Class: Datadog::AppSec::Contrib::Devise::DataExtractor

Inherits:

Object

• Object
• Datadog::AppSec::Contrib::Devise::DataExtractor

Defined in:

lib/datadog/appsec/contrib/devise/data_extractor.rb

Overview

Extracts user identification data from Devise resources. Supports both regular and anonymized data extraction modes.

Constant Summary

PRIORITY_ORDERED_ID_KEYS =

[:id, 'id', :uuid, 'uuid'].freeze

PRIORITY_ORDERED_LOGIN_KEYS =

[:email, 'email', :username, 'username', :login, 'login'].freeze

Instance Method Summary

• #extract_id(object) ⇒ Object
• #extract_login(object) ⇒ Object
• #initialize(mode:) ⇒ DataExtractor constructor

  A new instance of DataExtractor.

Constructor Details

#initialize(mode:) ⇒ DataExtractor

Returns a new instance of DataExtractor.

# File 'lib/datadog/appsec/contrib/devise/data_extractor.rb', line 15

def initialize(mode:)
  @mode = mode
  @devise_scopes = {}
end

Instance Method Details

#extract_id(object) ⇒ Object

# File 'lib/datadog/appsec/contrib/devise/data_extractor.rb', line 20

def extract_id(object)
  return if object.nil?

  if object.respond_to?(:[])
    id = object[PRIORITY_ORDERED_ID_KEYS.find { |key| object[key] }]
    scope = find_devise_scope(object)

    id = "#{scope}:#{id}" if id && scope
    return transform(id)
  end

  id = object.id if object.respond_to?(:id)
  id ||= object.uuid if object.respond_to?(:uuid)

  scope = find_devise_scope(object)
  id = "#{scope}:#{id}" if id && scope

  transform(id)
end

#extract_login(object) ⇒ Object

# File 'lib/datadog/appsec/contrib/devise/data_extractor.rb', line 40

def extract_login(object)
  return if object.nil?

  if object.respond_to?(:[])
    login = object[PRIORITY_ORDERED_LOGIN_KEYS.find { |key| object[key] }]
    return transform(login)
  end

  login = object.email if object.respond_to?(:email)
  login ||= object.username if object.respond_to?(:username)
  login ||= object.login if object.respond_to?(:login)

  transform(login)
end