lib/carwash/scrubber.rb in carwash-1.0.0 vs lib/carwash/scrubber.rb in carwash-1.0.1

@@ -2,31 +2,31 @@
 
 # Keeps track of values known/suspected to be sensitive (passwords, etc) and
 # obscures them in lines of text.
 class Carwash::Scrubber
   DEFAULT_OBSCURE_WITH   = "********"
-  DEFAULT_SENSITIVE_KEYS = %w[key password secret token]
+  DEFAULT_SENSITIVE_KEYS = %w[key password token]
 
   attr_accessor :obscure_with
   attr_reader :sensitive_keys
 
-  def initialize(sensitive_keys: DEFAULT_SENSITIVE_KEYS,
-                 obscure_with: DEFAULT_OBSCURE_WITH,
-                 check_for_rails: true,
-                 check_env_vars: true)
-    @obscure_with = obscure_with
+  def initialize(options = {})
+    @sensitive_keys  = options.fetch(:sensitive_keys, DEFAULT_SENSITIVE_KEYS)
+    @check_for_rails = options.fetch(:check_for_rails, true)
+    @check_env_vars  = options.fetch(:check_env_vars, true)
+    @obscure_with    = options.fetch(:obscure_with, DEFAULT_OBSCURE_WITH)
 
-    @sensitive_keys = Set.new(sensitive_keys.map(&:to_s).map(&:downcase))
+    @sensitive_keys = Set.new(@sensitive_keys.map(&:to_s).map(&:downcase))
     @sensitive_vals = Set.new
 
-    if check_for_rails && defined? Rails
+    if @check_for_rails && defined? Rails
       @sensitive_keys += Rails.configuration.filter_parameters.map(&:to_s).map(&:downcase).compact
       @sensitive_keys += Rails.application.secrets.keys.map(&:to_s).map(&:downcase).compact
       @sensitive_vals += Rails.application.secrets.values.map(&:to_s).map(&:downcase).compact
     end
 
-    if check_env_vars
+    if @check_env_vars
       ENV.each do |env_key, env_val|
         @sensitive_keys.each do |key|
           if env_key =~ %r{[_-]?#{key}}i
             @sensitive_vals.add env_val.downcase
           end
@@ -61,36 +61,36 @@
   # Go through a line of text and obscure any potentially sensitive values
   # detected. Returns the line with replacements made.
   #
   # NOTE: Does *not* discover/learn values from the line; use `#scrub` to both
   # discover and obscure based on the line.
-  def obscure_sensitive_values(line, obscure_with: self.obscure_with)
+  def obscure_sensitive_values(line, options = {})
     line = line.clone
-    obscure_sensitive_values!(line, obscure_with: obscure_with)
+    obscure_sensitive_values!(line, options)
     line
   end
 
   # Go through a line of text and obscure any potentially sensitive values
   # detected. Makes replacements in place.
-  def obscure_sensitive_values!(line, obscure_with: self.obscure_with)
+  def obscure_sensitive_values!(line, options = {})
     @sensitive_vals.each do |val|
-      line.gsub!(val, obscure_with)
+      line.gsub!(val, options.fetch(:obscure_with, self.obscure_with))
     end
   end
 
   # Scans the line to try and discover potentially sensitive values, then
   # obscures all sensitive values known. Returns the line with replacements
   # made.
-  def scrub(line, obscure_with: self.obscure_with)
+  def scrub(line, options = {})
     discover_sensitive_values(line)
-    obscure_sensitive_values(line, obscure_with: obscure_with)
+    obscure_sensitive_values(line, options)
   end
 
   # Scans the line to try and discover potentially sensitive values, then
   # obscures all sensitive values known. Makes replacements in place.
-  def scrub!(line, obscure_with: self.obscure_with)
+  def scrub!(line, options = {})
     discover_sensitive_values(line)
-    obscure_sensitive_values!(line, obscure_with: obscure_with)
+    obscure_sensitive_values!(line, options)
   end
 
   # Learns from and scrubs each line of an input stream, writing the result to 
   # the given output stream.
   def scrub_stream(input, output)