From dc0ce702d35942c5455c1c835b9293613714c7cf Mon Sep 17 00:00:00 2001 From: HallikiM Date: Mon, 11 Dec 2023 16:39:02 +0200 Subject: [PATCH] Add checks to allow logging only specific datatypes Currently, it allows logging of objects and the whitelisting does not apply to the fields of that object. This change adds data type checks and allows logging of only specific types so that data that is not whitelisted does not go through. This means it will be either masked or removed. MSG-709, IN-299 --- lib/lenjador/preprocessors/strategies/mask.rb | 5 +- .../preprocessors/strategies/prune.rb | 5 +- spec/lenjador/preprocessors/whitelist_spec.rb | 213 +++++++++++++++++- 3 files changed, 218 insertions(+), 5 deletions(-) diff --git a/lib/lenjador/preprocessors/strategies/mask.rb b/lib/lenjador/preprocessors/strategies/mask.rb index 23221d3..9217d2f 100644 --- a/lib/lenjador/preprocessors/strategies/mask.rb +++ b/lib/lenjador/preprocessors/strategies/mask.rb @@ -21,8 +21,11 @@ def process(data, pointer = '') when Array process_array(data, pointer) - else + when String, Numeric, Symbol, Date, Time, TrueClass, FalseClass, NilClass data + + else + MASKED_VALUE end end diff --git a/lib/lenjador/preprocessors/strategies/prune.rb b/lib/lenjador/preprocessors/strategies/prune.rb index ab65380..deeb331 100644 --- a/lib/lenjador/preprocessors/strategies/prune.rb +++ b/lib/lenjador/preprocessors/strategies/prune.rb @@ -18,8 +18,11 @@ def process(data, pointer = '') when Array process_array(data, pointer) - else + when String, Numeric, Symbol, Date, Time, TrueClass, FalseClass, NilClass data + + else + nil end end diff --git a/spec/lenjador/preprocessors/whitelist_spec.rb b/spec/lenjador/preprocessors/whitelist_spec.rb index 57b5740..e01059a 100644 --- a/spec/lenjador/preprocessors/whitelist_spec.rb +++ b/spec/lenjador/preprocessors/whitelist_spec.rb @@ -147,10 +147,113 @@ end context 'when boolean present' do - let(:data) { {bool: true} } + let(:pointers) { ['/bool'] } + let(:data) do + { + bool: true, + bool2: true + } + end + + it 'masks only if not in whitelist' do + expect(processed_data).to eq({ + bool: true, + bool2: '*****' + }) + end + end + + context 'when nil present' do + let(:pointers) { ['/nil'] } + let(:data) do + { + nil: nil, + nil2: nil + } + end + + it 'masks only if not in whitelist' do + expect(processed_data).to eq({ + nil: nil, + nil2: '*****' + }) + end + end + + context 'when numbers present' do + let(:data) do + { + integer: 1, + float: 2.03, + integer2: 3, + float2: 3.34324 + } + end + let(:pointers) { ['/integer', '/float'] } + + it 'masks only if not in whitelist' do + expect(processed_data).to eq({ + integer: 1, + float: 2.03, + integer2: '*****', + float2: '*****' + }) + end + end - it 'masks it with asteriks' do - expect(processed_data).to eq(bool: '*****') + context 'when symbol present' do + let(:data) do + { + symbol1: :symbol1, + symbol2: :symbol2 + } + end + let(:pointers) { ['/symbol1'] } + + it 'masks only if not in whitelist' do + expect(processed_data).to eq({ + symbol1: :symbol1, + symbol2: '*****' + }) + end + end + + context 'when date time present' do + let(:data) do + { + date: Date.new(2023, 12, 12), + time: Time.new(2023, 12, 13), + datetime: DateTime.new(2023, 12, 14) + } + end + let(:pointers) { ['/date', '/time', '/datetime'] } + + it 'shows dates' do + expect(processed_data).to eq({ + date: Date.new(2023, 12, 12), + time: Time.new(2023, 12, 13), + datetime: DateTime.new(2023, 12, 14) + }) + end + end + + context 'when unsupported object present' do + let(:pointers) { ['/field'] } + let(:some_class) do + Class.new do + attr_accessor :some_attribute + + def initialize + @some_attribute = 'some value' + end + end.new + end + let(:data) { {field: some_class} } + + it 'masks the object' do + expect(processed_data).to eq( + field: '*****' + ) end end @@ -312,6 +415,110 @@ def process(pointers, data) end end + context 'when boolean present' do + let(:pointers) { ['/bool'] } + let(:data) do + { + bool: true, + bool2: true + } + end + + it 'prunes only if not in whitelist' do + expect(processed_data).to eq({ + bool: true + }) + end + end + + context 'when nil present' do + let(:pointers) { ['/nil'] } + let(:data) do + { + nil: nil, + nil2: nil + } + end + + it 'prunes only if not in whitelist' do + expect(processed_data).to eq({ + nil: nil + }) + end + end + + context 'when numbers present' do + let(:data) do + { + integer: 1, + float: 2.03, + integer2: 3, + float2: 3.34324 + } + end + let(:pointers) { ['/integer', '/float'] } + + it 'prunes only if not in whitelist' do + expect(processed_data).to eq({ + integer: 1, + float: 2.03 + }) + end + end + + context 'when symbol present' do + let(:data) do + { + symbol1: :symbol1, + symbol2: :symbol2 + } + end + let(:pointers) { ['/symbol1'] } + + it 'prunes only if not in whitelist' do + expect(processed_data).to eq({ + symbol1: :symbol1 + }) + end + end + + context 'when date time present' do + let(:data) do + { + date: Date.new(2023, 12, 12), + time: Time.new(2023, 12, 13), + datetime: DateTime.new(2023, 12, 14) + } + end + let(:pointers) { ['/date', '/time', '/datetime'] } + + it 'shows dates' do + expect(processed_data).to eq({ + date: Date.new(2023, 12, 12), + time: Time.new(2023, 12, 13), + datetime: DateTime.new(2023, 12, 14) + }) + end + end + + context 'when unsupported object present' do + let(:pointers) { ['/class'] } + let(:some_class) do + Class.new do + attr_accessor :some_attribute + + def initialize + @some_attribute = 'some value' + end + end.new + end + let(:data) { {field: some_class} } + + it 'does not return the object' do + expect(processed_data).to eq({class: nil}) + end + end + def process(pointers, data) described_class.new(pointers: pointers, action: :prune).process(data) end