fix(pii): Mark sentry_user field as PII

getsentry · Aug 26, 2024 · 9553289 · 9553289
1 parent 6f94662
commit 9553289
Show file tree

Hide file tree

Showing 3 changed files with 140 additions and 1 deletion.
diff --git a/relay-event-schema/src/protocol/user.rs b/relay-event-schema/src/protocol/user.rs
@@ -81,7 +81,7 @@ pub struct User {
  /// This field is computed by concatenating the name of specific fields of the `User`
  /// struct with their value. For example, if `id` is set, `sentry_user` will be equal to
  /// `"id:id-of-the-user".
- #[metastructure(skip_serialization = "empty")]
+ #[metastructure(pii = "true", skip_serialization = "empty")]
  pub sentry_user: Annotated<String>,
 
  /// Additional arbitrary fields, as stored in the database (and sometimes as sent by clients).

diff --git a/relay-pii/src/processor.rs b/relay-pii/src/processor.rs
@@ -622,6 +622,33 @@ mod tests {
  assert_debug_snapshot!(&data);
  }
 
+ #[test]
+ fn test_sentry_user() {
+ let mut data = Event::from_value(
+ json!({
+ "user": {
+ "ip_address": "73.133.27.120",
+ "sentry_user": "ip:73.133.27.120",
+ },
+ })
+ .into(),
+ );
+
+ let scrubbing_config = DataScrubbingConfig {
+ scrub_data: true,
+ scrub_ip_addresses: true,
+ scrub_defaults: true,
+ ..Default::default()
+ };
+
+ let pii_config = to_pii_config(&scrubbing_config).unwrap();
+ let mut pii_processor = PiiProcessor::new(pii_config.compiled());
+
+ process_value(&mut data, &mut pii_processor, ProcessingState::root()).unwrap();
+
+ assert_debug_snapshot!(&data);
+ }
+
  #[test]
  fn test_basic_stripping() {
  let config = serde_json::from_str::<PiiConfig>(

diff --git a/relay-pii/src/snapshots/relay_pii__processor__tests__sentry_user.snap b/relay-pii/src/snapshots/relay_pii__processor__tests__sentry_user.snap
@@ -0,0 +1,112 @@
+---
+source: relay-pii/src/processor.rs
+expression: "&data"
+---
+Event {
+ id: ~,
+ level: ~,
+ version: ~,
+ ty: ~,
+ fingerprint: ~,
+ culprit: ~,
+ transaction: ~,
+ transaction_info: ~,
+ time_spent: ~,
+ logentry: ~,
+ logger: ~,
+ modules: ~,
+ platform: ~,
+ timestamp: ~,
+ start_timestamp: ~,
+ received: ~,
+ server_name: ~,
+ release: ~,
+ dist: ~,
+ environment: ~,
+ site: ~,
+ user: User {
+ id: ~,
+ email: ~,
+ ip_address: Meta {
+ remarks: [
+ Remark {
+ ty: Substituted,
+ rule_id: "@ip:replace",
+ range: Some(
+ (
+ 0,
+ 4,
+ ),
+ ),
+ },
+ Remark {
+ ty: Removed,
+ rule_id: "@anything:remove",
+ range: None,
+ },
+ ],
+ errors: [],
+ original_length: Some(
+ 13,
+ ),
+ original_value: None,
+ },
+ username: ~,
+ name: ~,
+ geo: ~,
+ segment: ~,
+ sentry_user: Annotated(
+ "ip:[ip]",
+ Meta {
+ remarks: [
+ Remark {
+ ty: Substituted,
+ rule_id: "@ip:replace",
+ range: Some(
+ (
+ 3,
+ 7,
+ ),
+ ),
+ },
+ ],
+ errors: [],
+ original_length: Some(
+ 16,
+ ),
+ original_value: None,
+ },
+ ),
+ data: ~,
+ other: {},
+ },
+ request: ~,
+ contexts: ~,
+ breadcrumbs: ~,
+ exceptions: ~,
+ stacktrace: ~,
+ template: ~,
+ threads: ~,
+ tags: ~,
+ extra: ~,
+ debug_meta: ~,
+ client_sdk: ~,
+ ingest_path: ~,
+ errors: ~,
+ key_id: ~,
+ project: ~,
+ grouping_config: ~,
+ checksum: ~,
+ csp: ~,
+ hpkp: ~,
+ expectct: ~,
+ expectstaple: ~,
+ spans: ~,
+ measurements: ~,
+ breakdowns: ~,
+ scraping_attempts: ~,
+ _metrics: ~,
+ _metrics_summary: ~,
+ _dsc: ~,
+ other: {},
+}