Skip to content

Commit

Permalink
chore: Update tests and docs for sql limit message
Browse files Browse the repository at this point in the history
  • Loading branch information
kaylareopelle committed Sep 6, 2024
1 parent 6a13777 commit e649508
Show file tree
Hide file tree
Showing 6 changed files with 11 additions and 61 deletions.
2 changes: 1 addition & 1 deletion helpers/sql-obfuscation/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ end

Make sure the `Instrumentation` class for your gem contains configuration options for:

- `:obfuscation_limit`: the length at which the obfuscated SQL string will be truncated.
- `:obfuscation_limit`: the length at which the SQL string will not be obfuscated
Example: `option :obfuscation_limit, default: 2000, validate: :integer`

If you want to add support for a new adapter, update the following constants to include keys for your adapter:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -94,15 +94,15 @@ def generate_regex(dialect)
# This is a SQL obfuscation utility intended for use in database adapter instrumentation.
#
# @param sql [String] The SQL to obfuscate.
# @param obfuscation_limit [optional Integer] The maximum length of an obfuscated sql statement.
# @param obfuscation_limit [optional Integer] the length at which the SQL string will not be obfuscated
# @param adapter [optional Symbol] the type of database adapter calling the method. `:default`, `:mysql` and `:postgres` are supported.
# @return [String] The SQL query string where the values are replaced with "?". When the sql statement exceeds the obufscation limit
# the first matched pair from the SQL statement will be returned, with an appended truncation message. If trunaction is unsuccessful,
# a string describing the error will be returned.
#
# @api public
def obfuscate_sql(sql, obfuscation_limit: 2000, adapter: :default)
return "SQL truncated (> #{obfuscation_limit} characters)" if sql.size > obfuscation_limit
return "SQL not obfuscated, query exceeds #{obfuscation_limit} characters" if sql.size > obfuscation_limit

regex = case adapter
when :mysql
Expand Down
21 changes: 2 additions & 19 deletions helpers/sql-obfuscation/test/helpers/sql_obfuscation_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -18,26 +18,9 @@ def test_named_arg_defaults_obfuscates
assert_equal(expected, result)
end

def test_obfuscation_limit_returns_truncation_message
def test_obfuscation_returns_message_when_limit_is_reached
sql = "SELECT * from users where users.id = 1 and users.email = 'test@test.com'"
expected = "SQL truncated (> 42 characters)"
result = OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: 42)

assert_equal(expected, result)
end

def test_obfuscation_limit_returns_truncation_message_when_query_has_prepended_comment
comment = '/*service.name:foo,deployment.environtment:production,tracecontext:00-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-00,rails.route:examples/bars#index,host.name:baz-abc123.example.com*/'
sql = "#{comment} SELECT user.id FROM users where user.login = 'secretUserNameThatShouldBeObfuscated'"
expected = "SQL truncated (> 42 characters)"
result = OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: 42)

assert_equal(expected, result)
end

def test_obfuscation_limit_returns_truncation_message_when_not_utf8
sql = "SELECT * from 😄 where users.id = 1 and users.😄 = 'test@test.com'"
expected = "SQL truncated (> 42 characters)"
expected = "SQL not obfuscated, query exceeds 42 characters"
result = OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: 42)

assert_equal(expected, result)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -236,20 +236,9 @@
describe 'with obfuscation_limit' do
let(:config) { { db_statement: :obfuscate, obfuscation_limit: 10 } }

it 'truncates SQL using config limit' do
it 'returns a message when the limit is reached' do
sql = "SELECT * from users where users.id = 1 and users.email = 'test@test.com'"
obfuscated_sql = "SELECT * from users where users.id = ...\nSQL truncated (> 10 characters)"
expect do
client.query(sql)
end.must_raise Mysql2::Error

_(span.attributes['db.statement']).must_equal obfuscated_sql
end

it 'handles regex non-matches' do
sql = 'ALTER TABLE my_table DISABLE TRIGGER ALL;'
obfuscated_sql = 'SQL truncated (> 10 characters)'

obfuscated_sql = "SQL not obfuscated, query exceeds 10 characters"
expect do
client.query(sql)
end.must_raise Mysql2::Error
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -297,20 +297,9 @@
describe 'with obfuscation_limit' do
let(:config) { { db_statement: :obfuscate, obfuscation_limit: 10 } }

it 'truncates SQL using config limit' do
it 'returns a message when the limit is reached' do
sql = "SELECT * from users where users.id = 1 and users.email = 'test@test.com'"
obfuscated_sql = "SELECT * from users where users.id = ...\nSQL truncated (> 10 characters)"
expect do
client.exec(sql)
end.must_raise PG::UndefinedTable

_(span.attributes['db.statement']).must_equal obfuscated_sql
end

it 'handles regex non-matches' do
sql = 'ALTER TABLE my_table DISABLE TRIGGER ALL;'
obfuscated_sql = 'SQL truncated (> 10 characters)'

obfuscated_sql = "SQL not obfuscated, query exceeds 10 characters"
expect do
client.exec(sql)
end.must_raise PG::UndefinedTable
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -323,20 +323,9 @@
describe 'with obfuscation_limit' do
let(:config) { { db_statement: :obfuscate, obfuscation_limit: 10 } }

it 'truncates SQL using config limit' do
it 'returns a message when the limit is reached' do
sql = "SELECT * from users where users.id = 1 and users.email = 'test@test.com'"
obfuscated_sql = "SELECT * from users where users.id = ...\nSQL truncated (> 10 characters)"
expect do
client.query(sql)
end.must_raise Trilogy::Error

_(span.attributes['db.statement']).must_equal obfuscated_sql
end

it 'handles regex non-matches' do
sql = 'ALTER TABLE my_table DISABLE TRIGGER ALL;'
obfuscated_sql = 'SQL truncated (> 10 characters)'

obfuscated_sql = "SQL not obfuscated, query exceeds 10 characters"
expect do
client.query(sql)
end.must_raise Trilogy::Error
Expand Down

0 comments on commit e649508

Please sign in to comment.