Class: ActiveSupport::ParameterFilter

Inherits:
Object
  • Object
show all
Defined in:
lib/active_support/parameter_filter.rb

Overview

ParameterFilter allows you to specify keys for sensitive data from hash-like object and replace corresponding value. Filtering only certain sub-keys from a hash is possible by using the dot notation: 'credit_card.number'. If a proc is given, each key and value of a hash and all sub-hashes are passed to it, where the value or the key can be replaced using String#replace or similar methods.

ActiveSupport::ParameterFilter.new([:password])
=> replaces the value to all keys matching /password/i with "[FILTERED]"

ActiveSupport::ParameterFilter.new([:foo, "bar"])
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"

ActiveSupport::ParameterFilter.new([/\Apin\z/i, /\Apin_/i])
=> replaces the value for the exact (case-insensitive) key 'pin' and all
(case-insensitive) keys beginning with 'pin_', with "[FILTERED]".
Does not match keys with 'pin' as a substring, such as 'shipping_id'.

ActiveSupport::ParameterFilter.new(["credit_card.code"])
=> replaces { credit_card: {code: "xxxx"} } with "[FILTERED]", does not
change { file: { code: "xxxx"} }

ActiveSupport::ParameterFilter.new([-> (k, v) do
  v.reverse! if /secret/i.match?(k)
end])
=> reverses the value to all keys matching /secret/i

Defined Under Namespace

Classes: CompiledFilter

Constant Summary collapse

FILTERED =

:nodoc:

"[FILTERED]"

Instance Method Summary collapse

Constructor Details

#initialize(filters = [], mask: FILTERED) ⇒ ParameterFilter

Create instance with given filters. Supported type of filters are String, Regexp, and Proc. Other types of filters are treated as String using to_s. For Proc filters, key, value, and optional original hash is passed to block arguments.

Options

  • :mask - A replaced object when filtered. Defaults to "[FILTERED]".



42
43
44
45
# File 'lib/active_support/parameter_filter.rb', line 42

def initialize(filters = [], mask: FILTERED)
  @filters = filters
  @mask = mask
end

Instance Method Details

#filter(params) ⇒ Object

Mask value of params if key matches one of filters.



48
49
50
# File 'lib/active_support/parameter_filter.rb', line 48

def filter(params)
  compiled_filter.call(params)
end

#filter_param(key, value) ⇒ Object

Returns filtered value for given key. For Proc filters, third block argument is not populated.



53
54
55
# File 'lib/active_support/parameter_filter.rb', line 53

def filter_param(key, value)
  @filters.empty? ? value : compiled_filter.value_for_key(key, value)
end