Class: StandardAudit::Configuration

Inherits:
Object
  • Object
show all
Defined in:
lib/standard_audit/configuration.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeConfiguration

Returns a new instance of Configuration.



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/standard_audit/configuration.rb', line 11

def initialize
  @subscriptions = []
  @async = false
  @queue_name = :default
  @enabled = true

  @actor_extractor = ->(payload) { payload[:actor] }
  @target_extractor = ->(payload) { payload[:target] }
  @scope_extractor = ->(payload) { payload[:scope] }

  @current_actor_resolver = -> {
    defined?(Current) && Current.respond_to?(:user) ? Current.user : nil
  }
  @current_request_id_resolver = -> {
    defined?(Current) && Current.respond_to?(:request_id) ? Current.request_id : nil
  }
  @current_ip_address_resolver = -> {
    defined?(Current) && Current.respond_to?(:ip_address) ? Current.ip_address : nil
  }
  @current_user_agent_resolver = -> {
    defined?(Current) && Current.respond_to?(:user_agent) ? Current.user_agent : nil
  }
  @current_session_id_resolver = -> {
    defined?(Current) && Current.respond_to?(:session_id) ? Current.session_id : nil
  }

  # Note: :authorization filters the HTTP Authorization header value.
  # If you use "authorization" as a metadata key for policy decisions,
  # rename it (e.g. :authorization_policy) to avoid accidental filtering.
  @sensitive_keys = %i[
    password password_confirmation token secret
    api_key access_token refresh_token
    private_key certificate_chain
    ssn credit_card authorization
  ]
  @metadata_builder = nil
  @anonymizable_metadata_keys = %i[email name ip_address]

  # Retention defaults from ENV so it can be set per-environment without a
  # code change. Unset/blank/non-positive => nil (infinite retention, the
  # compliance-safe default that never auto-deletes). A host app can still
  # override with `config.retention_days = N` in its initializer.
  @retention_days = self.class.retention_days_from_env
end

Instance Attribute Details

#actor_extractorObject

Returns the value of attribute actor_extractor.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def actor_extractor
  @actor_extractor
end

#anonymizable_metadata_keysObject

Returns the value of attribute anonymizable_metadata_keys.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def anonymizable_metadata_keys
  @anonymizable_metadata_keys
end

#asyncObject

Returns the value of attribute async.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def async
  @async
end

#current_actor_resolverObject

Returns the value of attribute current_actor_resolver.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def current_actor_resolver
  @current_actor_resolver
end

#current_ip_address_resolverObject

Returns the value of attribute current_ip_address_resolver.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def current_ip_address_resolver
  @current_ip_address_resolver
end

#current_request_id_resolverObject

Returns the value of attribute current_request_id_resolver.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def current_request_id_resolver
  @current_request_id_resolver
end

#current_session_id_resolverObject

Returns the value of attribute current_session_id_resolver.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def current_session_id_resolver
  @current_session_id_resolver
end

#current_user_agent_resolverObject

Returns the value of attribute current_user_agent_resolver.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def current_user_agent_resolver
  @current_user_agent_resolver
end

#enabledObject

Returns the value of attribute enabled.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def enabled
  @enabled
end

#metadata_builderObject

Returns the value of attribute metadata_builder.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def metadata_builder
  @metadata_builder
end

#queue_nameObject

Returns the value of attribute queue_name.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def queue_name
  @queue_name
end

#retention_daysObject

Returns the value of attribute retention_days.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def retention_days
  @retention_days
end

#scope_extractorObject

Returns the value of attribute scope_extractor.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def scope_extractor
  @scope_extractor
end

#sensitive_keysObject

Returns the value of attribute sensitive_keys.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def sensitive_keys
  @sensitive_keys
end

#target_extractorObject

Returns the value of attribute target_extractor.



3
4
5
 
# File 'lib/standard_audit/configuration.rb', line 3

def target_extractor
  @target_extractor
end

Class Method Details

.retention_days_from_envObject

Parses STANDARD_AUDIT_RETENTION_DAYS into a positive Integer, or nil when unset/blank/zero/negative/non-numeric (=> infinite retention).



58
59
60
61
62
63
64
 
# File 'lib/standard_audit/configuration.rb', line 58

def self.retention_days_from_env
  raw = ENV["STANDARD_AUDIT_RETENTION_DAYS"]
  return nil if raw.nil? || raw.strip.empty?

  days = Integer(raw, exception: false)
  days&.positive? ? days : nil
end

Instance Method Details

#subscribe_to(pattern) ⇒ Object 



66
67
68
 
# File 'lib/standard_audit/configuration.rb', line 66

def subscribe_to(pattern)
  @subscriptions << pattern
end

#subscriptionsObject 



70
71
72
 
# File 'lib/standard_audit/configuration.rb', line 70

def subscriptions
  @subscriptions.dup.freeze
end