nyx/tests/fixtures/rust_web_app/config.rs

use std::env;
use std::fs;

/// Application configuration loaded from environment variables and config files.
/// Realistic pattern: env vars parsed at startup, propagated through the app.

pub struct DatabaseConfig {
    pub host: String,
    pub port: u16,
    pub user: String,
    pub password: String,
    pub name: String,
}

pub struct ServerConfig {
    pub listen_addr: String,
    pub tls_cert_path: String,
    pub tls_key_path: String,
    pub session_secret: String,
}

pub struct Config {
    pub db: DatabaseConfig,
    pub server: ServerConfig,
}

impl Config {
    /// Load config from environment.
    /// Multiple env::var calls, each introducing a source.
    pub fn from_env() -> Config {
        Config {
            db: DatabaseConfig {
                host: env::var("DB_HOST").unwrap_or_else(|_| "localhost".into()),
                port: env::var("DB_PORT")
                    .unwrap_or_else(|_| "5432".into())
                    .parse()
                    .expect("DB_PORT must be a number"),
                user: env::var("DB_USER").unwrap(),
                password: env::var("DB_PASSWORD").unwrap(),
                name: env::var("DB_NAME").unwrap(),
            },
            server: ServerConfig {
                listen_addr: env::var("LISTEN_ADDR").unwrap_or_else(|_| "0.0.0.0:8080".into()),
                tls_cert_path: env::var("TLS_CERT").unwrap_or_default(),
                tls_key_path: env::var("TLS_KEY").unwrap_or_default(),
                session_secret: env::var("SESSION_SECRET")
                    .expect("SESSION_SECRET is required for cookie signing"),
            },
        }
    }

    /// Alternative: load from a TOML file.
    /// fs::read_to_string is a file source.
    pub fn from_file(path: &str) -> Config {
        let raw = fs::read_to_string(path).unwrap();
        // In real code this would be toml::from_str(&raw) but we simulate
        // the pattern: file contents flowing into the app.
        let _parsed = raw.lines().count();
        Config::from_env() // fallback to env for now
    }
}

/// Build a connection string from config.
/// The password from env flows into a string that could be logged or misused.
pub fn connection_string(cfg: &Config) -> String {
    format!(
        "postgres://{}:{}@{}:{}/{}",
        cfg.db.user, cfg.db.password, cfg.db.host, cfg.db.port, cfg.db.name
    )
}
Feat/full cfg (#30) * feat: Enhance control flow analysis with function summaries and taint analysis * feat: Update taint analysis to utilize function summaries for enhanced tracking * Refactor `walk.rs` batch processing and override handling: - Renamed `Batcher` to `BatchSender` for clarity. - Added `BatchSender::new` constructor for cleaner initialization. - Simplified batch size management in `BatchSender`. - Extracted `build_overrides` function for reusable override construction. - Improved error handling and validation in override building. - Enhanced performance with directory and file type filtering in `walk`. * Improve logging and streamline directory walk process: - Added detailed `tracing` logs for debugging batch flushes, override construction, and walk initialization/completion. - Optimized and simplified `filter_entry` logic for directory and file type filters. - Improved metadata checks and max file size enforcement during the scan. * Refactor and optimize taint tracking, label rules, and directory walk process: - Replaced `DefaultHasher` with `blake3::Hasher` for improved taint hashing. - Enhanced sorting and hashing logic in `taint.rs` for consistency and efficiency. - Removed unused `set_hash` function and redundant imports across files. - Improved batch sender logic in `walk.rs`, renaming key components for clarity. - Unified `spawn_senders` and `spawn_file_walker` with thread handling and channel tuple return. - Expanded label rules with additional matchers for sources, sanitizers, and sinks. - Deprecated `dump_cfg` and specific logging utilities in `cfg.rs` for code cleanup. * fix: fixed let chains error in walk.rs * fix: updated dependencies * fix: updated dependencies * chore: Remove standard error in scan.rs * feat: Introduce function summaries for enhanced taint and control flow analysis * feat: Enhance taint analysis with interop support and function summaries * feat: Add configuration analysis module and enhance matcher rules * feat: Add arity column to function_summaries and handle schema migration * fix: fixed clippy &PathBuf warnings * chore: Update dependencies and versioning in Cargo files * docs: Update README to enhance clarity and detail on features and analysis modes * chore: Update CHANGELOG for version 0.2.0 with new features, changes, and fixes * docs: Update SECURITY.md to clarify version support status --------- Co-authored-by: elipeter <eli.peter@es.fcm.travel> 2026-02-24 23:44:07 -05:00			`use std::env;`
			`use std::fs;`

			`/// Application configuration loaded from environment variables and config files.`
			`/// Realistic pattern: env vars parsed at startup, propagated through the app.`

			`pub struct DatabaseConfig {`
			`pub host: String,`
			`pub port: u16,`
			`pub user: String,`
			`pub password: String,`
			`pub name: String,`
			`}`

			`pub struct ServerConfig {`
			`pub listen_addr: String,`
			`pub tls_cert_path: String,`
			`pub tls_key_path: String,`
			`pub session_secret: String,`
			`}`

			`pub struct Config {`
			`pub db: DatabaseConfig,`
			`pub server: ServerConfig,`
			`}`

			`impl Config {`
			`/// Load config from environment.`
			`/// Multiple env::var calls, each introducing a source.`
			`pub fn from_env() -> Config {`
			`Config {`
			`db: DatabaseConfig {`
			`host: env::var("DB_HOST").unwrap_or_else(\|_\| "localhost".into()),`
			`port: env::var("DB_PORT")`
			`.unwrap_or_else(\|_\| "5432".into())`
			`.parse()`
			`.expect("DB_PORT must be a number"),`
			`user: env::var("DB_USER").unwrap(),`
			`password: env::var("DB_PASSWORD").unwrap(),`
			`name: env::var("DB_NAME").unwrap(),`
			`},`
			`server: ServerConfig {`
			`listen_addr: env::var("LISTEN_ADDR").unwrap_or_else(\|_\| "0.0.0.0:8080".into()),`
			`tls_cert_path: env::var("TLS_CERT").unwrap_or_default(),`
			`tls_key_path: env::var("TLS_KEY").unwrap_or_default(),`
			`session_secret: env::var("SESSION_SECRET")`
			`.expect("SESSION_SECRET is required for cookie signing"),`
			`},`
			`}`
			`}`

			`/// Alternative: load from a TOML file.`
			`/// fs::read_to_string is a file source.`
			`pub fn from_file(path: &str) -> Config {`
			`let raw = fs::read_to_string(path).unwrap();`
			`// In real code this would be toml::from_str(&raw) but we simulate`
			`// the pattern: file contents flowing into the app.`
			`let _parsed = raw.lines().count();`
			`Config::from_env() // fallback to env for now`
			`}`
			`}`

			`/// Build a connection string from config.`
			`/// The password from env flows into a string that could be logged or misused.`
			`pub fn connection_string(cfg: &Config) -> String {`
			`format!(`
			`"postgres://{}:{}@{}:{}/{}",`
			`cfg.db.user, cfg.db.password, cfg.db.host, cfg.db.port, cfg.db.name`
			`)`
			`}`