RedactEx v0.1.6

View Source RedactEx.Redactable protocol (RedactEx v0.1.6)

Redactable

Protocol for defining a redact-able item, e.g. an item whose internal elements could be redacted It shall return a redact-ed item of the same type as the input item

You can derive Redactable protocol for a struct by using

defmodule MyApp.RedactStruct do
  @derive {RedactEx.Redactable,
    fields: [
      myfield1: {MyModule, :redact_function_one},
      myfield2: {MyModule, :redact_function_two},
  ]}
  defstruct [:myfield1, :myfield2]
end

options

  • :fields possible values of fields are a keyword list of configurations, where configuration can be

    • {module, function}, e.g.

      fields: [
    myfield1: {MyModule, :redact_function_one},
    myfield2: {MyModule, :redact_function_two},
]

      In this case redacting will be applied to myfield1 and myfield2 using module.function as configured

    • :redact, e.g.

      fields: [
  field: :redact
]

      In this case it is expected for value in field to have an Impl for RedactEx.Redactable, and RedactEx.Redactable.redact/1 will be called

    • :drop, e.g.

      fields: [
  field: :drop
]

      In this case :field key is entirely dropped. NOTE that this also means struct information will be lost, and the value will become a map

e.g. suppose you define a module like

# ./test/support/derive/redact_struct.ex
defmodule MyApp.RedactStruct do
  @moduledoc false

  # For usage in RedactEx.Redactable doctests
  @derive {RedactEx.Redactable,
          fields: [
            myfield: {String, :reverse}
          ]}
  defstruct [:myfield]
end

then you can expect it to have derived the RedactEx.Redactable protocol

```
iex> %MyApp.RedactStruct{myfield: "reverseme"} |> RedactEx.Redactable.redact() |> Map.get(:myfield)
"emesrever"
```

best-practices

 Best Practices

Good practices could be to implement the Inspect protocol for sensitive data and use the derived redact capabilities of the inspected module inside its implementation. You can both derive single fields in your struct, or define whatever implementation fits best for your structs as defimpl RedactEx.Redactable, for: MyStruct

Then you can enforce inspecting structures in your logs or export functions. Unluckily this is not a simple practice to enforce in an automatic flavour.

Link to this section Summary

Types

any_container()
binary_container()
container()
t()

Functions

redact(value)

Redacts value hiding sensitive information

Link to this section Types

Link to this type

any_container()

View Source 
@type any_container() :: any()
Link to this type

binary_container()

View Source 
@type binary_container() :: String.t() | binary()
Link to this type

container()

View Source 
@type container() :: struct() | map()
Link to this type

t()

View Source 
@type t() :: container() | binary_container() | any_container()

Link to this section Functions

Link to this function

redact(value)

View Source 
@spec redact(value :: t()) :: any()

Redacts value hiding sensitive information