diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2006-04-07 22:26:25 +0000 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2006-04-07 22:26:25 +0000 |
| commit | 47b74e6e160b6fcbd47caeed6c98ae995e180a80 (patch) | |
| tree | 9336a17b9f4f6517140c4c57d049e655de111391 /actionpack/test/controller | |
| parent | bbbe4247a58a1354d1661f67a1b4d99ad1a96f61 (diff) | |
| download | rails-47b74e6e160b6fcbd47caeed6c98ae995e180a80.tar.gz rails-47b74e6e160b6fcbd47caeed6c98ae995e180a80.tar.bz2 rails-47b74e6e160b6fcbd47caeed6c98ae995e180a80.zip | |
Added ActionController.filter_parameter_logging that makes it easy to remove passwords, credit card numbers, and other sensitive information from being logged when a request is handled #1897 [jeremye@bsa.ca.gov]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@4200 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/test/controller')
| -rw-r--r-- | actionpack/test/controller/filter_params_test.rb | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/actionpack/test/controller/filter_params_test.rb b/actionpack/test/controller/filter_params_test.rb new file mode 100644 index 0000000000..5ad0d7f81d --- /dev/null +++ b/actionpack/test/controller/filter_params_test.rb @@ -0,0 +1,42 @@ +require File.dirname(__FILE__) + '/../abstract_unit' + +class FilterParamController < ActionController::Base +end + +class FilterParamTest < Test::Unit::TestCase + def setup + @controller = FilterParamController.new + end + + def test_filter_parameters + assert FilterParamController.respond_to?(:filter_parameter_logging) + assert !@controller.respond_to?(:filter_parameters) + + FilterParamController.filter_parameter_logging + assert @controller.respond_to?(:filter_parameters) + + test_hashes = [[{},{},[]], + [{'foo'=>'bar'},{'foo'=>'bar'},[]], + [{'foo'=>'bar'},{'foo'=>'bar'},%w'food'], + [{'foo'=>'bar'},{'foo'=>'[FILTERED]'},%w'foo'], + [{'foo'=>'bar', 'bar'=>'foo'},{'foo'=>'[FILTERED]', 'bar'=>'foo'},%w'foo baz'], + [{'foo'=>'bar', 'baz'=>'foo'},{'foo'=>'[FILTERED]', 'baz'=>'[FILTERED]'},%w'foo baz'], + [{'bar'=>{'foo'=>'bar','bar'=>'foo'}},{'bar'=>{'foo'=>'[FILTERED]','bar'=>'foo'}},%w'fo'], + [{'foo'=>{'foo'=>'bar','bar'=>'foo'}},{'foo'=>'[FILTERED]'},%w'f banana']] + + test_hashes.each do |before_filter, after_filter, filter_words| + FilterParamController.filter_parameter_logging(*filter_words) + assert_equal after_filter, @controller.filter_parameters(before_filter) + + filter_words.push('blah') + FilterParamController.filter_parameter_logging(*filter_words) do |key, value| + value.reverse! if key =~ /bargain/ + end + + before_filter['barg'] = {'bargain'=>'gain', 'blah'=>'bar', 'bar'=>{'bargain'=>{'blah'=>'foo'}}} + after_filter['barg'] = {'bargain'=>'niag', 'blah'=>'[FILTERED]', 'bar'=>{'bargain'=>{'blah'=>'[FILTERED]'}}} + + assert_equal after_filter, @controller.filter_parameters(before_filter) + end + end +end |