logasm 0.9.0 → 0.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3c09d965be2c9ada94a7ee35d4b7518f411b9a81
-  data.tar.gz: d3442723ac39e8661ac4d789b159aca7f2152895
+  metadata.gz: 976cb0da3fd9228fcfc8131274424fa54ea76117
+  data.tar.gz: 638a7ed3dee8b7756b97fbc4f45c08cc2ddb6993
 SHA512:
-  metadata.gz: 5a896dc77965ca1b6022ec65918327b8a94435d85ae592e6a516bed903f2588f4b1257e692c7e5915f5431af2564ec14fe9e73b6627d689b0f8f2b4a035df48d
-  data.tar.gz: 32deab6ec961e0ffdc123ec6065fa09eabf4a604740c98a9782aeaaf7927f6c5e0160bc99574a94018dcff667aec84eeab62f2de8349af46d84f7a6add776354
+  metadata.gz: 53b084eeb0aec7ebaa7830d8677b295d9a4b4c31b472929df8e6c35b8ef54c7719d08879e8653335e4c4cae0e80b3cfd26d3640167e8ac8f24b08e7893150efc
+  data.tar.gz: c054f7d41cb28d47abc5610368e9a5a918c8bd5a2d62abe07dd133c1edd8fba706c6437b9ef3c4baf96cd3f92d9c9eb9e9dd782788668be4673dd0b2f3a0aff8

data/README.md

@@ -73,9 +73,10 @@ You can specify the name of the field and which action to take on it.
 Nested hashes of any level are preprocessed as well.
 
 Available actions:
-    
-* exclude(`default`) - fully excludes the field and its value from the hash.
-* mask - replaces every character from the original value with `*`. In case of `array`, `hash` or `boolean` value is replaced with one `*`.
+
+* `prune` (default) - fully excludes the field and its value from the hash.
+* `mask` - replaces every character from the original value with `*`. 
+  In case of `array`, `hash` or `boolean` value is replaced with one `*`.
 
 #### Configuration
 
@@ -85,7 +86,7 @@ preprocessors:
     fields:
       - key: password
       - key: phone
-        action: mask
+    action: mask
 ```
 
 #### Usage
@@ -106,16 +107,23 @@ Received request {"info":{"phone":"************"}}
 
 ### Whitelist
 
-Masks all the fields except those whitelisted in the configuration using [JSON Pointer](https://tools.ietf.org/html/rfc6901).
+Prunes or masks all the fields except those whitelisted in the configuration using [JSON Pointer](https://tools.ietf.org/html/rfc6901).
 Only simple values(`string`, `number`, `boolean`) can be whitelisted.
 Whitelisting array and hash elements can be done using wildcard symbol `~`.
 
+Available actions:
+
+* `mask` (default) - replaces every character from the original value with `*`. 
+  In case of `array`, `hash` or `boolean` value is replaced with one `*`.
+* `prune` - fully excludes the field and its value from the hash.
+
 #### Configuration
 
 ```yaml
 preprocessors:
   whitelist:
     pointers: ['/info/phone', '/addresses/~/host']
+  action: prune
 ```
 
 #### Usage
@@ -132,4 +140,4 @@ Logger output:
 
 ```
 Received request {password: "********", "info": {"phone": "+12055555555"}, "addresses": [{"host": "example.com","path": "****"}]}
-```
+```

data/benchmark/whitelisting.rb

@@ -10,43 +10,44 @@ pointers = %w[
   /nested_array/~/deep_array/~
 ]
 
-preprocessor = Logasm::Preprocessors::Whitelist.new(pointers: pointers)
-
-
-Benchmark.ips do |x|
-  x.config(time: 5, warmup: 2)
-
-  x.report('Scalar value whitelisting') do
-    preprocessor.process(scalar: 'value', bad_scalar: 'value', hash: {})
-  end
-
-  x.report('Flat hash whitelisting') do
-    preprocessor.process(flat_hash: { scalar: 'value', array: [1, 2], hash: {} })
-  end
-
-  x.report('Nested hash whitelisting') do
-    preprocessor.process(
-      nested_hash: {
-        next_level_hash: {
-          deep_hash: { scalar: 'value', array: [1, 2] }
-        },
-        next_level_hash2: {
-          deep_hash: { scalar: 'value', array: [1, 2] }
-        },
-        next_level_hash3: {
-          deep_hash: { scalar: 'value', array: [1, 2] }
+%w[prune mask].each do |action|
+  preprocessor = Logasm::Preprocessors::Whitelist.new(pointers: pointers, action: action)
+
+  Benchmark.ips do |x|
+    x.config(time: 5, warmup: 2)
+
+    x.report("Scalar value whitelisting (action=#{action})") do
+      preprocessor.process(scalar: 'value', bad_scalar: 'value', hash: {})
+    end
+
+    x.report("Flat hash whitelisting (action=#{action})") do
+      preprocessor.process(flat_hash: { scalar: 'value', array: [1, 2], hash: {} })
+    end
+
+    x.report("Nested hash whitelisting (action=#{action})") do
+      preprocessor.process(
+        nested_hash: {
+          next_level_hash: {
+            deep_hash: { scalar: 'value', array: [1, 2] }
+          },
+          next_level_hash2: {
+            deep_hash: { scalar: 'value', array: [1, 2] }
+          },
+          next_level_hash3: {
+            deep_hash: { scalar: 'value', array: [1, 2] }
+          }
         }
-      }
-    )
-  end
-
-  x.report('Flat array whitelisting') do
-    preprocessor.process(
-      nested_array: [
-        { deep_array: [1, 2, 3] },
-        { deep_array: [1, 2, 3] },
-        { deep_array: [1, 2, 3] }
-      ]
-    )
+      )
+    end
+
+    x.report("Flat array whitelisting (action=#{action})") do
+      preprocessor.process(
+        nested_array: [
+          { deep_array: [1, 2, 3] },
+          { deep_array: [1, 2, 3] },
+          { deep_array: [1, 2, 3] }
+        ]
+      )
+    end
   end
 end

data/lib/logasm/preprocessors/blacklist.rb

@@ -2,7 +2,7 @@ class Logasm
   module Preprocessors
     class Blacklist
 
-      DEFAULT_ACTION = 'exclude'
+      DEFAULT_ACTION = 'prune'
       MASK_SYMBOL = '*'
       MASKED_VALUE = MASK_SYMBOL * 5
 
@@ -52,9 +52,10 @@ class Logasm
         data.merge(key => MASKED_VALUE)
       end
 
-      def exclude_field(data, *)
+      def prune_field(data, *)
         data
       end
+      alias_method :exclude_field, :prune_field
     end
   end
 end

data/lib/logasm/preprocessors/strategies/mask.rb

@@ -0,0 +1,43 @@
+class Logasm
+  module Preprocessors
+    module Strategies
+      class Mask
+        MASK_SYMBOL = '*'.freeze
+        MASKED_VALUE = MASK_SYMBOL * 5
+
+        def initialize(trie)
+          @trie = trie
+        end
+
+        def process(data, pointer = '')
+          return MASKED_VALUE unless @trie.include?(pointer)
+
+          case data
+          when Hash
+            process_hash(data, pointer)
+
+          when Array
+            process_array(data, pointer)
+
+          else
+            data
+          end
+        end
+
+        private
+
+        def process_hash(data, parent_pointer)
+          data.each_with_object({}) do |(key, value), result|
+            result[key] = process(value, "#{parent_pointer}/#{key}")
+          end
+        end
+
+        def process_array(data, parent_pointer)
+          data.each_with_index.map do |value, index|
+            process(value, "#{parent_pointer}/#{index}")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/logasm/preprocessors/strategies/prune.rb

@@ -0,0 +1,44 @@
+class Logasm
+  module Preprocessors
+    module Strategies
+      class Prune
+        def initialize(trie)
+          @trie = trie
+        end
+
+        def process(data, pointer = '')
+          return nil unless @trie.include?(pointer)
+
+          case data
+          when Hash
+            process_hash(data, pointer)
+
+          when Array
+            process_array(data, pointer)
+
+          else
+            data
+          end
+        end
+
+        private
+
+        def process_hash(data, parent_pointer)
+          data.each_with_object({}) do |(key, value), result|
+            path = "#{parent_pointer}/#{key}"
+
+            result[key] = process(value, path) if @trie.include?(path)
+          end
+        end
+
+        def process_array(data, parent_pointer)
+          data.each_with_index.each_with_object([]) do |(value, index), result|
+            path = "#{parent_pointer}/#{index}"
+
+            result << process(value, path) if @trie.include?(path)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/logasm/preprocessors/whitelist.rb

@@ -1,4 +1,6 @@
 require 'logasm/preprocessors/json_pointer_trie'
+require 'logasm/preprocessors/strategies/mask'
+require 'logasm/preprocessors/strategies/prune'
 
 class Logasm
   module Preprocessors
@@ -7,21 +9,23 @@ class Logasm
       MASK_SYMBOL = '*'.freeze
       MASKED_VALUE = MASK_SYMBOL * 5
 
+      PRUNE_ACTION_NAMES = %w[prune exclude].freeze
+
       class InvalidPointerFormatException < Exception
       end
 
       def initialize(config = {})
-        pointers = (config[:pointers] || []) + DEFAULT_WHITELIST
-
-        @trie = pointers.reduce(JSONPointerTrie.new(config)) do |trie, pointer|
-          validate_pointer(pointer)
+        trie = build_trie(config)
 
-          trie.insert(decode(pointer))
-        end
+        @strategy = if PRUNE_ACTION_NAMES.include?(config[:action].to_s)
+                      Strategies::Prune.new(trie)
+                    else
+                      Strategies::Mask.new(trie)
+                    end
       end
 
       def process(data)
-        process_data('', data)
+        @strategy.process(data)
       end
 
       private
@@ -38,31 +42,13 @@ class Logasm
           .gsub('~0', '~')
       end
 
-      def process_data(parent_pointer, data)
-        return MASKED_VALUE unless @trie.include?(parent_pointer)
-
-        case data
-        when Hash
-          process_hash(parent_pointer, data)
-
-        when Array
-          process_array(parent_pointer, data)
-
-        else
-          data
-        end
-      end
+      def build_trie(config)
+        pointers = (config[:pointers] || []) + DEFAULT_WHITELIST
 
-      def process_hash(parent_pointer, hash)
-        hash.each_with_object({}) do |(key, value), result|
-          processed = process_data("#{parent_pointer}/#{key}", value)
-          result[key] = processed
-        end
-      end
+        pointers.reduce(JSONPointerTrie.new(config)) do |trie, pointer|
+          validate_pointer(pointer)
 
-      def process_array(parent_pointer, array)
-        array.each_with_index.map do |value, index|
-          process_data("#{parent_pointer}/#{index}", value)
+          trie.insert(decode(pointer))
         end
       end
     end

data/logasm.gemspec

@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 Gem::Specification.new do |gem|
   gem.name          = "logasm"
-  gem.version       = '0.9.0'
+  gem.version       = '0.9.1'
   gem.authors       = ["Salemove"]
   gem.email         = ["support@salemove.com"]
   gem.description   = %q{It's logasmic}

data/spec/preprocessors/whitelist_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 require_relative '../../lib/logasm/preprocessors/whitelist'
 
-describe Logasm::Preprocessors::Whitelist do
+RSpec.describe Logasm::Preprocessors::Whitelist, 'when :action is :mask or omitted' do
   subject(:processed_data) { described_class.new(config).process(data) }
 
   let(:config) { { pointers: pointers } }
@@ -199,3 +199,137 @@ describe Logasm::Preprocessors::Whitelist do
     described_class.new(pointers: pointers).process(data)
   end
 end
+
+RSpec.describe Logasm::Preprocessors::Whitelist, 'when :action is :exclude or :prune' do
+  subject(:processed_data) { described_class.new(config).process(data) }
+
+  let(:config) { { pointers: pointers, action: :prune } }
+  let(:pointers) { [] }
+  let(:data) do
+    {
+      field: 'secret',
+      data: {
+        field: 'secret'
+      },
+      array: [{ field: 'secret' }, { field2: 'secret' }]
+    }
+  end
+
+  context 'when pointers is empty' do
+    it 'prunes all fields from the input' do
+      expect(processed_data).to eq({})
+    end
+  end
+
+  context 'with whitelisted field' do
+    let(:pointers) { ['/field'] }
+
+    it 'includes the field' do
+      expect(processed_data).to eq(field: 'secret')
+    end
+  end
+
+  context 'with whitelisted nested field' do
+    let(:pointers) { ['/data/field'] }
+
+    it 'includes nested field' do
+      expect(processed_data).to eq(data: { field: 'secret' })
+    end
+  end
+
+  context 'with whitelisted array element field' do
+    let(:pointers) { ['/array/0/field'] }
+
+    it 'includes array element' do
+      expect(processed_data).to eq(array: [{ field: 'secret' }])
+    end
+  end
+
+  context 'with whitelisted hash' do
+    it 'includes all whitelisted hash elements' do
+      source = { foo: { bar: 'baz' } }
+      target = { foo: { bar: 'baz' } }
+      expect(process(['/foo/~'], source)).to eq(target)
+    end
+
+    it 'does not include nested elements' do
+      source = { foo: { bar: { baz: 'asd' } } }
+      target = { foo: { bar: {} } }
+      expect(process(['/foo/~'], source)).to eq(target)
+    end
+  end
+
+  context 'with whitelisted array elements field with wildcard' do
+    let(:data) do
+      {
+        array: [
+          { field: 'data1', secret: 'secret1' },
+          { field: 'data2', secret: 'secret2' }
+        ]
+      }
+    end
+    let(:pointers) { ['/array/~/field'] }
+
+    it 'includes array elements field' do
+      expect(processed_data).to include(
+                                  array: [
+                                    { field: 'data1' },
+                                    { field: 'data2' }
+                                  ]
+                                )
+    end
+  end
+
+  context 'with whitelisted string array elements with wildcard' do
+    let(:data) do
+      { array: %w[secret1 secret2] }
+    end
+    let(:pointers) { ['/array/~'] }
+
+    it 'includes array elements' do
+      expect(processed_data).to include(array: %w[secret1 secret2])
+    end
+  end
+
+  context 'with whitelisted string array elements in an array with wildcard' do
+    let(:data) do
+      {
+        nested: [{ array: %w[secret1 secret2] }]
+      }
+    end
+    let(:pointers) { ['/nested/~/array/~'] }
+
+    it 'includes array elements' do
+      expect(processed_data).to include(nested: [{ array: %w[secret1 secret2] }])
+    end
+  end
+
+
+  context 'with whitelisted array element' do
+    let(:pointers) { ['/array/0'] }
+
+    it 'masks array element' do
+      expect(processed_data).to eq(array: [{}])
+    end
+  end
+
+  context 'with whitelisted array' do
+    let(:pointers) { ['/array'] }
+
+    it 'masks array' do
+      expect(processed_data).to include(array: [])
+    end
+  end
+
+  context 'with whitelisted hash' do
+    let(:pointers) { ['/data'] }
+
+    it 'masks hash' do
+      expect(processed_data).to include(data: {})
+    end
+  end
+
+  def process(pointers, data)
+    described_class.new(pointers: pointers, action: :prune).process(data)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logasm
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.9.1
 platform: ruby
 authors:
 - Salemove
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-12-19 00:00:00.000000000 Z
+date: 2017-12-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inflecto
@@ -120,6 +120,8 @@ files:
 - lib/logasm/preprocessors.rb
 - lib/logasm/preprocessors/blacklist.rb
 - lib/logasm/preprocessors/json_pointer_trie.rb
+- lib/logasm/preprocessors/strategies/mask.rb
+- lib/logasm/preprocessors/strategies/prune.rb
 - lib/logasm/preprocessors/whitelist.rb
 - lib/logasm/utils.rb
 - logasm.gemspec