Module: Mongo::Monitoring::Event::Secure

Included in:
CommandFailed, CommandStarted, CommandSucceeded, Protocol::Msg, Protocol::Query
Defined in:
lib/mongo/monitoring/event/secure.rb

Overview

Provides behavior to redact sensitive information from commands and replies.

Since:

  • 2.1.0

Constant Summary collapse

REDACTED_COMMANDS =

The list of commands that has the data redacted for security.

Since:

  • 2.1.0

[
  'authenticate',
  'saslStart',
  'saslContinue',
  'getnonce',
  'createUser',
  'updateUser',
  'copydbgetnonce',
  'copydbsaslstart',
  'copydb'
].freeze

Instance Method Summary collapse

Instance Method Details

#compression_allowed?(command_name) ⇒ true, false

Is compression allowed for a given command message.

Examples:

Determine if compression is allowed for a given command.

secure.compression_allowed?(selector)

Parameters:

  • command_name (String, Symbol)

    The command name.

Returns:

  • (true, false)

    Whether compression can be used.

Since:

  • 2.5.0



106
107
108
# File 'lib/mongo/monitoring/event/secure.rb', line 106

def compression_allowed?(command_name)
  @compression_allowed ||= !REDACTED_COMMANDS.include?(command_name.to_s)
end

#redacted(command_name, document) ⇒ BSON::Document

Redact secure information from the document if:

- its command is in the sensitive commands;
- its command is a hello/legacy hello command, and
  speculative authentication is enabled;
- corresponding started event is sensitive.

Examples:

Get the redacted document.

secure.redacted(command_name, document)

Parameters:

  • command_name (String, Symbol)

    The command name.

  • document (BSON::Document)

    The document.

Returns:

  • (BSON::Document)

    The redacted document.

Since:

  • 2.1.0



83
84
85
86
87
88
89
90
91
92
93
# File 'lib/mongo/monitoring/event/secure.rb', line 83

def redacted(command_name, document)
  if %w(1 true yes).include?(ENV['MONGO_RUBY_DRIVER_UNREDACT_EVENTS']&.downcase)
    document
  elsif respond_to?(:started_event) && started_event.sensitive
    return BSON::Document.new
  elsif sensitive?(command_name: command_name, document: document)
    BSON::Document.new
  else
    document
  end
end

#sensitive?(command_name:, document:) ⇒ true | false

Check whether the command is sensitive in terms of command monitoring spec. A command is detected as sensitive if it is in the list or if it is a hello/legacy hello command, and speculative authentication is enabled.

Parameters:

  • command_name (String, Symbol)

    The command name.

  • document (BSON::Document)

    The document.

Returns:

  • (true | false)

    Whether the command is sensitive.

Since:

  • 2.1.0



52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# File 'lib/mongo/monitoring/event/secure.rb', line 52

def sensitive?(command_name:, document:)
  if REDACTED_COMMANDS.include?(command_name.to_s)
    true
  elsif %w(hello ismaster isMaster).include?(command_name.to_s) &&
    document['speculativeAuthenticate']
    then
    # According to Command Monitoring spec,for hello/legacy hello commands
    # when speculativeAuthenticate is present, their commands AND replies
    # MUST be redacted from the events.
    # See https://github.com/mongodb/specifications/blob/master/source/command-logging-and-monitoring/command-logging-and-monitoring.rst#security
    true
  else
    false
  end
end