From 7bbff6606385fbebbe23560a769fe4653af90e51 Mon Sep 17 00:00:00 2001 From: Andrew Duthie Date: Fri, 3 Nov 2023 17:33:23 -0400 Subject: [PATCH 1/3] Avoid appending info for ignored Lograge actions changelog: Internal, Logging, Avoid logging request detail for session active routes --- app/controllers/application_controller.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 69573ae365e..1964a679887 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -42,6 +42,10 @@ def session_expires_at # for lograge def append_info_to_payload(payload) + return if Lograge.lograge_config.ignore_actions.include?( + "#{Lograge.controller_field(payload)}##{payload[:action]}", + ) + payload[:user_id] = analytics_user.uuid unless @skip_session_load payload[:git_sha] = IdentityConfig::GIT_SHA From 034f8081b728e122c75dd566a85febf7ca63a600 Mon Sep 17 00:00:00 2001 From: Andrew Duthie Date: Mon, 6 Nov 2023 09:22:31 -0500 Subject: [PATCH 2/3] Skip shortcut if ignore_actions not configured --- app/controllers/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1964a679887..a22eddd567c 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -42,7 +42,7 @@ def session_expires_at # for lograge def append_info_to_payload(payload) - return if Lograge.lograge_config.ignore_actions.include?( + return if Lograge.lograge_config.ignore_actions&.include?( "#{Lograge.controller_field(payload)}##{payload[:action]}", ) From b0ad17f89d56a8e9dcc42b303ffc2136a6ede3b0 Mon Sep 17 00:00:00 2001 From: Andrew Duthie Date: Mon, 6 Nov 2023 09:22:39 -0500 Subject: [PATCH 3/3] Add specs for Lograge ignore logic --- .../application_controller_spec.rb | 61 ++++++++++++++++--- 1 file changed, 52 insertions(+), 9 deletions(-) diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index 2b764af6330..4ea74a63f1d 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -167,27 +167,70 @@ def index end describe '#append_info_to_payload' do - let(:payload) { {} } + let(:payload_controller) { 'Users::SessionsController' } + let(:action) { 'new' } + let(:payload) { { controller: payload_controller, action: } } let(:user) { create(:user) } + let(:git_sha) { 'example_sha' } + let(:git_branch) { 'example_branch' } before do allow(controller).to receive(:analytics_user).and_return(user) + stub_const('IdentityConfig::GIT_SHA', git_sha) + stub_const('IdentityConfig::GIT_BRANCH', git_branch) end it 'adds user_uuid and git metadata to the lograge output' do - stub_const( - 'IdentityConfig::GIT_BRANCH', - 'my branch', - ) - controller.append_info_to_payload(payload) expect(payload).to eq( - user_id: user.uuid, - git_sha: IdentityConfig::GIT_SHA, - git_branch: IdentityConfig::GIT_BRANCH, + controller: payload_controller, action:, user_id: user.uuid, git_sha:, git_branch:, ) end + + describe 'lograge ignored actions' do + let(:ignore_actions) {} + + before do + allow(Lograge.lograge_config).to receive(:ignore_actions).and_return(ignore_actions) + end + + context 'without configured ignored actions' do + let(:ignore_actions) { nil } + + it 'adds metadata to the lograge output' do + controller.append_info_to_payload(payload) + + expect(payload).to eq( + controller: payload_controller, action:, user_id: user.uuid, git_sha:, git_branch:, + ) + end + end + + context 'with configured ignored actions' do + let(:ignore_actions) { ['Users::SessionsController#update'] } + + context 'for a payload that should not be ignored' do + it 'adds metadata to the lograge output' do + controller.append_info_to_payload(payload) + + expect(payload).to eq( + controller: payload_controller, action:, user_id: user.uuid, git_sha:, git_branch:, + ) + end + end + + context 'with a payload that should be ignored' do + let(:action) { 'update' } + + it 'does not add metadata to the lograge output' do + controller.append_info_to_payload(payload) + + expect(payload).to eq(controller: payload_controller, action:) + end + end + end + end end describe '#confirm_two_factor_authenticated' do