sensitive_data_filter 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +1 -1
- data/lib/sensitive_data_filter/middleware/detect.rb +28 -0
- data/lib/sensitive_data_filter/middleware/env_parser.rb +11 -5
- data/lib/sensitive_data_filter/middleware/filter.rb +10 -6
- data/lib/sensitive_data_filter/middleware/occurrence.rb +11 -7
- data/lib/sensitive_data_filter/middleware.rb +2 -1
- data/lib/sensitive_data_filter/version.rb +1 -1
- data/sensitive_data_filter.gemspec +2 -2
- metadata +7 -7
- data/lib/sensitive_data_filter/middleware/env_filter.rb +0 -39
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6cce4248617024392c3ae4361addc7aba426cc1a
|
|
4
|
+
data.tar.gz: 63bfa17fd66e237d54e549b5fda77f66d2c809a7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fc9f481f0ed4edd51af68e2d0e02ecb8bebf1e67bdd6e1d845373ee6bbf19260e384df5356364dad8ad95e60c9a6698885a6d4da98f937af61ef0e77e63a735a
|
|
7
|
+
data.tar.gz: ee718699451224d75f88ad945c27aa6cdf32a1892b6e9bf6b3a584c2c33f768c757603605c2d91d5512b68b578efe12ddb2d8ee7d5ec054a865eff1cb48bb691
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,12 @@ All notable changes to this project will be documented in this file.
|
|
|
3
3
|
This project adheres to [Semantic Versioning](http://semver.org/).
|
|
4
4
|
This changelog adheres to [Keep a CHANGELOG](http://keepachangelog.com/).
|
|
5
5
|
|
|
6
|
+
## [0.4.0] - 2018-01-18
|
|
7
|
+
### Changed
|
|
8
|
+
- [TT-3520] No longer clone the "env" middleware variable
|
|
9
|
+
- [TT-3521] filter action dispatch parameter fields
|
|
10
|
+
- [TT-3523] Update gem dependencies
|
|
11
|
+
|
|
6
12
|
## [0.3.0] - 2016-12-28
|
|
7
13
|
### Changed
|
|
8
14
|
- Allows whitelisting hash values based on the key
|
data/README.md
CHANGED
|
@@ -80,7 +80,7 @@ An occurrence object has the following properties:
|
|
|
80
80
|
* matches: the matched sensitive data
|
|
81
81
|
* matches_count: the number of matches per data type, e.g. { 'CreditCard' => 1 }
|
|
82
82
|
* original_env: the original unfiltered Rack env
|
|
83
|
-
*
|
|
83
|
+
* changeset: the modified rack env variables
|
|
84
84
|
|
|
85
85
|
It also exposes `to_h` and `to_s` methods for hash and string representation respectively.
|
|
86
86
|
Please note that these representations omit sensitive data,
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
module SensitiveDataFilter
|
|
2
|
+
module Middleware
|
|
3
|
+
class Detect
|
|
4
|
+
def initialize(filter)
|
|
5
|
+
@filter = filter
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def call
|
|
9
|
+
changeset = nil
|
|
10
|
+
scan = run_scan
|
|
11
|
+
if scan.matches?
|
|
12
|
+
changeset = OpenStruct.new(SensitiveDataFilter::Middleware::FILTERABLE.each_with_object({}) { |filterable, hash|
|
|
13
|
+
hash[filterable.to_s] = SensitiveDataFilter::Mask.mask(@filter.send(filterable))
|
|
14
|
+
})
|
|
15
|
+
end
|
|
16
|
+
[changeset, scan]
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
private
|
|
20
|
+
|
|
21
|
+
def run_scan
|
|
22
|
+
SensitiveDataFilter::Scan.new(
|
|
23
|
+
SensitiveDataFilter::Middleware::FILTERABLE.map { |filterable| @filter.send(filterable) }
|
|
24
|
+
)
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
@@ -6,6 +6,7 @@ module SensitiveDataFilter
|
|
|
6
6
|
class EnvParser
|
|
7
7
|
QUERY_STRING = 'QUERY_STRING'.freeze
|
|
8
8
|
RACK_INPUT = 'rack.input'.freeze
|
|
9
|
+
REQUEST_PARAMS = 'action_dispatch.request.request_parameters'.freeze
|
|
9
10
|
|
|
10
11
|
extend Forwardable
|
|
11
12
|
|
|
@@ -28,6 +29,10 @@ module SensitiveDataFilter
|
|
|
28
29
|
@parameter_parser.parse(body)
|
|
29
30
|
end
|
|
30
31
|
|
|
32
|
+
def request_params
|
|
33
|
+
@env[REQUEST_PARAMS]
|
|
34
|
+
end
|
|
35
|
+
|
|
31
36
|
def query_params=(new_params)
|
|
32
37
|
@env[QUERY_STRING] = Rack::Utils.build_query(new_params)
|
|
33
38
|
end
|
|
@@ -36,13 +41,14 @@ module SensitiveDataFilter
|
|
|
36
41
|
@env[RACK_INPUT] = StringIO.new @parameter_parser.unparse(new_params)
|
|
37
42
|
end
|
|
38
43
|
|
|
39
|
-
def
|
|
40
|
-
|
|
44
|
+
def request_params=(new_params)
|
|
45
|
+
@env[REQUEST_PARAMS] = new_params
|
|
41
46
|
end
|
|
42
47
|
|
|
43
|
-
def
|
|
44
|
-
|
|
45
|
-
|
|
48
|
+
def mutate(mutation)
|
|
49
|
+
SensitiveDataFilter::Middleware::FILTERABLE.each do |filterable|
|
|
50
|
+
self.send("#{filterable}=", mutation.send(filterable))
|
|
51
|
+
end
|
|
46
52
|
end
|
|
47
53
|
|
|
48
54
|
def_delegators :@request, :ip, :request_method, :url, :content_type, :session
|
|
@@ -7,16 +7,20 @@ module SensitiveDataFilter
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
def call(env)
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
10
|
+
original_env = EnvParser.new(env)
|
|
11
|
+
changeset, scan = Detect.new(original_env).call
|
|
12
|
+
unless changeset.nil?
|
|
13
|
+
handle_occurrence(original_env, changeset, scan)
|
|
14
|
+
original_env.mutate(changeset)
|
|
15
|
+
end
|
|
16
|
+
@app.call(env)
|
|
13
17
|
end
|
|
14
18
|
|
|
15
19
|
private
|
|
16
20
|
|
|
17
|
-
def handle_occurrence(
|
|
18
|
-
|
|
19
|
-
SensitiveDataFilter.handle_occurrence
|
|
21
|
+
def handle_occurrence(filter, changeset, scan)
|
|
22
|
+
occurence = Occurrence.new(filter, changeset, scan.matches)
|
|
23
|
+
SensitiveDataFilter.handle_occurrence(occurence)
|
|
20
24
|
end
|
|
21
25
|
end
|
|
22
26
|
end
|
|
@@ -9,9 +9,9 @@ module SensitiveDataFilter
|
|
|
9
9
|
|
|
10
10
|
attr_reader :matches
|
|
11
11
|
|
|
12
|
-
def initialize(original_env_parser,
|
|
12
|
+
def initialize(original_env_parser, changeset, matches)
|
|
13
13
|
@original_env_parser = original_env_parser
|
|
14
|
-
@
|
|
14
|
+
@changeset = changeset
|
|
15
15
|
@matches = matches
|
|
16
16
|
end
|
|
17
17
|
|
|
@@ -28,22 +28,26 @@ module SensitiveDataFilter
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def filtered_query_params
|
|
31
|
-
@
|
|
31
|
+
@changeset.query_params
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
def filtered_body_params
|
|
35
|
-
@
|
|
35
|
+
@changeset.body_params
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def changeset
|
|
39
|
+
@changeset
|
|
36
40
|
end
|
|
37
41
|
|
|
38
42
|
def original_env
|
|
39
43
|
@original_env_parser.env
|
|
40
44
|
end
|
|
41
45
|
|
|
42
|
-
def
|
|
43
|
-
@
|
|
46
|
+
def url
|
|
47
|
+
SensitiveDataFilter::Mask.mask(@original_env_parser.url)
|
|
44
48
|
end
|
|
45
49
|
|
|
46
|
-
def_delegators :@
|
|
50
|
+
def_delegators :@original_env_parser, :request_method, :content_type, :session
|
|
47
51
|
|
|
48
52
|
def matches_count
|
|
49
53
|
@matches.map { |type, matches| [type, matches.count] }.to_h
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
module SensitiveDataFilter
|
|
3
3
|
module Middleware
|
|
4
|
+
FILTERABLE = %i(query_params body_params request_params).freeze
|
|
4
5
|
end
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
require 'sensitive_data_filter/middleware/parameter_parser'
|
|
8
9
|
require 'sensitive_data_filter/middleware/env_parser'
|
|
9
10
|
require 'sensitive_data_filter/middleware/occurrence'
|
|
10
|
-
require 'sensitive_data_filter/middleware/
|
|
11
|
+
require 'sensitive_data_filter/middleware/detect'
|
|
11
12
|
require 'sensitive_data_filter/middleware/filter'
|
|
@@ -25,7 +25,7 @@ Gem::Specification.new do |spec|
|
|
|
25
25
|
|
|
26
26
|
spec.add_dependency 'rack', '>= 1.4'
|
|
27
27
|
spec.add_dependency 'facets', '~> 3.1'
|
|
28
|
-
spec.add_dependency 'credit_card_validations', '~> 3.
|
|
28
|
+
spec.add_dependency 'credit_card_validations', '~> 3.4'
|
|
29
29
|
|
|
30
30
|
spec.add_development_dependency 'bundler', '~> 1.13'
|
|
31
31
|
spec.add_development_dependency 'rake', '~> 10.0'
|
|
@@ -33,6 +33,6 @@ Gem::Specification.new do |spec|
|
|
|
33
33
|
spec.add_development_dependency 'coverage-kit', '~> 0.1'
|
|
34
34
|
spec.add_development_dependency 'simplecov-rcov', '~> 0.2'
|
|
35
35
|
spec.add_development_dependency 'coveralls', '~> 0.8'
|
|
36
|
-
spec.add_development_dependency 'rubocop', '~> 0.
|
|
36
|
+
spec.add_development_dependency 'rubocop', '~> 0.52'
|
|
37
37
|
spec.add_development_dependency 'travis', '~> 1.8'
|
|
38
38
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sensitive_data_filter
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alessandro Berardi
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: exe
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2018-01-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rack
|
|
@@ -45,14 +45,14 @@ dependencies:
|
|
|
45
45
|
requirements:
|
|
46
46
|
- - "~>"
|
|
47
47
|
- !ruby/object:Gem::Version
|
|
48
|
-
version: '3.
|
|
48
|
+
version: '3.4'
|
|
49
49
|
type: :runtime
|
|
50
50
|
prerelease: false
|
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
53
|
- - "~>"
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
|
-
version: '3.
|
|
55
|
+
version: '3.4'
|
|
56
56
|
- !ruby/object:Gem::Dependency
|
|
57
57
|
name: bundler
|
|
58
58
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -143,14 +143,14 @@ dependencies:
|
|
|
143
143
|
requirements:
|
|
144
144
|
- - "~>"
|
|
145
145
|
- !ruby/object:Gem::Version
|
|
146
|
-
version: '0.
|
|
146
|
+
version: '0.52'
|
|
147
147
|
type: :development
|
|
148
148
|
prerelease: false
|
|
149
149
|
version_requirements: !ruby/object:Gem::Requirement
|
|
150
150
|
requirements:
|
|
151
151
|
- - "~>"
|
|
152
152
|
- !ruby/object:Gem::Version
|
|
153
|
-
version: '0.
|
|
153
|
+
version: '0.52'
|
|
154
154
|
- !ruby/object:Gem::Dependency
|
|
155
155
|
name: travis
|
|
156
156
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -192,7 +192,7 @@ files:
|
|
|
192
192
|
- lib/sensitive_data_filter/config.rb
|
|
193
193
|
- lib/sensitive_data_filter/mask.rb
|
|
194
194
|
- lib/sensitive_data_filter/middleware.rb
|
|
195
|
-
- lib/sensitive_data_filter/middleware/
|
|
195
|
+
- lib/sensitive_data_filter/middleware/detect.rb
|
|
196
196
|
- lib/sensitive_data_filter/middleware/env_parser.rb
|
|
197
197
|
- lib/sensitive_data_filter/middleware/filter.rb
|
|
198
198
|
- lib/sensitive_data_filter/middleware/occurrence.rb
|
|
@@ -1,39 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
require 'facets/kernel/present'
|
|
3
|
-
|
|
4
|
-
module SensitiveDataFilter
|
|
5
|
-
module Middleware
|
|
6
|
-
class EnvFilter
|
|
7
|
-
attr_reader :occurrence
|
|
8
|
-
|
|
9
|
-
def initialize(env)
|
|
10
|
-
@original_env_parser = EnvParser.new(env)
|
|
11
|
-
@filtered_env_parser = @original_env_parser.copy
|
|
12
|
-
@scan = build_scan
|
|
13
|
-
@filtered_env_parser.mask! if @scan.matches?
|
|
14
|
-
@occurrence = build_occurrence
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
def filtered_env
|
|
18
|
-
@filtered_env_parser.env
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def occurrence?
|
|
22
|
-
@occurrence.present?
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
private
|
|
26
|
-
|
|
27
|
-
def build_occurrence
|
|
28
|
-
return nil unless @scan.matches?
|
|
29
|
-
Occurrence.new(@original_env_parser, @filtered_env_parser, @scan.matches)
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
def build_scan
|
|
33
|
-
SensitiveDataFilter::Scan.new(
|
|
34
|
-
[@original_env_parser.query_params, @original_env_parser.body_params]
|
|
35
|
-
)
|
|
36
|
-
end
|
|
37
|
-
end
|
|
38
|
-
end
|
|
39
|
-
end
|