activecypher 0.6.1 → 0.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3901e0713d002b9c8061ffe4f3e7e8b85cceb4faf3216df23c91cab136654356
-  data.tar.gz: ba8088d2981a28e99eca7e171553f94696c0ed940a51c4ba53fa03210dce3be8
+  metadata.gz: 6586ae8148cfb3d3f1e6ce182fc556a36790d84d0559e95455a57e1534afe4b2
+  data.tar.gz: 634ef2b25e6ba61bb38baf955c30e48fca9c9c6c71e885c5e5a5174d2105a947
 SHA512:
-  metadata.gz: 1e0923e31a2d8a3bfea68047870de373ab012ecc90d6164bacd43f8c7a3af1f88ce4c9051b4e4d53ca541d738cefeb988da3e508995557d2c51277870a39da60
-  data.tar.gz: 63126e6704aa13ce3094d6aafc5590eb3d9786a58d065590fb68d98b5234ed5f7d125147663928cc7baadab3da623b5aafc9432b8324a4957e11b131632e8bf8
+  metadata.gz: 9ea71245757351c9e2d503078721ee431a1525faa84ea83634ff9d0ed9b2ad486d7001941ef1de608ec86cf0141676bd9a1bbe6ebe1ed215094203a1efe98f01
+  data.tar.gz: c445c1430312284afd41a91dd8b25478066ce5f93284f249cdedd5256ed62eb02fa09161eda7ff3298d0f33c6a233e858bc75b1f780153ea218096c3ec911036

data/lib/active_cypher/bolt/connection.rb

@@ -17,6 +17,26 @@ module ActiveCypher
       attr_reader :host, :port, :timeout_seconds, :socket,
                   :protocol_version, :server_agent, :connection_id, :adapter
 
+      # Override inspect to redact sensitive information
+      def inspect
+        filtered_auth = ActiveCypher::Redaction.filter_hash(@auth_token)
+
+        attributes = {
+          host: @host.inspect,
+          port: @port.inspect,
+          auth_token: filtered_auth.inspect,
+          timeout_seconds: @timeout_seconds.inspect,
+          secure: @secure.inspect,
+          verify_cert: @verify_cert.inspect,
+          connected: @connected.inspect,
+          protocol_version: @protocol_version.inspect,
+          server_agent: @server_agent.inspect,
+          connection_id: @connection_id.inspect
+        }
+
+        "#<#{self.class.name}:0x#{object_id.to_s(16)} #{attributes.map { |k, v| "@#{k}=#{v}" }.join(', ')}>"
+      end
+
       SUPPORTED_VERSIONS = [5.8, 5.2].freeze
 
       # Initializes a new Bolt connection.

data/lib/active_cypher/connection_adapters/abstract_adapter.rb

@@ -82,6 +82,15 @@ module ActiveCypher
       # @return [Array<Hash>] The processed rows
       def process_records(rows) = rows.map { |r| deep_symbolize(r) }
 
+      # Override inspect to hide sensitive information
+      # @return [String] Safe representation of the adapter
+      def inspect
+        filtered_config = ActiveCypher::Redaction.filter_hash(config)
+
+        # Return a safe representation
+        "#<#{self.class}:0x#{object_id.to_s(16)} @config=#{filtered_config.inspect}>"
+      end
+
       private
 
       # Recursively turns everything into symbols, because that's what all the cool kids do.

data/lib/active_cypher/connection_adapters/abstract_bolt_adapter.rb

@@ -34,9 +34,22 @@ module ActiveCypher
                    { scheme: 'none' }
                  end
 
+          # Get SSL connection params
+          ssl_params = if config[:url]
+                         resolver = ActiveCypher::ConnectionUrlResolver.new(config[:url])
+                         resolver.ssl_connection_params
+                       else
+                         {
+                           secure: config[:ssl] ? true : false,
+                           verify_cert: config[:ssc] ? false : true
+                         }
+                       end
+
           @connection = Bolt::Connection.new(
             host, port, self,
-            auth_token: auth, timeout_seconds: config.fetch(:timeout, 15)
+            auth_token: auth,
+            timeout_seconds: config.fetch(:timeout, 15),
+            **ssl_params
           )
           @connection.connect
           validate_connection

data/lib/active_cypher/connection_adapters/registry.rb

@@ -81,13 +81,15 @@ module ActiveCypher
             principal: config[:username],
             credentials: config[:password]
           }
+          # Get SSL connection params from resolver
+          ssl_params = resolver.ssl_connection_params
+
           ActiveCypher::Bolt::Driver.new(
             uri: uri,
             adapter: adapter,
             auth_token: auth_token,
             pool_size: pool_size,
-            secure: config[:ssl] ? true : false,
-            verify_cert: config[:ssc] ? false : true
+            **ssl_params
           )
         end
       end

data/lib/active_cypher/connection_url_resolver.rb

@@ -62,6 +62,17 @@ module ActiveCypher
       }
     end
 
+    # Returns SSL/TLS connection parameters based on ssl/ssc flags
+    # @return [Hash] Connection parameters for SSL/TLS
+    def ssl_connection_params
+      return {} unless @parsed
+
+      {
+        secure: @parsed[:ssl] ? true : false,
+        verify_cert: @parsed[:ssc] ? false : true
+      }
+    end
+
     private
 
     def parse_url(url_string)

data/lib/active_cypher/generators/templates/cypher_databases.yml

@@ -1,16 +1,11 @@
 development:
   primary:
-    adapter: neo4j # Because you like your graphs with a touch of existential dread
-    url: neo4j://neo4j:neo4j@localhost:7687 # VIP port, VIP credentials (change them, seriously)
-    multi_db: false # One DB to rule them all
+    url: ENV["GRAPH_URL"]
 
 test:
   primary:
-    url: neo4j://neo4j:neo4j@localhost:9876 # Different port, same chaos
-    multi_db: false
+    url: ENV["GRAPH_URL"]
 
 production:
   primary:
-    adapter: memgraph # Yes, still memgraph... for now...
-    url: memgraph+ssc://<%= ENV["MG_USER"] %>:<%= ENV["MG_PASS"] %>@<%= ENV["MG_HOST"] %>:7687
-    multi_db: <%= ENV.fetch("MG_MULTI_DB", "false") %> # Because complexity is a luxury
+    url: ENV["GRAPH_URL"]

data/lib/active_cypher/redaction.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module ActiveCypher
+  # Shared constants and utilities for redacting sensitive information in inspection output
+  module Redaction
+    # The mask to use for sensitive information
+    MASK = '[HUNTER2]'
+
+    # Common sensitive parameter keys
+    SENSITIVE_KEYS = %i[password credentials auth_token principal url].freeze
+
+    # Create a parameter filter with the default mask and keys
+    # @param additional_keys [Array<Symbol>] Additional keys to redact
+    # @return [ActiveSupport::ParameterFilter] The configured filter
+    def self.create_filter(additional_keys = [])
+      keys = SENSITIVE_KEYS + additional_keys
+      ActiveSupport::ParameterFilter.new(keys, mask: MASK)
+    end
+
+    # Filter a hash to redact sensitive information
+    # @param hash [Hash] The hash to filter
+    # @param additional_keys [Array<Symbol>] Additional keys to redact
+    # @return [Hash] The filtered hash
+    def self.filter_hash(hash, additional_keys = [])
+      create_filter(additional_keys).filter(hash)
+    end
+  end
+end

data/lib/active_cypher/version.rb

@@ -1,5 +1,13 @@
 # frozen_string_literal: true
 
 module ActiveCypher
-  VERSION = '0.6.1'
+  VERSION = '0.6.3'
+
+  def self.gem_version
+    Gem::Version.new VERSION
+  end
+
+  class << self
+    alias version gem_version
+  end
 end

data/lib/activecypher.rb

@@ -4,6 +4,7 @@ require 'active_support'
 require 'zeitwerk'
 require_relative 'cyrel'
 require_relative 'active_cypher/version'
+require_relative 'active_cypher/redaction'
 
 # ActiveCypher is a Ruby gem that provides an ActiveRecord-like interface for
 # interacting with Neo4j databases using Cypher queries.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: activecypher
 version: !ruby/object:Gem::Version
-  version: 0.6.1
+  version: 0.6.3
 platform: ruby
 authors:
 - Abdelkader Boudih
@@ -154,6 +154,7 @@ files:
 - lib/active_cypher/model/persistence.rb
 - lib/active_cypher/model/querying.rb
 - lib/active_cypher/railtie.rb
+- lib/active_cypher/redaction.rb
 - lib/active_cypher/relation.rb
 - lib/active_cypher/relationship.rb
 - lib/active_cypher/runtime_registry.rb