From 82119f4f498debc991ef107f79019350b98e8dfe Mon Sep 17 00:00:00 2001 From: Omar Rodriguez Arenas Date: Tue, 27 Oct 2020 11:25:30 -0600 Subject: [PATCH 1/2] Add anonymization for rollbar data --- app/models/user.rb | 7 +++++++ config/initializers/rollbar.rb | 7 +++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 2b4b7938bd..ea4b375203 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -426,6 +426,13 @@ def merge(to_be_merged) to_be_merged.destroy end + # For masking the ID that we send to rollbar + # + # Returns string + def id_as_hash + Digest::SHA2.hexdigest("#{Rails.application.secrets.secret_key_base}_#{id}") + end + private # ============================ diff --git a/config/initializers/rollbar.rb b/config/initializers/rollbar.rb index 664d7c3a25..aff1c158d5 100644 --- a/config/initializers/rollbar.rb +++ b/config/initializers/rollbar.rb @@ -16,7 +16,10 @@ # to fetch the logged-in user object, and then call that object's `id` # method to fetch this property. To customize: config.person_method = "current_user" - config.person_id_method = "id" + config.person_id_method = 'id_as_hash' + config.person_username_method = 'id_as_hash' + config.person_email_method = 'id_as_hash' + # Read GDPR guidelines here: https://docs.rollbar.com/docs/ruby#section-gdpr-hipaa config.collect_user_ip = true @@ -27,7 +30,7 @@ # config.person_email_method = "email" # Additionally, you may specify the following: - config.person_username_method = "name" + # config.person_username_method = "name" # config.person_email_method = "email" # If you want to attach custom data to all exception and message reports, From b841f9c710f520e592a084fd22abfcc5fe75e251 Mon Sep 17 00:00:00 2001 From: Omar Rodriguez Arenas Date: Tue, 27 Oct 2020 11:39:07 -0600 Subject: [PATCH 2/2] Add configuration support for rollbar calls --- config/environments/production.rb | 2 +- config/environments/staging.rb | 2 +- config/initializers/rollbar.rb | 14 ++++++++------ config/secrets.yml | 7 ++++++- config/webpack/uat.js | 6 ++++++ 5 files changed, 22 insertions(+), 9 deletions(-) create mode 100644 config/webpack/uat.js diff --git a/config/environments/production.rb b/config/environments/production.rb index 0fc4f3177f..42c85b3d4d 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -79,7 +79,7 @@ # Use syslog for logging config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new('dmp_assistant')) - + # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false diff --git a/config/environments/staging.rb b/config/environments/staging.rb index f80afc2a3d..7815a7a216 100644 --- a/config/environments/staging.rb +++ b/config/environments/staging.rb @@ -42,7 +42,7 @@ # Use the lowest log level to ensure availability of diagnostic information # when problems arise. - config.log_level = :debug + config.log_level = :warn # Prepend all log lines with the following tags. # config.log_tags = [ :subdomain, :uuid ] diff --git a/config/initializers/rollbar.rb b/config/initializers/rollbar.rb index aff1c158d5..3e3ea43dad 100644 --- a/config/initializers/rollbar.rb +++ b/config/initializers/rollbar.rb @@ -69,12 +69,14 @@ # The :host key is mandatory and must include the URL scheme (e.g. 'http://'), all other fields # are optional. # - # config.proxy = { - # host: 'http://some.proxy.server', - # port: 80, - # user: 'username_if_auth_required', - # password: 'password_if_auth_required' - # } + if Rails.application.secrets.http_proxy.present? + config.proxy = { + host: Rails.application.secrets.http_proxy, + port: Rails.application.secrets.http_proxy_port + # user: 'username_if_auth_required', + # password: 'password_if_auth_required' + } + end # If you run your staging application instance in production environment then # you'll want to override the environment reported by `Rails.env` with an diff --git a/config/secrets.yml b/config/secrets.yml index 5df8ecd05d..a103a53635 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -66,6 +66,8 @@ staging: omniauth_full_host: <%= ENV['OMNIAUTH_FULL_HOST'] %> google_analytics_token: <%= ENV['GOOGLE_ANALYTICS_TOKEN'] %> wicked_pdf_proxy: <%= ENV['WICKED_PDF_PROXY'] %> + http_proxy: <%= ENV['HTTP_PROXY'] %> + http_proxy_port: <%= ENV['HTTP_PROXY_PORT'] %> uat: secret_key_base: <%= ENV['SECRET_KEY_BASE'] %> @@ -85,6 +87,8 @@ uat: omniauth_full_host: <%= ENV['OMNIAUTH_FULL_HOST'] %> google_analytics_token: <%= ENV['GOOGLE_ANALYTICS_TOKEN'] %> wicked_pdf_proxy: <%= ENV['WICKED_PDF_PROXY'] %> + http_proxy: <%= ENV['HTTP_PROXY'] %> + http_proxy_port: <%= ENV['HTTP_PROXY_PORT'] %> production: secret_key_base: <%= ENV['SECRET_KEY_BASE'] %> @@ -104,4 +108,5 @@ production: omniauth_full_host: <%= ENV['OMNIAUTH_FULL_HOST'] %> google_analytics_token: <%= ENV['GOOGLE_ANALYTICS_TOKEN'] %> wicked_pdf_proxy: <%= ENV['WICKED_PDF_PROXY'] %> - + http_proxy: <%= ENV['HTTP_PROXY'] %> + http_proxy_port: <%= ENV['HTTP_PROXY_PORT'] %> diff --git a/config/webpack/uat.js b/config/webpack/uat.js new file mode 100644 index 0000000000..358ecae1b5 --- /dev/null +++ b/config/webpack/uat.js @@ -0,0 +1,6 @@ +process.env.NODE_ENV = process.env.NODE_ENV || 'uat' + +const environment = require('./environment') +environment.plugins.get("UglifyJs").options.uglifyOptions.ecma = 5 + +module.exports = environment.toWebpackConfig()