Wrap ActiveRecord::Base with ActiveSupport.on_load (#199)

* Wrap ActiveRecord::Base with ActiveSupport.on_load * Test inspect method filters senstive column values * Remove set secret_token and secret_key_base in spec_helper.rb * Comment reason of filter_parameters in spec_helper.rb
citusdata · Jun 5, 2023 · 7b6bb2f · 7b6bb2f
1 parent 16fd851
commit 7b6bb2f
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 9 deletions.
diff --git a/lib/activerecord-multi-tenant/query_rewriter.rb b/lib/activerecord-multi-tenant/query_rewriter.rb
@@ -370,7 +370,6 @@ def relations_from_node_join(node_join)
   end
 end
 
-require 'active_record/base'
 module MultiTenantFindBy
   def cached_find_by_statement(key, &block)
     return super unless respond_to?(:scoped_by_tenant?) && scoped_by_tenant?
@@ -380,4 +379,6 @@ def cached_find_by_statement(key, &block)
   end
 end
 
-ActiveRecord::Base.singleton_class.prepend(MultiTenantFindBy)
+ActiveSupport.on_load(:active_record) do |base|
+  base.singleton_class.prepend(MultiTenantFindBy)
+end
diff --git a/spec/activerecord-multi-tenant/model_extensions_spec.rb b/spec/activerecord-multi-tenant/model_extensions_spec.rb
@@ -131,6 +131,13 @@ def self.name
     it { expect(@posts).to eq([@post1]) }
   end
 
+  describe 'inspect method filters senstive column values' do
+    it 'filters senstive value' do
+      account = Account.new(name: 'foo', password: 'baz')
+      expect(account.inspect).to eq '#<Account id: nil, name: nil, subdomain: nil, domain: nil, password: [FILTERED]>'
+    end
+  end
+
   # Scoping models
   describe 'Project.all should be scoped to the current tenant if set' do
     before do

diff --git a/spec/schema.rb b/spec/schema.rb
@@ -9,6 +9,7 @@
     t.column :name, :string
     t.column :subdomain, :string
     t.column :domain, :string
+    t.column :password, :string
   end
 
   create_table :projects, force: true, partition_key: :account_id do |t|

diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -27,8 +27,24 @@
 require 'action_controller/railtie'
 require 'rspec/rails'
 
+module MultiTenantTest
+  class Application < Rails::Application; end
+end
+
+# Specifies columns which shouldn't be exposed while calling #inspect.
+ActiveSupport.on_load(:active_record) do
+  self.filter_attributes += MultiTenantTest::Application.config.filter_parameters
+end
+
 require 'activerecord_multi_tenant'
 
+# It's necessary for testing the filtering of senstive column values in ActiveRecord.
+# Refer to "describe 'inspect method filters senstive column values'"
+#
+# To verify that ActiveSupport.on_load(:active_record) is not being unnecessarily invoked,
+# this line should be placed after "require 'activerecord_multi_tenant'" and before ActiveRecord::Base is called.
+MultiTenantTest::Application.config.filter_parameters = [:password]
+
 require 'bundler'
 Bundler.require(:default, :development)
 require_relative './support/format_sql'
@@ -55,13 +71,6 @@
   end
 end
 
-module MultiTenantTest
-  class Application < Rails::Application; end
-end
-
-MultiTenantTest::Application.config.secret_token = 'x' * 40
-MultiTenantTest::Application.config.secret_key_base = 'y' * 40
-
 # rubocop:disable Lint/UnusedMethodArgument
 # changing the name of the parameter breaks tests
 def with_belongs_to_required_by_default(&block)