class Sqreen::SensitiveDataRedactor
For redacting sensitive data and avoid having it sent to our servers
Constants
- DEFAULT_REGEX
- DEFAULT_SENSITIVE_KEYS
- MASK
Public Class Methods
all_strings(v)
click to toggle source
# File lib/sqreen/sensitive_data_redactor.rb, line 78 def all_strings(v) accum = [] all_strings_impl(v, accum) accum end
from_config()
click to toggle source
# File lib/sqreen/sensitive_data_redactor.rb, line 18 def self.from_config keys = Sqreen.config_get(:strip_sensitive_keys) keys = keys.split(',') if keys && keys.is_a?(String) regex = Sqreen.config_get(:strip_sensitive_regex) if regex && regex.is_a?(String) begin regex = Regexp.compile(regex) rescue RegexpError Sqreen.log.warn("Invalid regular expression given in strip_sensitive_regex: #{regex}") regex = nil end else regex = nil end new(keys: keys, regex: regex) end
new(params = {})
click to toggle source
# File lib/sqreen/sensitive_data_redactor.rb, line 37 def initialize(params = {}) @regex = params[:regex] || DEFAULT_REGEX @keys = (params[:keys] || DEFAULT_SENSITIVE_KEYS).map(&:downcase) end
Private Class Methods
all_strings_impl(obj, accum)
click to toggle source
# File lib/sqreen/sensitive_data_redactor.rb, line 86 def all_strings_impl(obj, accum) case obj when String accum << obj when Array obj.each { |el| all_strings_impl(el, accum) } when Hash obj.each do |k, v| all_strings_impl(k, accum) all_strings_impl(v, accum) end end end
Public Instance Methods
redact(obj)
click to toggle source
# File lib/sqreen/sensitive_data_redactor.rb, line 42 def redact(obj) result = obj redacted = [] case obj when String if obj =~ @regex result = MASK redacted << obj end when Array result = [] obj.each do |e| e, r = redact(e) result << e redacted += r end when Hash result = {} obj.each do |k, v| ck = k.is_a?(String) ? k.downcase : k if @keys.include?(ck) redacted += SensitiveDataRedactor.all_strings(v) v = MASK else v, r = redact(v) redacted += r end result[k] = v end end [result, redacted] end