blob: 53ae300ee2d6bab5e8439dd5b8e2e2f369046c78 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
# frozen_string_literal: true
# This module searches and redacts sensitive information in
# redactable fields. Currently only unsubscribe link is redacted.
# Add following lines into your model:
#
# include Redactable
# redact_field :foo
#
module Redactable
extend ActiveSupport::Concern
UNSUBSCRIBE_PATTERN = %r{/sent_notifications/\h{32}/unsubscribe}.freeze
class_methods do
def redact_field(field)
before_validation do
redact_field!(field) if attribute_changed?(field)
end
end
end
private
def redact_field!(field)
text = public_send(field) # rubocop:disable GitlabSecurity/PublicSend
return unless text.present?
redacted = text.gsub(UNSUBSCRIBE_PATTERN, '/sent_notifications/REDACTED/unsubscribe')
public_send("#{field}=", redacted) # rubocop:disable GitlabSecurity/PublicSend
end
end
|