gui_v6", app_version="6.0.0-g1",
|
||||
license_ref="LIC-1", machine_id="m" * 12, duration_ms=999, items=raw_docs,
|
||||
)
|
||||
assert payload["document_count"] == 2
|
||||
assert payload["succeeded_count"] == 1 and payload["failed_count"] == 1
|
||||
blob = json.dumps(payload).lower()
|
||||
for forbidden in ("filename", "path", "secret", "dupont", "lettre", "error_message", "patient"):
|
||||
assert forbidden not in blob, f"fuite RGPD : {forbidden}"
|
||||
for item in payload["items"]:
|
||||
assert set(item) <= {"ordinal", "status", "error_type", "error_code", "duration_ms"}
|
||||
Reference in New Issue
Block a user