unified code verification service

2026-02-10 01:55:33 +01:00
parent 76c3bfdea9
commit 7f540671c1
120 changed files with 1863 additions and 1394 deletions
--- a/api/pkg/mutil/db/auth/accountbound.go
+++ b/api/pkg/mutil/db/auth/accountbound.go
@@ -54,12 +54,12 @@ func GetAccountBoundObjects[T any](
 	if err != nil {
 		if !errors.Is(err, merrors.ErrNoData) {
 			logger.Warn("Failed to fetch account bound objects", zap.Error(err),
-				mzap.ObjRef("account_ref", accountRef),
+				mzap.AccRef(accountRef),
 				mzap.ObjRef("organization_ref", organizationRef),
 			)
 		} else {
 			logger.Debug("No matching account bound objects found", zap.Error(err),
-				mzap.ObjRef("account_ref", accountRef),
+				mzap.AccRef(accountRef),
 				mzap.ObjRef("organization_ref", organizationRef),
 			)
 		}
@@ -80,7 +80,7 @@ func GetAccountBoundObjects[T any](

 	logger.Debug("Successfully retrieved account bound objects",
 		zap.Int("total_count", len(allObjects)),
-		mzap.ObjRef("account_ref", accountRef),
+		mzap.AccRef(accountRef),
 		mzap.ObjRef("organization_ref", organizationRef),
 		zap.Any("objs", allObjects),
 	)
--- a/api/pkg/mutil/db/auth/protected.go
+++ b/api/pkg/mutil/db/auth/protected.go
@@ -29,17 +29,17 @@ func GetProtectedObjects[T any](
 	refs, err := repo.ListPermissionBound(ctx, repository.ApplyCursor(filter, cursor))
 	if err != nil {
 		if !errors.Is(err, merrors.ErrNoData) {
-			logger.Warn("Failed to fetch object IDs", zap.Error(err), mzap.ObjRef("account_ref", accountRef),
+			logger.Warn("Failed to fetch object IDs", zap.Error(err), mzap.AccRef(accountRef),
 				mzap.ObjRef("organization_ref", organizationRef), zap.String("action", string(action)))
 		} else {
-			logger.Debug("No matching IDs found", zap.Error(err), mzap.ObjRef("account_ref", accountRef),
+			logger.Debug("No matching IDs found", zap.Error(err), mzap.AccRef(accountRef),
 				mzap.ObjRef("organization_ref", organizationRef), zap.String("action", string(action)))
 		}
 		return nil, err
 	}
 	res, err := enforcer.EnforceBatch(ctx, refs, accountRef, action)
 	if err != nil {
-		logger.Warn("Failed to enforce object IDs", zap.Error(err), mzap.ObjRef("account_ref", accountRef),
+		logger.Warn("Failed to enforce object IDs", zap.Error(err), mzap.AccRef(accountRef),
 			mzap.ObjRef("organization_ref", organizationRef), zap.String("action", string(action)))
 		return nil, err
 	}
--- a/api/pkg/mutil/helpers/internal/accountmanager.go
+++ b/api/pkg/mutil/helpers/internal/accountmanager.go
@@ -73,22 +73,22 @@ func (m *AccountManager) DeleteOrganization(ctx context.Context, orgRef bson.Obj
 // DeleteAccount deletes an account and all its associated data
 // The caller is responsible for wrapping this in a transaction
 func (m *AccountManager) DeleteAccount(ctx context.Context, accountRef bson.ObjectID) error {
-	m.logger.Debug("Deleting account", mzap.ObjRef("account_ref", accountRef))
+	m.logger.Debug("Deleting account", mzap.AccRef(accountRef))

 	// Delete the account
 	if err := m.accountDB.Delete(ctx, accountRef); err != nil {
-		m.logger.Warn("Failed to delete account", zap.Error(err), mzap.ObjRef("account_ref", accountRef))
+		m.logger.Warn("Failed to delete account", zap.Error(err), mzap.AccRef(accountRef))
 		return err
 	}

-	m.logger.Info("Successfully deleted account", mzap.ObjRef("account_ref", accountRef))
+	m.logger.Info("Successfully deleted account", mzap.AccRef(accountRef))
 	return nil
 }

 // DeleteAll deletes all data for a given account and organization
 // The caller is responsible for wrapping this in a transaction
 func (m *AccountManager) DeleteAll(ctx context.Context, accountRef, organizationRef bson.ObjectID) error {
-	m.logger.Debug("Deleting all data", mzap.ObjRef("account_ref", accountRef), mzap.ObjRef("organization_ref", organizationRef))
+	m.logger.Debug("Deleting all data", mzap.AccRef(accountRef), mzap.ObjRef("organization_ref", organizationRef))

 	// Delete organization first (which will cascade delete all related data)
 	if err := m.DeleteOrganization(ctx, organizationRef); err != nil {
@@ -98,11 +98,11 @@ func (m *AccountManager) DeleteAll(ctx context.Context, accountRef, organization

 	// Delete account
 	if err := m.DeleteAccount(ctx, accountRef); err != nil {
-		m.logger.Warn("Failed to delete account", zap.Error(err), mzap.ObjRef("account_ref", accountRef))
+		m.logger.Warn("Failed to delete account", zap.Error(err), mzap.AccRef(accountRef))
 		return err
 	}

-	m.logger.Info("Successfully deleted all data", mzap.ObjRef("account_ref", accountRef), mzap.ObjRef("organization_ref", organizationRef))
+	m.logger.Info("Successfully deleted all data", mzap.AccRef(accountRef), mzap.ObjRef("organization_ref", organizationRef))
 	return nil
 }

--- a/api/pkg/mutil/mask/mask.go
+++ b/api/pkg/mutil/mask/mask.go
@@ -0,0 +1,17 @@
+package mask
+
+import "strings"
+
+func Email(email string) string {
+	parts := strings.Split(email, "@")
+	if len(parts) != 2 {
+		return email
+	}
+	local := parts[0]
+	if len(local) > 2 {
+		local = local[:1] + "***" + local[len(local)-1:]
+	} else {
+		local = local[:1] + "***"
+	}
+	return local + "@" + parts[1]
+}
--- a/api/pkg/mutil/mzap/account.go
+++ b/api/pkg/mutil/mzap/account.go
@@ -0,0 +1,20 @@
+package mzap
+
+import (
+	"github.com/tech/sendico/pkg/model"
+	"github.com/tech/sendico/pkg/mutil/mask"
+	"go.mongodb.org/mongo-driver/v2/bson"
+	"go.uber.org/zap"
+)
+
+func AccRef(accountRef bson.ObjectID) zap.Field {
+	return ObjRef("account_ref", accountRef)
+}
+
+func Email(email string) zap.Field {
+	return zap.String("email", mask.Email(email))
+}
+
+func Login(account *model.Account) zap.Field {
+	return Email(account.Login)
+}
--- a/api/pkg/mutil/mzap/object.go
+++ b/api/pkg/mutil/mzap/object.go
@@ -13,7 +13,3 @@ func ObjRef(name string, objRef bson.ObjectID) zap.Field {
 func StorableRef(obj storable.Storable) zap.Field {
 	return ObjRef(obj.Collection()+"_ref", *obj.GetID())
 }
-
-func AccRef(accountRef bson.ObjectID) zap.Field {
-	return ObjRef("account_ref", accountRef)
-}