Class: Appsignal::Aggregator::Middleware::ActiveRecordSanitizer

Inherits:

Object

• Object
• Appsignal::Aggregator::Middleware::ActiveRecordSanitizer

Defined in:

lib/appsignal/aggregator/middleware/active_record_sanitizer.rb

Constant Summary

TARGET_EVENT_NAME =

'sql.active_record'.freeze

SINGLE_QUOTE =

/\\'/.freeze

DOUBLE_QUOTE =

/\\"/.freeze

QUOTED_DATA =

/(?:"[^"]+"|'[^']+')/.freeze

SINGLE_QUOTED_DATA =

/(?:'[^']+')/.freeze

IN_ARRAY =

/(IN \()[^\)]+(\))/.freeze

NUMERIC_DATA =

/\b\d+\b/.freeze

SANITIZED_VALUE =

'\1?\2'.freeze

Instance Method Summary

• #adapter_uses_double_quoted_table_names? ⇒ Boolean
• #adapter_uses_prepared_statements? ⇒ Boolean
• #call(event) ⇒ Object
• #connection_config ⇒ Object
• #schema_query?(event) ⇒ Boolean

Instance Method Details

#adapter_uses_double_quoted_table_names? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/appsignal/aggregator/middleware/active_record_sanitizer.rb', line 52

def adapter_uses_double_quoted_table_names?
  adapter = connection_config[:adapter]
  adapter =~ /postgres/ || adapter =~ /sqlite/
end

#adapter_uses_prepared_statements? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/appsignal/aggregator/middleware/active_record_sanitizer.rb', line 57

def adapter_uses_prepared_statements?
  return false unless adapter_uses_double_quoted_table_names?
  return true if connection_config[:prepared_statements].nil?
  connection_config[:prepared_statements]
end

#call(event) ⇒ Object

# File 'lib/appsignal/aggregator/middleware/active_record_sanitizer.rb', line 16

def call(event)
  if event.name == TARGET_EVENT_NAME
    unless schema_query?(event) || adapter_uses_prepared_statements?
      query_string = event.payload[:sql].dup
      if query_string
        if adapter_uses_double_quoted_table_names?
          query_string.gsub!(SINGLE_QUOTE, SANITIZED_VALUE)
          query_string.gsub!(SINGLE_QUOTED_DATA, SANITIZED_VALUE)
        else
          query_string.gsub!(SINGLE_QUOTE, SANITIZED_VALUE)
          query_string.gsub!(DOUBLE_QUOTE, SANITIZED_VALUE)
          query_string.gsub!(QUOTED_DATA, SANITIZED_VALUE)
        end
        query_string.gsub!(IN_ARRAY, SANITIZED_VALUE)
        query_string.gsub!(NUMERIC_DATA, SANITIZED_VALUE)
        event.payload[:sql] = query_string
      end
    end
    event.payload.delete(:connection_id)
    event.payload.delete(:binds)
  end
  yield
end

#connection_config ⇒ Object

# File 'lib/appsignal/aggregator/middleware/active_record_sanitizer.rb', line 44

def connection_config
  @connection_config ||= if ActiveRecord::Base.respond_to?(:connection_config)
    ActiveRecord::Base.connection_config
  else
    ActiveRecord::Base.connection_pool.spec.config
  end
end

#schema_query?(event) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/appsignal/aggregator/middleware/active_record_sanitizer.rb', line 40

def schema_query?(event)
  event.payload[:name] == 'SCHEMA'
end