phi_attrs 0.2.2 → 0.2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/build.yml +3 -4
- data/.github/workflows/publish.yml +4 -7
- data/README.md +26 -3
- data/lib/phi_attrs/configure.rb +18 -0
- data/lib/phi_attrs/logger.rb +1 -1
- data/lib/phi_attrs/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1cc2ab95144c51b9ce2322864983ff9302d65d3e585c8ced98f1fe3098761173
|
|
4
|
+
data.tar.gz: 377a9e45f0069b4817a9156a66969b3056553707ae0f6a61716c16cbdc978a8a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 78aa212eceac4e6b0ef10289ac0517b3d9943add98550fcffbc374e9d3d773ab3395d0cfae792161b6793f05fd7a08347e60b76201a6c719954956c902396fb2
|
|
7
|
+
data.tar.gz: 8fed8925c193caf3c169dff50800766d0abd9b45e6dd652de31b93b8219a2c3d425ac111a9c4b8608fbbfbc23a2e038f13bda2d89004a65fa801eb15dfcdbb37
|
data/.github/workflows/build.yml
CHANGED
|
@@ -11,15 +11,14 @@ jobs:
|
|
|
11
11
|
ruby: [2.5, 2.6, 2.7]
|
|
12
12
|
|
|
13
13
|
steps:
|
|
14
|
-
- uses: actions/checkout@
|
|
14
|
+
- uses: actions/checkout@v3
|
|
15
15
|
- name: Set up Ruby ${{ matrix.ruby }}
|
|
16
|
-
uses:
|
|
16
|
+
uses: ruby/setup-ruby@v1
|
|
17
17
|
with:
|
|
18
18
|
ruby-version: ${{ matrix.ruby }}
|
|
19
|
+
bundler-cache: true
|
|
19
20
|
- name: Install dependencies
|
|
20
21
|
run: |
|
|
21
|
-
gem install bundler
|
|
22
|
-
bundle install
|
|
23
22
|
bundle exec appraisal install
|
|
24
23
|
- name: Run rspec
|
|
25
24
|
run: bundler exec appraisal rspec
|
|
@@ -11,18 +11,15 @@ jobs:
|
|
|
11
11
|
runs-on: ubuntu-latest
|
|
12
12
|
|
|
13
13
|
steps:
|
|
14
|
-
- uses: actions/checkout@
|
|
15
|
-
- uses:
|
|
14
|
+
- uses: actions/checkout@v3
|
|
15
|
+
- uses: ruby/setup-ruby@v1
|
|
16
16
|
with:
|
|
17
17
|
ruby-version: '2.6'
|
|
18
|
-
|
|
19
|
-
run: |
|
|
20
|
-
gem install bundler:2.1.4
|
|
21
|
-
bundle install
|
|
18
|
+
bundler-cache: true
|
|
22
19
|
- name: Release Gem
|
|
23
20
|
if: contains(github.ref, 'refs/tags/v')
|
|
24
21
|
uses: cadwallion/publish-rubygems-action@master
|
|
25
22
|
env:
|
|
26
23
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
|
27
24
|
RUBYGEMS_API_KEY: ${{secrets.RUBYGEMS_API_KEY}}
|
|
28
|
-
RELEASE_COMMAND: bundle exec rake release
|
|
25
|
+
RELEASE_COMMAND: bundle exec rake release
|
data/README.md
CHANGED
|
@@ -39,7 +39,7 @@ Or install it yourself as:
|
|
|
39
39
|
|
|
40
40
|
## Initialize
|
|
41
41
|
|
|
42
|
-
Create an initializer to configure the PHI log file location.
|
|
42
|
+
Create an initializer to configure the PHI log file location. Log rotation can be configured with log_shift_age and log_shift_size (disabled by default).
|
|
43
43
|
|
|
44
44
|
Example:
|
|
45
45
|
|
|
@@ -48,6 +48,8 @@ Example:
|
|
|
48
48
|
```ruby
|
|
49
49
|
PhiAttrs.configure do |conf|
|
|
50
50
|
conf.log_path = Rails.root.join("log", "phi_access_#{Rails.env}.log")
|
|
51
|
+
conf.log_shift_age = 10 # how many logs to keep of `log_shift_size` or frequency to rotate ('daily', 'weekly' or 'monthly'). Disable rotation with 0 (default).
|
|
52
|
+
conf.log_shift_size = 100.megabytes # size in bytes when using `log_shift_age` as a number
|
|
51
53
|
end
|
|
52
54
|
```
|
|
53
55
|
|
|
@@ -275,7 +277,7 @@ There is also a block syntax of `disallow_phi` for temporary suppression phi acc
|
|
|
275
277
|
```ruby
|
|
276
278
|
patient = PatientInfo.find(params[:id])
|
|
277
279
|
patient.allow_phi!('allowed_user@example.com', 'Display Patient Data')
|
|
278
|
-
patient.
|
|
280
|
+
patient.disallow_phi do
|
|
279
281
|
@data = patient.to_json # PHIAccessException
|
|
280
282
|
end # Access is allowed again beyond this point
|
|
281
283
|
```
|
|
@@ -284,7 +286,7 @@ or a block level on a class:
|
|
|
284
286
|
|
|
285
287
|
```ruby
|
|
286
288
|
PatientInfo.allow_phi!('allowed_user@example.com', 'Display Patient Data')
|
|
287
|
-
PatientInfo.
|
|
289
|
+
PatientInfo.disallow_phi do
|
|
288
290
|
@data = PatientInfo.find(params[:id]).to_json # PHIAccessException
|
|
289
291
|
end # Access is allowed again beyond this point
|
|
290
292
|
```
|
|
@@ -391,6 +393,27 @@ person_phi.allow_phi(nil, "Because I felt like looking at PHI") do
|
|
|
391
393
|
end
|
|
392
394
|
```
|
|
393
395
|
|
|
396
|
+
### Request UUID
|
|
397
|
+
|
|
398
|
+
It can be helpful to include the Rails request UUID to match up your general application
|
|
399
|
+
logs to your PHI access logs. The following snippet will prepend your PHI access logs
|
|
400
|
+
with the request UUID.
|
|
401
|
+
|
|
402
|
+
#### `app/controllers/application_controller.rb`
|
|
403
|
+
|
|
404
|
+
```ruby
|
|
405
|
+
around_action :tag_phi_log_with_request_id
|
|
406
|
+
|
|
407
|
+
...
|
|
408
|
+
|
|
409
|
+
private
|
|
410
|
+
|
|
411
|
+
def tag_phi_log_with_request_id
|
|
412
|
+
PhiAttrs::Logger.logger.tagged("Request ID: #{request.uuid}") do
|
|
413
|
+
yield
|
|
414
|
+
end
|
|
415
|
+
end
|
|
416
|
+
```
|
|
394
417
|
## Best Practices
|
|
395
418
|
|
|
396
419
|
* Mix and matching `instance`, `class` and `block` syntaxes for allowing/denying PHI is not recommended.
|
data/lib/phi_attrs/configure.rb
CHANGED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
module PhiAttrs
|
|
4
4
|
@@log_path = nil
|
|
5
|
+
@@log_shift_age = 0 # Default to disabled
|
|
6
|
+
@@log_shift_size = 1048576 # 1MB - Default from logger class
|
|
5
7
|
@@current_user_method = nil
|
|
6
8
|
@@translation_prefix = 'phi'
|
|
7
9
|
|
|
@@ -17,6 +19,22 @@ module PhiAttrs
|
|
|
17
19
|
@@log_path = value
|
|
18
20
|
end
|
|
19
21
|
|
|
22
|
+
def self.log_shift_age
|
|
23
|
+
@@log_shift_age
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def self.log_shift_age=(value)
|
|
27
|
+
@@log_shift_age = value
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def self.log_shift_size
|
|
31
|
+
@@log_shift_size
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def self.log_shift_size=(value)
|
|
35
|
+
@@log_shift_size = value
|
|
36
|
+
end
|
|
37
|
+
|
|
20
38
|
def self.translation_prefix
|
|
21
39
|
@@translation_prefix
|
|
22
40
|
end
|
data/lib/phi_attrs/logger.rb
CHANGED
|
@@ -7,7 +7,7 @@ module PhiAttrs
|
|
|
7
7
|
class << self
|
|
8
8
|
def logger
|
|
9
9
|
unless @logger
|
|
10
|
-
logger = ActiveSupport::Logger.new(PhiAttrs.log_path)
|
|
10
|
+
logger = ActiveSupport::Logger.new(PhiAttrs.log_path, PhiAttrs.log_shift_age, PhiAttrs.log_shift_size)
|
|
11
11
|
logger.formatter = Formatter.new
|
|
12
12
|
@logger = ActiveSupport::TaggedLogging.new(logger)
|
|
13
13
|
end
|
data/lib/phi_attrs/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: phi_attrs
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Wyatt Kirby
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-12-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -285,7 +285,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
285
285
|
- !ruby/object:Gem::Version
|
|
286
286
|
version: '0'
|
|
287
287
|
requirements: []
|
|
288
|
-
rubygems_version: 3.
|
|
288
|
+
rubygems_version: 3.3.26
|
|
289
289
|
signing_key:
|
|
290
290
|
specification_version: 4
|
|
291
291
|
summary: PHI Access Restriction & Logging for Rails ActiveRecord
|