Merge pull request #33756 from piecehealth/pr

Add `inspection_masks` to make values of sensitive database columns w…

1 files changed, 80 insertions, 0 deletions

diff --git a/activerecord/test/cases/filter_attributes_test.rb b/activerecord/test/cases/filter_attributes_test.rb
new file mode 100644
index 0000000000..f88cecfe2b
--- /dev/null
+++ b/activerecord/test/cases/filter_attributes_test.rb
@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+require "cases/helper"
+require "models/admin"
+require "models/admin/user"
+require "models/admin/account"
+require "pp"
+
+class FilterAttributesTest < ActiveRecord::TestCase
+  fixtures :"admin/users", :"admin/accounts"
+
+  setup do
+    ActiveRecord::Base.filter_attributes = [:name]
+  end
+
+  teardown do
+    ActiveRecord::Base.filter_attributes = []
+  end
+
+  test "filter_attributes" do
+    Admin::User.all.each do |user|
+      assert_includes user.inspect, "name: [FILTERED]"
+      assert_equal 1, user.inspect.scan("[FILTERED]").length
+    end
+
+    Admin::Account.all.each do |account|
+      assert_includes account.inspect, "name: [FILTERED]"
+      assert_equal 1, account.inspect.scan("[FILTERED]").length
+    end
+  end
+
+  test "filter_attributes could be overwritten by models" do
+    Admin::Account.all.each do |account|
+      assert_includes account.inspect, "name: [FILTERED]"
+      assert_equal 1, account.inspect.scan("[FILTERED]").length
+    end
+
+    Admin::Account.filter_attributes = []
+
+    # Above changes should not impact other models
+    Admin::User.all.each do |user|
+      assert_includes user.inspect, "name: [FILTERED]"
+      assert_equal 1, user.inspect.scan("[FILTERED]").length
+    end
+
+    Admin::Account.all.each do |account|
+      assert_not_includes account.inspect, "name: [FILTERED]"
+      assert_equal 0, account.inspect.scan("[FILTERED]").length
+    end
+
+    Admin::Account.filter_attributes = [:name]
+  end
+
+  test "filter_attributes should not filter nil value" do
+    account = Admin::Account.new
+
+    assert_includes account.inspect, "name: nil"
+    assert_not_includes account.inspect, "name: [FILTERED]"
+    assert_equal 0, account.inspect.scan("[FILTERED]").length
+  end
+
+  test "filter_attributes on pretty_print" do
+    user = admin_users(:david)
+    actual = "".dup
+    PP.pp(user, StringIO.new(actual))
+
+    assert_includes actual, "name: [FILTERED]"
+    assert_equal 1, actual.scan("[FILTERED]").length
+  end
+
+  test "filter_attributes on pretty_print should not filter nil value" do
+    user = Admin::User.new
+    actual = "".dup
+    PP.pp(user, StringIO.new(actual))
+
+    assert_includes actual, "name: nil"
+    assert_not_includes actual, "name: [FILTERED]"
+    assert_equal 0, actual.scan("[FILTERED]").length
+  end
+end