Module: Mongoid::Errors::ConfigRedactor
| Relationships & Source Files | |
| Defined in: | lib/mongoid/errors/config_redactor.rb |
Overview
Redacts credentials from a client configuration hash before it is interpolated into an exception message.
Constant Summary
-
REDACTED =
# File 'lib/mongoid/errors/config_redactor.rb', line 10'[REDACTED]' -
SENSITIVE_KEYS =
# File 'lib/mongoid/errors/config_redactor.rb', line 13
Top-level keys whose values should be replaced wholesale.
%w[password auto_encryption_options].freeze
-
URI_USERINFO =
# File 'lib/mongoid/errors/config_redactor.rb', line 16
Match the userinfo portion of a MongoDB connection string.
%r{\A(mongodb(?:\+srv)?://)[^@/]+@}.freeze
Instance Method Summary
-
#redact(config)
Return a copy of the given config hash with sensitive values redacted.
- #redact_value(key, value)
Instance Method Details
#redact(config)
Return a copy of the given config hash with sensitive values redacted.
Recurses into nested hashes so that, e.g., :options => { <code>:auto_encryption_options</code> => ... } is also covered. Non-hash inputs
are returned unchanged.
# File 'lib/mongoid/errors/config_redactor.rb', line 22
def redact(config) return config unless config.is_a?(Hash) config.each_with_object({}) do |(key, value), result| result[key] = redact_value(key, value) end end
#redact_value(key, value)
[ GitHub ]# File 'lib/mongoid/errors/config_redactor.rb', line 30
def redact_value(key, value) if SENSITIVE_KEYS.include?(key.to_s) REDACTED elsif key.to_s == 'uri' && value.is_a?(String) value.sub(URI_USERINFO, "\\1#{REDACTED}@") elsif value.is_a?(Hash) redact(value) else value end end