A subclass of string that protects from unauthorized representation, returning a masked value.
class BasicChecker(object):
def __init__(self, allowed):
self.allowed = allowed
def check_can_show(self):
return self.allowed
class FixedMasker(object):
def __init__(self, mask="*", mask_len=5):
self.mask = mask
self.mask_len = mask_len
def mask(self, s):
return self.mask * self.mask_len
class SafeString(str):
def __new__(cls, s, checker, masker *args, **kwargs):
obj = str.__new__(cls, s)
obj.checker = checker
obj.masker = masker
return obj
# Partial implementation - more methods would have to be overriden
def __str__(self):
val = super(SafeString, self).__str__()
return val if self.checker.check_can_show() else self.masker.mask(val)
if __name__ == "__main__":
secret = "sekret"
masker = FixedMasker()
checker = BasicChecker(False)
s = SafeString(secret, checker, masker)
print(s)
assert str(s) == "*****"
checker = BasicChecker(True)
s = SafeString(secret, checker, masker)
print(s)
assert str(s) == secret
- how do we hook into higher-level/business layers for checking, do we only use this in projections?
- what other methods must be implemented to avoid leaking the string - slicing, etc