lib/audited/auditor.rb in audited-4.9.0 vs lib/audited/auditor.rb in audited-4.10.0

@@ -32,11 +32,21 @@
       #     end
       #
       # * +require_comment+ - Ensures that audit_comment is supplied before
       #   any create, update or destroy operation.
       # * +max_audits+ - Limits the number of stored audits.
+
+      # * +redacted+ - Changes to these fields will be logged, but the values
+      #   will not. This is useful, for example, if you wish to audit when a
+      #   password is changed, without saving the actual password in the log.
+      #   To store values as something other than '[REDACTED]', pass an argument
+      #   to the redaction_value option.
       #
+      #     class User < ActiveRecord::Base
+      #       audited redacted: :password, redaction_value: SecureRandom.uuid
+      #     end
+      #
       # * +if+ - Only audit the model when the given function returns true
       # * +unless+ - Only audit the model when the given function returns false
       #
       #     class User < ActiveRecord::Base
       #       audited :if => :active?
@@ -88,20 +98,12 @@
         has_many :associated_audits, as: :associated, class_name: Audited.audit_class.name
       end
     end
 
     module AuditedInstanceMethods
-      # Deprecate version attribute in favor of audit_version attribute – preparing for eventual removal.
-      def method_missing(method_name, *args, &block)
-        if method_name == :version
-          ActiveSupport::Deprecation.warn("`version` attribute has been changed to `audit_version`. This attribute will be removed.")
-          audit_version
-        else
-          super
-        end
-      end
-
+      REDACTED = '[REDACTED]'
+      
       # Temporarily turns off auditing while saving.
       def save_without_auditing
         without_auditing { save }
       end
 
@@ -227,10 +229,11 @@
             all_changes.slice(*self.class.audited_columns)
           else
             all_changes.except(*self.class.non_audited_columns)
           end
 
+        filtered_changes = redact_values(filtered_changes)
         filtered_changes = normalize_enum_changes(filtered_changes)
         filtered_changes.to_hash
       end
 
       def normalize_enum_changes(changes)
@@ -245,9 +248,25 @@
                 values[changes[name]]
               end
           end
         end
         changes
+      end
+
+      def redact_values(filtered_changes)
+        [audited_options[:redacted]].flatten.compact.each do |option|
+          changes = filtered_changes[option.to_s]
+          new_value = audited_options[:redaction_value] || REDACTED
+          if changes.is_a? Array
+            values = changes.map { new_value }
+          else
+            values = new_value
+          end
+          hash = Hash[option.to_s, values]
+          filtered_changes.merge!(hash)
+        end
+
+        filtered_changes
       end
 
       def rails_below?(rails_version)
         Gem::Version.new(Rails::VERSION::STRING) < Gem::Version.new(rails_version)
       end