From 02e40eeecd2afd28306be65f8e3511966fbac63f Mon Sep 17 00:00:00 2001
From: HallikiM <halliki.mullari@glia.com>
Date: Mon, 11 Dec 2023 16:39:02 +0200
Subject: [PATCH 1/2] Add checks to allow logging only specific datatypes

Currently, it allows logging of objects and the whitelisting does not
apply to the fields of that object.

This change adds data type checks and allows logging of only specific
types so that data that is not whitelisted does
not go through. This means it will be either masked or removed.

MSG-709, IN-299
---
 lib/lenjador/preprocessors/strategies/mask.rb |   5 +-
 .../preprocessors/strategies/prune.rb         |   5 +-
 spec/lenjador/preprocessors/whitelist_spec.rb | 198 +++++++++++++++++-
 3 files changed, 203 insertions(+), 5 deletions(-)

diff --git a/lib/lenjador/preprocessors/strategies/mask.rb b/lib/lenjador/preprocessors/strategies/mask.rb
index 23221d3..9217d2f 100644
--- a/lib/lenjador/preprocessors/strategies/mask.rb
+++ b/lib/lenjador/preprocessors/strategies/mask.rb
@@ -21,8 +21,11 @@ def process(data, pointer = '')
           when Array
             process_array(data, pointer)
 
-          else
+          when String, Numeric, Symbol, Date, Time, TrueClass, FalseClass, NilClass
             data
+
+          else
+            MASKED_VALUE
           end
         end
 
diff --git a/lib/lenjador/preprocessors/strategies/prune.rb b/lib/lenjador/preprocessors/strategies/prune.rb
index ab65380..deeb331 100644
--- a/lib/lenjador/preprocessors/strategies/prune.rb
+++ b/lib/lenjador/preprocessors/strategies/prune.rb
@@ -18,8 +18,11 @@ def process(data, pointer = '')
           when Array
             process_array(data, pointer)
 
-          else
+          when String, Numeric, Symbol, Date, Time, TrueClass, FalseClass, NilClass
             data
+
+          else
+            nil
           end
         end
 
diff --git a/spec/lenjador/preprocessors/whitelist_spec.rb b/spec/lenjador/preprocessors/whitelist_spec.rb
index 57b5740..76ff43f 100644
--- a/spec/lenjador/preprocessors/whitelist_spec.rb
+++ b/spec/lenjador/preprocessors/whitelist_spec.rb
@@ -147,10 +147,105 @@
     end
 
     context 'when boolean present' do
-      let(:data) { {bool: true} }
+      let(:pointers) { ['/bool'] }
+      let(:data) do
+        {
+          bool: true,
+          bool2: true
+        }
+      end
+
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          bool: true,
+          bool2: '*****'
+        })
+      end
+    end
+
+    context 'when nil present' do
+      let(:pointers) { ['/nil'] }
+      let(:data) do
+        {
+          nil: nil,
+          nil2: nil
+        }
+      end
 
-      it 'masks it with asteriks' do
-        expect(processed_data).to eq(bool: '*****')
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          nil: nil,
+          nil2: '*****'
+        })
+      end
+    end
+
+    context 'when numbers present' do
+      let(:data) do
+        {
+          integer: 1,
+          float: 2.03,
+          integer2: 3,
+          float2: 3.34324
+        }
+      end
+      let(:pointers) { ['/integer', '/float'] }
+
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          integer: 1,
+          float: 2.03,
+          integer2: '*****',
+          float2: '*****'
+        })
+      end
+    end
+
+    context 'when symbol present' do
+      let(:data) do
+        {
+          symbol1: :symbol1,
+          symbol2: :symbol2
+        }
+      end
+      let(:pointers) { ['/symbol1'] }
+
+      it 'masks only if not in whitelist' do
+        expect(processed_data).to eq({
+          symbol1: :symbol1,
+          symbol2: '*****'
+        })
+      end
+    end
+
+    context 'when date time present' do
+      let(:data) do
+        {
+          date: Date.new(2023, 12, 12),
+          time: Time.new(2023, 12, 13),
+          datetime: DateTime.new(2023, 12, 14)
+        }
+      end
+      let(:pointers) { ['/date', '/time', '/datetime'] }
+
+      it 'shows dates' do
+        expect(processed_data).to eq({
+          date: Date.new(2023, 12, 12),
+          time: Time.new(2023, 12, 13),
+          datetime: DateTime.new(2023, 12, 14)
+        })
+      end
+    end
+
+    context 'when unsupported object present' do
+      let(:pointers) { ['/field'] }
+      let(:some_class) { OpenStruct.new(name: 'Rowdy', pin_code: '1234') }
+      let(:data) { {field: some_class} }
+
+      it 'masks the object' do
+        expect(processed_data).to eq(
+          field: '*****'
+        )
       end
     end
 
@@ -312,6 +407,103 @@ def process(pointers, data)
       end
     end
 
+    context 'when boolean present' do
+      let(:pointers) { ['/bool'] }
+      let(:data) do
+        {
+          bool: true,
+          bool2: true
+        }
+      end
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          bool: true
+        })
+      end
+    end
+
+    context 'when nil present' do
+      let(:pointers) { ['/nil'] }
+      let(:data) do
+        {
+          nil: nil,
+          nil2: nil
+        }
+      end
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          nil: nil
+        })
+      end
+    end
+
+    context 'when numbers present' do
+      let(:data) do
+        {
+          integer: 1,
+          float: 2.03,
+          integer2: 3,
+          float2: 3.34324
+        }
+      end
+      let(:pointers) { ['/integer', '/float'] }
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          integer: 1,
+          float: 2.03
+        })
+      end
+    end
+
+    context 'when symbol present' do
+      let(:data) do
+        {
+          symbol1: :symbol1,
+          symbol2: :symbol2
+        }
+      end
+      let(:pointers) { ['/symbol1'] }
+
+      it 'prunes only if not in whitelist' do
+        expect(processed_data).to eq({
+          symbol1: :symbol1
+        })
+      end
+    end
+
+    context 'when date time present' do
+      let(:data) do
+        {
+          date: Date.new(2023, 12, 12),
+          time: Time.new(2023, 12, 13),
+          datetime: DateTime.new(2023, 12, 14)
+        }
+      end
+      let(:pointers) { ['/date', '/time', '/datetime'] }
+
+      it 'shows dates' do
+        expect(processed_data).to eq({
+          date: Date.new(2023, 12, 12),
+          time: Time.new(2023, 12, 13),
+          datetime: DateTime.new(2023, 12, 14)
+        })
+      end
+    end
+
+    context 'when unsupported object present' do
+      let(:pointers) { ['/class'] }
+      let(:some_class) { OpenStruct.new(name: 'Rowdy', pin_code: '1234') }
+
+      let(:data) { {class: some_class} }
+
+      it 'does not return the object' do
+        expect(processed_data).to eq({class: nil})
+      end
+    end
+
     def process(pointers, data)
       described_class.new(pointers: pointers, action: :prune).process(data)
     end

From 89af667af7121317ba2d02d7e534aba5a7bec430 Mon Sep 17 00:00:00 2001
From: HallikiM <halliki.mullari@glia.com>
Date: Wed, 13 Dec 2023 16:46:25 +0200
Subject: [PATCH 2/2] Bump version to 2.2.2

---
 Gemfile.lock     | 2 +-
 lenjador.gemspec | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index d94a458..d079809 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    lenjador (2.2.1)
+    lenjador (2.2.2)
       lru_redux
       oj (~> 3.6)
 
diff --git a/lenjador.gemspec b/lenjador.gemspec
index 915cd01..23d1a1d 100644
--- a/lenjador.gemspec
+++ b/lenjador.gemspec
@@ -5,7 +5,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 Gem::Specification.new do |gem|
   gem.name          = 'lenjador'
-  gem.version       = '2.2.1'
+  gem.version       = '2.2.2'
   gem.authors       = ['Salemove']
   gem.email         = ['support@salemove.com']
   gem.description   = "It's lenjadoric"