-
Notifications
You must be signed in to change notification settings - Fork 680
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New configurable settings: encryption for audited_changes & filtering encrypted attrs #694
base: main
Are you sure you want to change the base?
New configurable settings: encryption for audited_changes & filtering encrypted attrs #694
Conversation
@danielmorrison please review and let me if the proposed config in the PR is good, also I wonder why some of the specs are failing 🤔 |
Audited.filter_encrypted_attributes = false | ||
``` | ||
|
||
If you want to encrypt the changes that are audited, you can simply add this line to your config |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe another header here to show that these are separate features?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, because we use encrypts
, this config is also available only from Rails 7 ... so I grouped it under the same header
should I add a sub-header?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking good to me. Test errors are something strange with coverage? Doesn't make sense offhand.
I had the same errors with for this it just runs fine
|
@danielmorrison if this PR looks good, please merge? |
Audited automatically replaces entries in the `audited_changes` field on audits with `[FILTERED]` for attributes that are encrypted. This is designed to prevent leaking of sensitive information in `audited_changes` which is an unencrypted field. The downside to this is that the `audited_changes` field now provides less information about what the audit actually changed. To solve this, collectiveidea/audited#694 adds additional configuration attributes: - `Audited.filter_encrypted_attributes = false` disables the automatic replacement with `[FILTERED]` - `Audited.encrypt_audited_changes = true` encrypts the actual entire `audited_changes` field, ensuring that sensitive information isn't leaked See: - collectiveidea/audited#690 - collectiveidea/audited#694
@@ -55,6 +55,10 @@ class Audit < ::ActiveRecord::Base | |||
serialize :audited_changes, YAMLIfTextColumnType | |||
end | |||
|
|||
if Rails.gem_version >= Gem::Version.new("7.0") && Audited.encrypt_audited_changes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This doesn't seem to work as expected, it appears that this is evaluated before the Audited.encrypt_audited_changes = true
in the initializer runs so it evaluates to false initially and is never re-evaluated. The encrypts
call below never runs as a result.
Audited automatically replaces entries in the `audited_changes` field on audits with `[FILTERED]` for attributes that are encrypted. This is designed to prevent leaking of sensitive information in `audited_changes` which is an unencrypted field. The downside to this is that the `audited_changes` field now provides less information about what the audit actually changed. To solve this, collectiveidea/audited#694 adds additional configuration attributes: - `Audited.filter_encrypted_attributes = false` disables the automatic replacement with `[FILTERED]` - `Audited.encrypt_audited_changes = true` encrypts the actual entire `audited_changes` field, ensuring that sensitive information isn't leaked See: - collectiveidea/audited#690 - collectiveidea/audited#694
Audited automatically replaces entries in the `audited_changes` field on audits with `[FILTERED]` for attributes that are encrypted. This is designed to prevent leaking of sensitive information in `audited_changes` which is an unencrypted field. The downside to this is that the `audited_changes` field now provides less information about what the audit actually changed. To solve this, collectiveidea/audited#694 adds additional configuration attributes: - `Audited.filter_encrypted_attributes = false` disables the automatic replacement with `[FILTERED]` - `Audited.encrypt_audited_changes = true` encrypts the actual entire `audited_changes` field, ensuring that sensitive information isn't leaked See: - collectiveidea/audited#690 - collectiveidea/audited#694
Audited automatically replaces entries in the `audited_changes` field on audits with `[FILTERED]` for attributes that are encrypted. This is designed to prevent leaking of sensitive information in `audited_changes` which is an unencrypted field. The downside to this is that the `audited_changes` field now provides less information about what the audit actually changed. To solve this, collectiveidea/audited#694 adds additional configuration attributes: - `Audited.filter_encrypted_attributes = false` disables the automatic replacement with `[FILTERED]` - `Audited.encrypt_audited_changes = true` encrypts the actual entire `audited_changes` field, ensuring that sensitive information isn't leaked See: - collectiveidea/audited#690 - collectiveidea/audited#694
How are you doing with PR? |
@@ -55,6 +55,10 @@ class Audit < ::ActiveRecord::Base | |||
serialize :audited_changes, YAMLIfTextColumnType | |||
end | |||
|
|||
if Rails.gem_version >= Gem::Version.new("7.0") && Audited.encrypt_audited_changes | |||
encrypts :audited_changes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it necessary to take into account the deterministic encryption?
Closes #690
encrypt_audited_changes
default tofalse
filter_encrypted_attributes
default totrue