Module: Pigeon::MaskingHelper
- Defined in:
- lib/pigeon/encryption.rb
Overview
Helper module for masking sensitive data
Class Method Summary collapse
-
.determine_masked_value(key, value, sensitive_fields) ⇒ Object
Determine the masked value for a key-value pair.
-
.mask_fields(hash, sensitive_fields) ⇒ Hash
Mask fields in a hash.
-
.mask_value(value) ⇒ String
Mask a value.
Class Method Details
.determine_masked_value(key, value, sensitive_fields) ⇒ Object
Determine the masked value for a key-value pair
168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 |
# File 'lib/pigeon/encryption.rb', line 168 def self.determine_masked_value(key, value, sensitive_fields) key_sym = key.to_sym key_str = key.to_s if sensitive_fields.include?(key_sym) || sensitive_fields.include?(key_str) # Mask the value mask_value(value) elsif value.is_a?(Hash) # Recursively mask nested hashes mask_fields(value, sensitive_fields) elsif value.is_a?(Array) # Recursively mask arrays of hashes value.map { |v| v.is_a?(Hash) ? mask_fields(v, sensitive_fields) : v } else # Keep the value as is value end end |
.mask_fields(hash, sensitive_fields) ⇒ Hash
Mask fields in a hash
157 158 159 160 161 |
# File 'lib/pigeon/encryption.rb', line 157 def self.mask_fields(hash, sensitive_fields) hash.each_with_object({}) do |(key, value), result| result[key] = determine_masked_value(key, value, sensitive_fields) end end |
.mask_value(value) ⇒ String
Mask a value
190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 |
# File 'lib/pigeon/encryption.rb', line 190 def self.mask_value(value) return "[REDACTED]" if value.nil? case value when String # Mask the string with asterisks, keeping the first and last characters if value.length <= 4 "*" * value.length else "#{value[0]}#{value[1..-2].gsub(/[^[:space:]]/, '*')}#{value[-1]}" end when Numeric # Mask numbers with asterisks "*" * value.to_s.length when TrueClass, FalseClass # Don't mask booleans value else # Mask everything else "[REDACTED]" end end |