Add checks to allow logging only specific datatypes

Currently, it allows logging of objects and the whitelisting does not apply to the fields of that object. This change adds data type checks and allows logging of only specific types so that data that is not whitelisted does not go through. This means it will be either masked or removed. MSG-709, IN-299
salemove · Dec 13, 2023 · c7bfb64 · c7bfb64
1 parent 48bd258
commit c7bfb64
Show file tree

Hide file tree

Showing 3 changed files with 170 additions and 5 deletions.
diff --git a/lib/lenjador/preprocessors/strategies/mask.rb b/lib/lenjador/preprocessors/strategies/mask.rb
@@ -21,8 +21,11 @@ def process(data, pointer = '')
           when Array
             process_array(data, pointer)
 
-          else
+          when String, Numeric, Symbol, Date, Time, TrueClass, FalseClass, NilClass
             data
+
+          else
+            MASKED_VALUE
           end
         end
 

diff --git a/lib/lenjador/preprocessors/strategies/prune.rb b/lib/lenjador/preprocessors/strategies/prune.rb
@@ -18,8 +18,11 @@ def process(data, pointer = '')
           when Array
             process_array(data, pointer)
 
-          else
+          when String, Numeric, Symbol, Date, Time, TrueClass, FalseClass, NilClass
             data
+
+          else
+            nil
           end
         end
 

diff --git a/spec/lenjador/preprocessors/whitelist_spec.rb b/spec/lenjador/preprocessors/whitelist_spec.rb
@@ -147,10 +147,85 @@
     end
 
     context 'when boolean present' do
-      let(:data) { {bool: true} }
+      let(:pointers) { ['/bool'] }
+      let(:data) do
+        {
+          bool: true,
+          bool2: true
+        }
+      end
+
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          bool: true,
+          bool2: '*****'
+        })
+      end
+    end
+
+    context 'when nil present' do
+      let(:pointers) { ['/nil'] }
+      let(:data) do
+        {
+          nil: nil,
+          nil2: nil
+        }
+      end
+
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          nil: nil,
+          nil2: '*****'
+        })
+      end
+    end
+
+    context 'when numbers present' do
+      let(:data) do
+        {
+          integer: 1,
+          float: 2.03,
+          integer2: 3,
+          float2: 3.34324
+        }
+      end
+      let(:pointers) { ['/integer', '/float'] }
+
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          integer: 1,
+          float: 2.03,
+          integer2: '*****',
+          float2: '*****'
+        })
+      end
+    end
+
+    context 'when symbol present' do
+      let(:data) do
+        {
+          symbol1: :symbol1,
+          symbol2: :symbol2
+        }
+      end
+      let(:pointers) { ['/symbol1'] }
 
-      it 'masks it with asteriks' do
-        expect(processed_data).to eq(bool: '*****')
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          symbol1: :symbol1,
+          symbol2: '*****'
+        })
+      end
+    end
+
+    context 'when unsupported object present' do
+      let(:pointers) { ['/field'] }
+      let(:data) { {field: Test.new} }
+
+      it 'masks the object' do
+        expect(processed_data).to eq(
+          field: '*****'
+        )
       end
     end
 
@@ -312,8 +387,92 @@ def process(pointers, data)
       end
     end
 
+    context 'when boolean present' do
+      let(:pointers) { ['/bool'] }
+      let(:data) do
+        {
+          bool: true,
+          bool2: true
+        }
+      end
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          bool: true
+        })
+      end
+    end
+
+    context 'when nil present' do
+      let(:pointers) { ['/nil'] }
+      let(:data) do
+        {
+          nil: nil,
+          nil2: nil
+        }
+      end
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          nil: nil
+        })
+      end
+    end
+
+    context 'when numbers present' do
+      let(:data) do
+        {
+          integer: 1,
+          float: 2.03,
+          integer2: 3,
+          float2: 3.34324
+        }
+      end
+      let(:pointers) { ['/integer', '/float'] }
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          integer: 1,
+          float: 2.03
+        })
+      end
+    end
+
+    context 'when symbol present' do
+      let(:data) do
+        {
+          symbol1: :symbol1,
+          symbol2: :symbol2
+        }
+      end
+      let(:pointers) { ['/symbol1'] }
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          symbol1: :symbol1
+        })
+      end
+    end
+
+    context 'when unsupported object present' do
+      let(:pointers) { ['/class'] }
+      let(:data) { {class: Test.new} }
+
+      it 'does not return the object' do
+        expect(processed_data).to eq({class: nil})
+      end
+    end
+
     def process(pointers, data)
       described_class.new(pointers: pointers, action: :prune).process(data)
     end
   end
 end
+
+class Test
+  attr_accessor :asd
+
+  def initialize
+    @asd = 'tdlgdfaha'
+  end
+end
-Original file line number
+Diff line change
@@ Expand Up / @@ -18,8 +18,11 @@ def process(data, pointer = '') @@
               when Array
                 process_array(data, pointer)
-              else
+              when String, Numeric, Symbol, Date, Time, TrueClass, FalseClass, NilClass
                 data
+              else
+                nil
               end
             end
@@ Expand Down @@