app/models/concerns/redactable.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

# frozen_string_literal: true

# This module searches and redacts sensitive information in
# redactable fields. Currently only unsubscribe link is redacted.
# Add following lines into your model:
#
#     include Redactable
#     redact_field :foo
#
module Redactable
  extend ActiveSupport::Concern

  UNSUBSCRIBE_PATTERN = %r{/sent_notifications/\h{32}/unsubscribe}.freeze

  class_methods do
    def redact_field(field)
      before_validation do
        redact_field!(field) if attribute_changed?(field)
      end
    end
  end

  private

  def redact_field!(field)
    text = public_send(field) # rubocop:disable GitlabSecurity/PublicSend
    return unless text.present?

    redacted = text.gsub(UNSUBSCRIBE_PATTERN, '/sent_notifications/REDACTED/unsubscribe')

    public_send("#{field}=", redacted) # rubocop:disable GitlabSecurity/PublicSend
  end
end