Whitelisting of matches

CHANGELOG.md

@@ -5,4 +5,5 @@ This changelog adheres to [Keep a CHANGELOG](http://keepachangelog.com/).
 
 ## [Unreleased]
 ### Added
+- Whitelisting of matches
 - Initial release

README.md

@@ -42,7 +42,8 @@ SensitiveDataFilter.config do |config|
   config.enable_types :credit_card # Already defaults to :credit_card if not specified
   config.on_occurrence do |occurrence| 
     # Report occurrence
-  end 
+  end
+  config.whitelist pattern1, pattern2 # Allows specifying patterns to whitelist matches
 end
 ```
 

lib/sensitive_data_filter/config.rb

@@ -16,6 +16,10 @@ def self.handle_occurrence(occurrence)
     handler.call(occurrence) if handler
   end
 
+  def self.whitelisted?(value)
+    config.whitelist_patterns.any? { |pattern| value.match pattern }
+  end
+
   class Config
     DEFAULT_TYPES = %i(credit_card).freeze
 
@@ -32,5 +36,13 @@ def enabled_types
     def on_occurrence(&block)
       @occurrence_handler = block
     end
+
+    def whitelist(*patterns)
+      @whitelist_patterns = patterns
+    end
+
+    def whitelist_patterns
+      @whitelist_patterns ||= []
+    end
   end
 end

lib/sensitive_data_filter/scan.rb

@@ -9,12 +9,18 @@ def initialize(value)
 
     def matches
       @matches ||= SensitiveDataFilter.enabled_types.map.with_object({}) { |scanner, matches|
-        matches[scanner.name.split('::').last] = scanner.scan @value
+        matches[scanner.name.split('::').last] = whitelist scanner.scan(@value)
       }
     end
 
     def matches?
       matches.values.any?(&:present?)
     end
+
+    private
+
+    def whitelist(matches)
+      matches.reject { |match| SensitiveDataFilter.whitelisted? match }
+    end
   end
 end

spec/sensitive_data/config_spec.rb

@@ -51,4 +51,20 @@
       specify { expect(handler).to have_received(:handle).with occurrence }
     end
   end
+
+  describe '#whitelisted?' do
+    context 'when a whitelist is configured' do
+      before do
+        SensitiveDataFilter.config do |config|
+          config.whitelist 'is allowed', 'is acceptable'
+        end
+      end
+
+      let(:allowed_value) { 'this is allowed' }
+      let(:non_allowed_value) { 'this is not allowed' }
+
+      specify { expect(SensitiveDataFilter.whitelisted?(allowed_value)).to be true }
+      specify { expect(SensitiveDataFilter.whitelisted?(non_allowed_value)).to be false }
+    end
+  end
 end

spec/sensitive_data/scan_spec.rb

@@ -6,12 +6,14 @@
 
 describe SensitiveDataFilter::Scan do
   let(:enabled_types) { [SensitiveDataFilter::Types::CreditCard] }
+  let(:whitelisted?)  { false }
 
   let(:credit_card_scanner) { double name: 'CreditCard', scan: matches }
 
   before do
     stub_const 'SensitiveDataFilter::Types::CreditCard', credit_card_scanner
     allow(SensitiveDataFilter).to receive(:enabled_types).and_return enabled_types
+    allow(SensitiveDataFilter).to receive(:whitelisted?).and_return whitelisted?
   end
 
   let(:scan) { SensitiveDataFilter::Scan.new(value) }
@@ -27,6 +29,12 @@
       specify { expect(scan.matches?).to be false }
       specify { expect(scan.matches).to be_empty }
     end
+
+    context 'when the matches are whitelisted' do
+      let(:whitelisted?) { true }
+      specify { expect(scan.matches?).to be false }
+      specify { expect(scan.matches).to eq 'CreditCard' => [] }
+    end
   end
 
   context 'when there are no matches' do