dmolinari/SIG-CM2.0
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(infra): JsonSanitizer + AuditOptions binding (UDT-010 B3)

Browse Source 
Adds the metadata sanitization layer per #REQ-AUD-5:

SIGCM2.Infrastructure/Audit/JsonSanitizer.cs (static class):
- Sanitize(object?, IReadOnlyCollection<string>) -> string?
- Serializes via System.Text.Json + JsonNode recursive traversal.
- Strips blacklisted keys at every nesting level (objects + arrays).
- Case-insensitive match (ToLowerInvariant on both sides).
- Null input -> null output (never throws).
- Output is always valid JSON (ISJSON=1 compatible — satisfies AuditEvent CHECK).

SIGCM2.Application/Audit/AuditOptions.cs:
- Documented the IConfiguration array-binding quirk: config is ADDITIVE
  (append at higher indices), not REPLACE. Intentional for security — defaults
  like 'password'/'token'/'cvv' must not be silently dropped.

SIGCM2.Infrastructure/DependencyInjection.cs:
- services.Configure<AuditOptions>(configuration.GetSection(AuditOptions.SectionName))
  wired in AddInfrastructure().

Tests (Strict TDD, RED -> GREEN):
- JsonSanitizerTests (10): null/empty-blacklist/flat/nested/arrays/case-insensitive/
  primitives/round-trip-valid-json/string-as-value/default-keys-effective.
- AuditOptionsBindingTests (2): defaults when section absent + additive override.

One test needed adjustment during GREEN: 'AlreadySerializedJsonString' originally
asserted against an encoding-specific literal; rewrote to use JsonDocument
round-trip (validates behavior without coupling to encoder quirks).

Suite: 348/348 Application.Tests + 130/130 Api.Tests = 478/478 passing.

Refs: sdd/udt-010-auditoria-trazabilidad/{spec#REQ-AUD-5, design#D-5, tasks#B3}
This commit is contained in:
dmolinari
2026-04-16 13:28:37 -03:00
parent 68f96b90c7
commit 08d6622e43
5 changed files with 317 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/api/SIGCM2.Application/Audit/AuditOptions.cs
View File

@@ -1,6 +1,11 @@
namespace SIGCM2.Application.Audit;
/// Bound from appsettings section "Audit". Extensible via configuration.
/// Bound from appsettings section "Audit".
/// Extensibility model: ADDITIVE via `IConfiguration` array binding. Setting
/// `Audit:SanitizedKeys:N` at indices beyond the defaults APPENDS custom keys;
/// indices 0..10 OVERWRITE the defaults. To fully replace, use a `PostConfigure`
/// in DI. This mirrors the standard .NET array-binding quirk intentionally —
/// the default keys are security-critical and should not be silently dropped.
public sealed class AuditOptions
{
public const string SectionName = "Audit";