qodex-rails 0.1.13 → 0.1.15

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 53f423fa70f86f62f2a1a68fd591468b03b62e5f81792539fd012ee4a10bac80
-  data.tar.gz: 7d1a50e23f1bf56ca65120f66b41871e4de476bfe55359415f528e0931e38a4a
+  metadata.gz: ba87db4007efe72ee98d47d2a52d72614fce543aca0a7e7ba3dd086828da806d
+  data.tar.gz: a7fa6d9cddbdd3485395431a81863990c56c86f7468ec17188ca9a9e515fbfb3
 SHA512:
-  metadata.gz: 6e7394d3f7afa7297acf0cff2e8cce1b887b3e49e03a9a0df009ea39be41e712858bc34d2ad154f18bc07e3037c1cc1d43aa1dbab618cf929be9bc427461737b
-  data.tar.gz: f136cf35b976b3aa138dd03f28fc4a93aa463910cdc05cb5444009caf3370a7408315311d6c4ef3e3c7c647ba14055f54f7a2abc19161262bd035a2228ca1d87
+  metadata.gz: b45cf81b94e23c1186e0bc7b155078ac75a09f858387cdb300b0f9f28bb8be51013e6a81ef51f32d97efab5599cb4676afed41fa09136e76dd8a7ef2f055c071
+  data.tar.gz: 7f452b6f2d952f9d32c1d45962622ae1b6e6b3345ce787a3ba342d158f075f2d7439dfb3a3e4a41d8880ed844d1f71e3ea9a628e07db7a567985b9aa21ee183d

data/README.md

@@ -17,7 +17,7 @@ If bundler is not being used to manage dependencies, install the gem by executin
 ## Configuration
     # config/initializers/qodex_rails.rb
 
-    
+
     QodexRails.configure do |config|
         # Your configuration settings for qodex-rails in the staging environment
         project_name = Rails.application.class.module_parent_name rescue 'qodex'
@@ -25,8 +25,9 @@ If bundler is not being used to manage dependencies, install the gem by executin
         config.allowed_environments = ['staging', 'production']  # Default value is staging if not set. Add production to enable in production
         config.frequency = 'high' #default value is medium. to control the speed of the logs processing
         config.api_key = 'Your API Key'
-    end  
-    
+        config.pii_masking = ['api-key', 'access-token'] # add keys to skip sending actual value to qodex server
+    end
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/qodex-rails. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/qodex-rails/blob/main/CODE_OF_CONDUCT.md).

data/lib/qodex/rails/version.rb

@@ -2,6 +2,6 @@
 
 module Qodex
   module Rails
-    VERSION = "0.1.13"
+    VERSION = "0.1.15"
   end
 end

data/lib/qodex-rails/configuration.rb

@@ -1,6 +1,7 @@
 module QodexRails
   class Configuration
-    attr_accessor :collection_name, :api_key, :allowed_environments, :frequency, :api_host
+    attr_accessor :collection_name, :api_key, :allowed_environments,
+      :frequency, :api_host, :pii_masking
 
     def initialize
       @collection_name = nil
@@ -8,6 +9,7 @@ module QodexRails
       @allowed_environments = ['staging']
       @frequency = 'medium'
       @api_host = nil
+      @pii_masking = nil
     end
   end
 end

data/lib/qodex-rails/masking_util.rb

@@ -0,0 +1,44 @@
+module MaskingUtil
+  extend self
+
+  def mask_data(data, pii_masking)
+    return data if pii_masking.blank?
+
+    # Base case: If data is not a hash or array, return it as is
+    return data unless data.is_a?(Hash) || data.is_a?(Array)
+
+    # If the data is an array, apply the function recursively to each element
+    if data.is_a?(Array)
+      return data.map { |value| MaskingUtil.mask_data(value, pii_masking) }
+    end
+
+    # If the data is a hash, transform each value
+    data.transform_keys! { |k| k.to_s.downcase } # Convert keys to downcase for case-insensitive comparison
+    data.each do |key, value|
+      if pii_masking.include?(key.downcase)  # Check if the key matches PII fields (case-insensitive)
+        data[key] = 'MASKED_' + '{{' + key + '}}'               # Mask the value
+      elsif value.is_a?(Hash) || value.is_a?(Array)
+        data[key] = MaskingUtil.mask_data(value, pii_masking)  # Recurse for nested hashes or arrays
+      end
+    end
+  end
+
+  def mask_query_params(url, pii_masking)
+    return url if pii_masking.blank?
+    uri = URI.parse(url)
+    query_params = CGI.parse(uri.query || '')  # Parse query params into a hash
+
+    # Mask sensitive query params
+    query_params.each do |key, values|
+      if pii_masking.include?(key.downcase)  # Check if key matches PII fields (case-insensitive)
+        query_params[key] = ['{{' + 'MASKED_' + key + '}}']        # Replace value with 'XXXX'
+      end
+    end
+
+    # Reconstruct the query string with masked values
+    uri.query = URI.encode_www_form(query_params)
+
+    uri.to_s  # Return the new URL with masked query params
+  end
+
+end

data/lib/qodex-rails/middleware.rb

@@ -11,6 +11,10 @@ module QodexRails
         @frequency = QodexRails.configuration.frequency || 'low'
       end
 
+      def pii_masking
+        @pii_masking ||= QodexRails.configuration.pii_masking
+      end
+
       def call(env)
 
         # Check if the current environment is allowed
@@ -42,28 +46,53 @@ module QodexRails
         request.body.rewind
 
         status, headers, response = @app.call(env)
+        response_content_type = response.instance_eval('@response').headers['content-type']
+        if response_content_type.present? && !(response_content_type.include?('application/json'))
+          return [status, headers, response]
+        end
 
         end_time = Time.now
 
         # Capture the response details
         response_body = extract_body(response)
 
+        routes = Rails.application.routes
+        parsed_route_info = routes.recognize_path(request.url, {method: request.request_method}) rescue nil
+        return [status, headers, response] if parsed_route_info.blank?
+
+        controller_name = parsed_route_info[:controller]
+        action_name = parsed_route_info[:action]
+        additional_info = parsed_route_info.except(:controller, :action)
+
+        request_headers = extract_request_headers(env)
+        response_headers = extract_headers(headers)
+        request_params = request.params.merge(additional_info)
+
+        request_headers = MaskingUtil.mask_data(request_headers, pii_masking)
+        response_headers = MaskingUtil.mask_data(response_headers, pii_masking)
+        request_params = MaskingUtil.mask_data(request_params, pii_masking)
+        response_body = MaskingUtil.mask_data(response_body, pii_masking)
+        request_body = MaskingUtil.mask_data(request_body, pii_masking)
+        request_url = MaskingUtil.mask_query_params(request.url, pii_masking)
+
         # Construct the logs
         logs = {
           collection_name: QodexRails.configuration.collection_name,
           api_key: QodexRails.configuration.api_key,
           api: {
+            controller_name: controller_name,
+            action_name: action_name,
             time_spent: (end_time - start_time).to_i,
             body: request_body,
             response_body: response_body,
             body_type: 'none-type',
             request_type: request.request_method,
             timestamp: Time.now.to_i,
-            url: request.url,
+            url: request_url,
             status: status,
-            headers: extract_request_headers(env),
-            response_headers: extract_headers(headers),
-            params: request.params  # Using Rails' parameter filtering
+            headers: request_headers,
+            response_headers: response_headers,
+            params: request_params  # Using Rails' parameter filtering
           }
         }
 

data/lib/qodex-rails/version.rb

@@ -1,3 +1,3 @@
 module QodexRails
-  VERSION = "0.1.13"
+  VERSION = "0.1.15"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: qodex-rails
 version: !ruby/object:Gem::Version
-  version: 0.1.13
+  version: 0.1.15
 platform: ruby
 authors:
 - sid
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-05-30 00:00:00.000000000 Z
+date: 2024-06-02 00:00:00.000000000 Z
 dependencies: []
 description: Intercept your rails application to power Qodex.ai AI copilot.
 email:
@@ -26,6 +26,7 @@ files:
 - Rakefile
 - lib/qodex-rails.rb
 - lib/qodex-rails/configuration.rb
+- lib/qodex-rails/masking_util.rb
 - lib/qodex-rails/middleware.rb
 - lib/qodex-rails/version.rb
 - lib/qodex/rails.rb