active_record-sql_analyzer 0.0.7 → 0.0.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/active_record/sql_analyzer/configuration.rb +10 -9
  3. data/lib/active_record/sql_analyzer/version.rb +1 -1
  4. data/spec/active_record/sql_analyzer/redacted_logger_spec.rb +118 -0
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 22d80d840d81aa008bae7534058b8d71787b31e2
4
- data.tar.gz: 2aef0ef8f50b9b6ac25af43672610c8490192887
3
+ metadata.gz: d12fe56729a7e42b10fdb9b5aadd08ed74f23941
4
+ data.tar.gz: b3608149a379ef161b541ffc1307cc263ad7750a
5
5
  SHA512:
6
- metadata.gz: d93f8be856da7c946ec186b0a33dc907a9f1d28658178af83ac8e1cc6702666256bad93fa44fa6507f31ff0b0c0a2e2223351c2d4f366b9d977c9f61f3a5535e
7
- data.tar.gz: bad03e7907bb1b8be071aac83cbf313b138cf45ad7a43d3805dc01ed20985e130dd4b8b5303f0202ee1968116fe3f3e935f5d03c2faa21b4bd65df0924c2e585
6
+ metadata.gz: 18c45d31d25f34452e3244ec8c7605a766214c241724d8aaf8e2f4835a9fc78c6a52f6f43611b3ca08547b141e9e7b53633c8eeafd97cabfbac8a71e71c3c437
7
+ data.tar.gz: 7343c8e1d69445cb1c4be107cba3cb128c3dc6f96d7636ac7c0f50c55c17ba295e8b7511a99b75f96d249ad3848ea275f66ab09fb6703f8f387e5e8e624b3ffa
data/lib/active_record/sql_analyzer/configuration.rb CHANGED
@@ -146,18 +146,19 @@ module ActiveRecord
146
146
  end
147
147
 
148
148
  def setup_defaults
149
+ quotedValuePattern = "'[^'\\\\]*(?:\\\\.[^'\\\\]*)*'"
149
150
  @options[:sql_redactors] = [
150
151
  Redactor.new(/\n/, " "),
151
152
  Redactor.new(/\s+/, " "),
152
- Redactor.new(/(\s|\b|`)(=|!=|>=|>|<=|<) ?(BINARY )?-?\d+(\.\d+)?/, " = [REDACTED]"),
153
- Redactor.new(/(\s|\b|`)(=|!=|>=|>|<=|<) ?(BINARY )?x?'.*?[^\\]'/, " = '[REDACTED]'"),
154
- Redactor.new(/VALUES \(.+\)$/, "VALUES ([REDACTED])"),
155
- Redactor.new(/IN \([^)]+\)/, "IN ([REDACTED])"),
156
- Redactor.new(/BETWEEN '[^']*' AND '[^']*'/, "BETWEEN '[REDACTED]' AND '[REDACTED]'"),
157
- Redactor.new(/LIKE '[^'\\]*(?:\\.[^'\\]*)*'/, "LIKE '[REDACTED]'"),
158
- Redactor.new(/ LIMIT \d+/, ""),
159
- Redactor.new(/ OFFSET \d+/, ""),
160
- Redactor.new(/INSERT INTO (`?\w+`?) \([^)]+\)/, 'INSERT INTO \1 ([COLUMNS])'),
153
+ Redactor.new(/(\s|\b|`)(=|!=|>=|>|<=|<) ?(BINARY )?-?\d+(\.\d+)?/i, " = [REDACTED]"),
154
+ Redactor.new(/(\s|\b|`)(=|!=|>=|>|<=|<) ?(BINARY )?x?#{quotedValuePattern}/i, " = '[REDACTED]'"),
155
+ Redactor.new(/VALUES \(.+\)$/i, "VALUES ([REDACTED])"),
156
+ Redactor.new(/IN \([^)]+\)/i, "IN ([REDACTED])"),
157
+ Redactor.new(/BETWEEN #{quotedValuePattern} AND #{quotedValuePattern}/i, "BETWEEN '[REDACTED]' AND '[REDACTED]'"),
158
+ Redactor.new(/LIKE #{quotedValuePattern}/i, "LIKE '[REDACTED]'"),
159
+ Redactor.new(/ LIMIT \d+/i, ""),
160
+ Redactor.new(/ OFFSET \d+/i, ""),
161
+ Redactor.new(/INSERT INTO (`?\w+`?) \([^)]+\)/i, 'INSERT INTO \1 ([COLUMNS])'),
161
162
  ]
162
163
 
163
164
  @options[:should_log_sample_proc] = Proc.new { |_name| false }
data/lib/active_record/sql_analyzer/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module ActiveRecord
2
2
  module SqlAnalyzer
3
- VERSION = '0.0.7'
3
+ VERSION = '0.0.8'
4
4
  end
5
5
  end
data/spec/active_record/sql_analyzer/redacted_logger_spec.rb CHANGED
@@ -64,6 +64,46 @@ RSpec.describe ActiveRecord::SqlAnalyzer::RedactedLogger do
64
64
  end
65
65
  end
66
66
 
67
+ context "sql quoted multiple WHERE" do
68
+ let(:event) do
69
+ {
70
+ caller: [""],
71
+ sql: "SELECT * FROM foo WHERE name = 'hello\\'s name' AND age = '21'"
72
+ }
73
+ end
74
+
75
+ it "redacts" do
76
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name = '[REDACTED]' AND age = '[REDACTED]'")
77
+ end
78
+ end
79
+
80
+
81
+ context "sql escaped and quoted" do
82
+ let(:event) do
83
+ {
84
+ caller: [""],
85
+ sql: "SELECT * FROM foo WHERE name = 'hello\\\'s name'"
86
+ }
87
+ end
88
+
89
+ it "redacts" do
90
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name = '[REDACTED]'")
91
+ end
92
+ end
93
+
94
+ context "sql case insensitivity" do
95
+ let(:event) do
96
+ {
97
+ caller: [""],
98
+ sql: "SELECT * FROM foo WHERE name lIkE 'hello'"
99
+ }
100
+ end
101
+
102
+ it "redacts" do
103
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name LIKE '[REDACTED]'")
104
+ end
105
+ end
106
+
67
107
  context "sql" do
68
108
  let(:event) do
69
109
  {
@@ -76,5 +116,83 @@ RSpec.describe ActiveRecord::SqlAnalyzer::RedactedLogger do
76
116
  expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE id = [REDACTED]")
77
117
  end
78
118
  end
119
+
120
+ context "like quoted" do
121
+ let(:event) do
122
+ {
123
+ caller: [""],
124
+ sql: "SELECT * FROM foo WHERE name LIKE 'A \\'quoted\\' value.'"
125
+ }
126
+ end
127
+
128
+ it "redacts" do
129
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name LIKE '[REDACTED]'")
130
+ end
131
+ end
132
+
133
+ context "like escaped and quoted" do
134
+ let(:event) do
135
+ {
136
+ caller: [""],
137
+ sql: "SELECT * FROM foo WHERE name LIKE 'A \\\'quoted\\\' value.'"
138
+ }
139
+ end
140
+
141
+ it "redacts" do
142
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name LIKE '[REDACTED]'")
143
+ end
144
+ end
145
+
146
+ context "in quoted" do
147
+ let(:event) do
148
+ {
149
+ caller: [""],
150
+ sql: "SELECT * FROM foo WHERE name IN ('A \\'quoted\\' value.')"
151
+ }
152
+ end
153
+
154
+ it "redacts" do
155
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name IN ([REDACTED])")
156
+ end
157
+ end
158
+
159
+ context "in escaped and quoted" do
160
+ let(:event) do
161
+ {
162
+ caller: [""],
163
+ sql: "SELECT * FROM foo WHERE name IN ('A \\\'quoted\\\' value.')"
164
+ }
165
+ end
166
+
167
+ it "redacts" do
168
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name IN ([REDACTED])")
169
+ end
170
+ end
171
+
172
+ context "between quoted" do
173
+ let(:event) do
174
+ {
175
+ caller: [""],
176
+ sql: "SELECT * FROM foo WHERE name BETWEEN 'A \\'quoted\\' value.' AND 'Another value'"
177
+ }
178
+ end
179
+
180
+ it "redacts" do
181
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name BETWEEN '[REDACTED]' AND '[REDACTED]'")
182
+ end
183
+ end
184
+
185
+ context "between escaped and quoted" do
186
+ let(:event) do
187
+ {
188
+ caller: [""],
189
+ sql: "SELECT * FROM foo WHERE name BETWEEN 'A \\\'quoted\\\' value.' AND 'Another value'"
190
+ }
191
+ end
192
+
193
+ it "redacts" do
194
+ expect(filter_event[:sql]).to eq("SELECT * FROM foo WHERE name BETWEEN '[REDACTED]' AND '[REDACTED]'")
195
+ end
196
+ end
79
197
  end
80
198
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: active_record-sql_analyzer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.7
4
+ version: 0.0.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Zachary Anker
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-04-28 00:00:00.000000000 Z
12
+ date: 2016-05-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activerecord