class ActiveSupport::ParameterFilter

Parent:
Object

ParameterFilter allows you to specify keys for sensitive data from hash-like object and replace corresponding value. Filtering only certain sub-keys from a hash is possible by using the dot notation: 'credit_card.number'. If a proc is given, each key and value of a hash and all sub-hashes are passed to it, where the value or the key can be replaced using String#replace or similar methods.

ActiveSupport::ParameterFilter.new([:password])
=> replaces the value to all keys matching /password/i with "[FILTERED]"

ActiveSupport::ParameterFilter.new([:foo, "bar"])
=> replaces the value to all keys matching /foo|bar/i with "[FILTERED]"

ActiveSupport::ParameterFilter.new(["credit_card.code"])
=> replaces { credit_card: {code: "xxxx"} } with "[FILTERED]", does not
change { file: { code: "xxxx"} }

ActiveSupport::ParameterFilter.new([-> (k, v) do
  v.reverse! if k =~ /secret/i
end])
=> reverses the value to all keys matching /secret/i

Public Class Methods

new(filters = [], mask: FILTERED) Show source
# File activesupport/lib/active_support/parameter_filter.rb, line 38
def initialize(filters = [], mask: FILTERED)
  @filters = filters
  @mask = mask
end

Create instance with given filters. Supported type of filters are String, Regexp, and Proc. Other types of filters are treated as String using to_s. For Proc filters, key, value, and optional original hash is passed to block arguments.

Options

  • :mask - A replaced object when filtered. Defaults to +“[FILTERED]”+

Public Instance Methods

filter(params) Show source
# File activesupport/lib/active_support/parameter_filter.rb, line 44
def filter(params)
  compiled_filter.call(params)
end

Mask value of params if key matches one of filters.

filter_param(key, value) Show source
# File activesupport/lib/active_support/parameter_filter.rb, line 49
def filter_param(key, value)
  @filters.empty? ? value : compiled_filter.value_for_key(key, value)
end

Returns filtered value for given key. For Proc filters, third block argument is not populated.

© 2004–2019 David Heinemeier Hansson
Licensed under the MIT License.