-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
filters/keys_filter: add support for filtering using procs #108
Conversation
Was there a feature request? I think this should not go in. Loading keys from database is not typical at all and if user really wants this he can write such filter himself. |
To whom it may concern: as @vmihailenco points out, you could use the class MyFilter
def call(notice)
notice[:params] = FilteredParameters.filter(notice[:params])
end
end
Airbrake.add_filter(MyFilter.new) We decided not to introduce this feature, but if anybody reading this wants to revive this discussion, feel free to ping me. You're more than welcome 👍 |
You can achieve this with some refactoring and inheritance, e.g.
That assumes that |
I'm little late to the party here. @kyrylo introduced this for me (customer). So here's my two cents on the subject. Airbrake should integrate with Rails features. To me, that should mean Airbrake automatically filtering the same params as Rails does for it's params. Managing a separate blacklist and whitelist isn't as ideal as you always have to remember to update those list too. Ideally, Airbrake should cover the same functionality as Rails's filter_parameters and support lambda so I could just plug on into the other:
In my case, my list is dynamic. That requires requires the application to be loaded before I can set these value. The If I compare Airbrake and New Relic. Both are external resources which handles potentials filtered params. I didn't have to do anything for New Relics to filter my params. From one of their discussion board:
How about replacing the Airbrake's
Thanks for your time on this. I know |
I like this idea. We should keep in mind that this gem is Rails-free, though. So here we try to establish an API for https://github.com/airbrake/airbrake, which would configure this. We also don't want Rails to affect our naming choices here, since this gem must support any Ruby program, too.
Does the proposed solution work for you, at least (technically)? I restored the branch, could you please give it a try? Just try to add a proc filter (instead of your current solution) to test. If this works good, then we could continue discussing next steps.
Thanks for the tip. I'll take a look at how it works. I definitely agree that we can improve this and integrate better with Rails. We just need a solid ground in this gem, first. |
Thanks! I'll test it today. Since Rails is the most use framework, some gem automatically gets their configuration automatically out of Rails. But still offer a way to overwrite them in their own config. What way, people using Sinatra or others aren't not left out. Or you could have this line commented in your default config file:
So people using Rails can just uncomment it. |
Hi @kyrylo My config only has:
And both the params and the query script was [Filtered]. The syntax is a little strange looking with a lambda in an array. But I prefer this than using the add_filter. Thanks |
Can I keep using this or should I revert my code? |
I need more time to think this through. At the moment this API is not fully compatible with |
Rails doesn't force you to use
I believe they use |
I understand, and as of now this API should already be working (although I haven't tested), thus...
...should just work. But I was talking about the lambda API. Rails' API wants lambdas to yield a key and a value, while our API doesn't need this. There's a chance that @dquimper could you please verify this by using your app and this branch (so basically, just try to configure your initializer like you described). |
I tried with:
And it doesn't work. None of the params are filtered or is the query string. |
Crashes with:
|
@dquimper my guess is this didn't work because the Airbrake initializer was run before the |
I retried:
I added a require at the top to make sure filter_parameter_logging is loaded first.
I also tried:
Without the lambda. It doesn't work as I have to wait until the full Rails is loaded before I can read |
@dquimper could you show me how you configure your filter_parameter filters (originally)? I need to recreate your setup, so I can figure out how to debug this. |
I use this initializer:
|
Thanks for the config. It seems like there's a way to make it work. Try to replace # config/initializers/1_filter_parameter_logging.rb
Rails.application.config.filter_parameters << proc do |k,v| # <------------ PROC
Rails.application.eager_load!
if FilteredParameters.model_sensitive_attributes.include?(k.to_s)
v.sub!(/.*/,"[Filtered]")
end
FilteredParameters.model_sensitive_attributes # <----------- NEW
end Could please confirm that the above code works for you? |
The code above works for me, so I still think this PR adds enough support for the feature you wish to use. There will be a few restrictions, though. First of all, you must use c.blacklist_keys = Rails.application.config.filter_parameters |
I am going to release a new version of the gem today, but unfortunately I cannot include this patch into the release because I need your assistance here. So far nobody else has requested this feature, so if you could continue helping, we might be able to make this production ready. Cheers! |
Please ping me if you are still interested in this. I'm sure we'll find a solution. |
It doesn't work, the values are not filtered. The syntax here is strange here. We're doing two things in the same proc: I prefer the previous syntax where we set |
f184778
to
36a6a51
Compare
I'm not quite sure what's strange here. It's definitely not:
...but it's my best suggestion so far. Unfortunately, it won't be possible to implement the "canonical" version due to the differences between our and Rails' procs, which I outlined in earlier posts. I am pretty sure that this example should work just fine. Just to be on the same page, I'm sharing this repository to prove my point: https://github.com/kyrylo/airbrake-ruby-issue108 It uses this branch and it is configured to filter out some Environment values (HTTP method and headers). Please clone it and configure your own Airbrake ID & Key, so you could see it being filtered. I think the repository replicates your setup. If not, let me know what is different for you. |
The strange syntax is here:
Because we method has two purpose. Maybe I'm been too "by the book" over this, but it feels wrong because the This should work fine.
I tried:
I don't know why, but the proc doesn't seem to do anything. The params aren't filtered. I currently have:
And it works fine. Let's leave it at this. |
Its going to take me a while to find the time to test your repo. I'll let you know when I do. |
It's not really that strange if you take a closer look. It's exactly the same filter, with just 1 line added.
Sure, whichever way works for you. I haven't made any additional changes ever since I introduced this PR. It's all the same code and it's up to you if you want to use additional procs or return procs from Rails' param filters. Either way is supported in this PR (it's essentially the same thing).
This is fine, you can ping me whenever you have the time. It's really important for me to know why the keys are not filtered with your setup. So, I hope this test repo will help us to get closer to your production setup. |
I tried your branch. It works on it. I removed the 1_ and 2_ from the file names and replaced them with a require at the top of airbrake.rb. That had the same effect (loading order is the same) and it works too. I did the same changes to my code and it also works. I think you can merge this. |
bc10d08
to
0f3bfd0
Compare
I slightly amended the docs, so they are less specific (not mention the contrived DB example). I am not particularly happy about the code and how it integrates, but it's not extremely terrible. This is why I think this should go in, though:
|
Fixes "Metrics/AbcSize: Assignment Branch Condition size for initialize is too high" https://circleci.com/gh/airbrake/airbrake-ruby/503
0f3bfd0
to
67c57c0
Compare
No description provided.