Software: Apache. PHP/8.1.30 uname -a: Linux server1.tuhinhossain.com 5.15.0-163-generic #173-Ubuntu SMP Tue Oct 14 17:51:00 UTC uid=1002(picotech) gid=1003(picotech) groups=1003(picotech),0(root) Safe-mode: OFF (not secure) /home/picotech/domains/rentals.picotech.app/public_html/server/utils/ drwxr-xr-x | |
| Viewing file: Select action/file-type: /**
* Data masking utility for sensitive information
* Masks data based on user roles and field sensitivity
*/
/**
* Mask email address
* Example: john.doe@example.com -> j***@example.com
*/
export const maskEmail = (email) => {
if (!email || typeof email !== 'string') return email;
const [localPart, domain] = email.split('@');
if (!domain) return email;
const maskedLocal = localPart.charAt(0) + '***';
return `${maskedLocal}@${domain}`;
};
/**
* Mask phone number
* Example: +1234567890 -> +123***7890
*/
export const maskPhone = (phone) => {
if (!phone || typeof phone !== 'string') return phone;
const cleaned = phone.replace(/\D/g, '');
if (cleaned.length < 4) return '***';
const start = cleaned.substring(0, 3);
const end = cleaned.substring(cleaned.length - 4);
return `${start}***${end}`;
};
/**
* Mask partial text
* Shows first and last few characters, masks the middle
*/
export const maskText = (text, showStart = 2, showEnd = 2) => {
if (!text || typeof text !== 'string') return text;
if (text.length <= showStart + showEnd) {
return '*'.repeat(text.length);
}
const start = text.substring(0, showStart);
const end = text.substring(text.length - showEnd);
const middleLength = text.length - showStart - showEnd;
return `${start}${'*'.repeat(middleLength)}${end}`;
};
/**
* Mask credit card number
* Example: 1234567890123456 -> ************3456
*/
export const maskCreditCard = (cardNumber) => {
if (!cardNumber || typeof cardNumber !== 'string') return cardNumber;
const cleaned = cardNumber.replace(/\D/g, '');
if (cleaned.length < 4) return '***';
const lastFour = cleaned.substring(cleaned.length - 4);
return '*'.repeat(cleaned.length - 4) + lastFour;
};
/**
* Mask address - show only city and country
*/
export const maskAddress = (address) => {
if (!address || typeof address !== 'string') return address;
// Simple masking - show only last part (city/country)
const parts = address.split(',');
if (parts.length <= 1) return '***';
const visible = parts.slice(-2).join(',');
return `***${visible}`;
};
/**
* Determine if field should be masked based on user role
*/
export const shouldMaskField = (userRole, fieldName, dataOwnerRole) => {
// Admin can see everything
if (userRole === 'admin') return false;
// Users can see their own data
if (userRole === dataOwnerRole) return false;
// Sensitive fields that should be masked for non-admins
const sensitiveFields = [
'email',
'phone',
'password',
'credit_card',
'ssn',
'tax_id',
'bank_account',
'address'
];
return sensitiveFields.includes(fieldName.toLowerCase());
};
/**
* Mask sensitive fields in an object based on user role
*/
export const maskSensitiveData = (data, userRole, dataOwnerRole = null) => {
if (!data || typeof data !== 'object') return data;
// If admin, return unmasked data
if (userRole === 'admin') return data;
const masked = { ...data };
// Mask email
if (masked.email && shouldMaskField(userRole, 'email', dataOwnerRole)) {
masked.email = maskEmail(masked.email);
}
// Mask phone
if (masked.phone && shouldMaskField(userRole, 'phone', dataOwnerRole)) {
masked.phone = maskPhone(masked.phone);
}
// Mask address
if (masked.address && shouldMaskField(userRole, 'address', dataOwnerRole)) {
masked.address = maskAddress(masked.address);
}
// Never send password field
delete masked.password;
return masked;
};
/**
* Mask array of objects
*/
export const maskSensitiveDataArray = (dataArray, userRole) => {
if (!Array.isArray(dataArray)) return dataArray;
return dataArray.map(item => maskSensitiveData(item, userRole, item.role));
};
|
:: Command execute :: | |
--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0037 ]-- |