feat: mask client ip in audit log

This commit is contained in:
Marek Miklewicz
2026-06-30 19:08:10 +02:00
parent 227c16410c
commit 4fc787fea8
6 changed files with 37 additions and 3 deletions
+16
View File
@@ -8,6 +8,8 @@ test('settings expose secure defaults from plugin-settings.conf', function (): v
assert_same(30, $settings->loginKeyTtl());
assert_true($settings->userIpBound());
assert_true($settings->ipMask());
assert_same('MASLED', $settings->auditClientIp('198.51.100.10'));
assert_true($settings->defaultEnable());
assert_same('login_url', $settings->method());
assert_same(1, $settings->mxLoginMode());
@@ -34,14 +36,28 @@ test('settings accept explicit ttl and user ip binding toggle', function (): voi
$settings = Settings::fromArray([
'LOGIN_KEY_TTL' => '5',
'USER_IP_BOUND' => '0',
'IP_MASK' => '0',
'MX_LOGIN_MODE' => '2',
]);
assert_same(5, $settings->loginKeyTtl());
assert_false($settings->userIpBound());
assert_false($settings->ipMask());
assert_same('198.51.100.10', $settings->auditClientIp('198.51.100.10'));
assert_same(2, $settings->mxLoginMode());
});
test('settings reject unsupported ip mask values', function (): void {
foreach (['yes', '2', ''] as $mask) {
try {
Settings::fromArray(['IP_MASK' => $mask]);
throw new RuntimeException('Expected invalid IP_MASK to fail: ' . $mask);
} catch (InvalidArgumentException $e) {
assert_contains('IP_MASK', $e->getMessage());
}
}
});
test('settings reject unsupported mx login mode values', function (): void {
foreach (['0', '3', 'helper', ''] as $mode) {
try {