Class: Lennarb::ParameterFilter

Inherits:
Object
  • Object
show all
Defined in:
lib/lennarb/parameter_filter.rb

Overview

Filters sensitive parameters from logs and exceptions. Useful for preventing the leakage of confidential information.

By default, the following parameter keys are filtered:

  • ‘passw`

  • ‘email`

  • ‘secret`

  • ‘token`

  • ‘_key`

  • ‘crypt`

  • ‘salt`

  • ‘certificate`

  • ‘otp`

  • ‘ssn`

  • ‘cvv`

  • ‘cvc`

  • ‘signature`

Examples:

filter = Lennarb::ParameterFilter.new
filter.filter({ password: "secret", user: { email: "test@example.com" } })
# => { password: "[filtered]", user: { email: "[filtered]" } }

Constant Summary collapse

DEFAULT_MASK =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future. 

"[FILTERED]"
DEFAULT_FILTERS =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future. 

%w[
  passw email secret token _key crypt salt certificate otp ssn cvv cvc
  signature
].freeze

Instance Method Summary collapse

Constructor Details

#initialize(filters = DEFAULT_FILTERS) ⇒ ParameterFilter

Initialize a new parameter filter

Parameters:

  • filters (Array<String, Regexp>) (defaults to: DEFAULT_FILTERS)

    List of patterns to filter



39
40
41
 
# File 'lib/lennarb/parameter_filter.rb', line 39

def initialize(filters = DEFAULT_FILTERS)
  @filter = Regexp.union(filters.map(&:to_s))
end

Instance Method Details

#filter(params, mask: DEFAULT_MASK) ⇒ Hash, Array

Filter parameters according to the configured filter

Parameters:

  • params (Hash, Array)

    Parameters to be filtered

  • mask (String) (defaults to: DEFAULT_MASK)

    Value that will replace filtered parameters

Returns:

  • (Hash, Array)

    Filtered parameters



48
49
50
 
# File 'lib/lennarb/parameter_filter.rb', line 48

def filter(params, mask: DEFAULT_MASK)
  filter_object(params.dup, mask)
end