diff --git a/java/google/registry/proxy/ProxyModule.java b/java/google/registry/proxy/ProxyModule.java index d47702d55..d61814210 100644 --- a/java/google/registry/proxy/ProxyModule.java +++ b/java/google/registry/proxy/ProxyModule.java @@ -14,6 +14,7 @@ package google.registry.proxy; +import static com.google.common.base.Preconditions.checkArgument; import static com.google.common.base.Suppliers.memoizeWithExpiration; import static google.registry.proxy.ProxyConfig.getProxyConfig; import static java.util.concurrent.TimeUnit.SECONDS; @@ -79,7 +80,11 @@ public class ProxyModule { @Parameter(names = "--env", description = "Environment to run the proxy in") private Environment env = Environment.LOCAL; - @Parameter(names = "--log", description = "Whether to log activities for debugging") + @Parameter( + names = "--log", + description = + "Whether to log activities for debugging. " + + "This cannot be enabled for production as logs contain PII.") boolean log; /** @@ -134,6 +139,9 @@ public class ProxyModule { jCommander.usage(); throw e; } + checkArgument( + !log || env != Environment.PRODUCTION, + "Logging cannot be enabled for production environment"); configureLogging(); return this; } diff --git a/javatests/google/registry/proxy/ProxyModuleTest.java b/javatests/google/registry/proxy/ProxyModuleTest.java index 46fd10383..3536e2747 100644 --- a/javatests/google/registry/proxy/ProxyModuleTest.java +++ b/javatests/google/registry/proxy/ProxyModuleTest.java @@ -45,6 +45,20 @@ public class ProxyModuleTest { assertThat(proxyModule.log).isFalse(); } + @Test + public void testFailure_parseArgs_loggingInProduction() { + String[] args = {"--env", "production", "--log"}; + IllegalArgumentException e = + assertThrows( + IllegalArgumentException.class, + () -> { + proxyModule.parse(args); + }); + assertThat(e) + .hasMessageThat() + .isEqualTo("Logging cannot be enabled for production environment"); + } + @Test public void testFailure_parseArgs_wrongArguments() { String[] args = {"--wrong_flag", "some_value"};