From ce085f62d440534fada343e708d8864c0d55c03b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= <rafael@franca.dev>
Date: Thu, 7 Nov 2019 14:06:06 -0500
Subject: [PATCH] Add an option to disable logging for jobs with sensitive
 arguments

    class SensitiveJob < ApplicationJob
      self.log_arguments = false

      def perform(my_sensitive_argument)
      end
    end

When dealing with sensitive arugments as password and tokens it is
now possible to configure the job to not put the sensitive argument
in the logs.

Closes #34438.
---
 activejob/CHANGELOG.md                     | 14 ++++++++++++++
 activejob/lib/active_job/log_subscriber.rb |  2 +-
 activejob/lib/active_job/logging.rb        |  1 +
 activejob/test/cases/logging_test.rb       | 13 +++++++++++++
 activejob/test/jobs/disable_log_job.rb     | 13 +++++++++++++
 guides/source/configuring.md               |  2 ++
 6 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 activejob/test/jobs/disable_log_job.rb

diff --git a/activejob/CHANGELOG.md b/activejob/CHANGELOG.md
index b4ffb8153e..159963732e 100644
--- a/activejob/CHANGELOG.md
+++ b/activejob/CHANGELOG.md
@@ -1,3 +1,17 @@
+*   Add an option to disable logging of the job arguments when enqueuing and executing the job.
+
+        class SensitiveJob < ApplicationJob
+          self.log_arguments = false
+
+          def perform(my_sensitive_argument)
+          end
+        end
+
+    When dealing with sensitive arugments as password and tokens it is now possible to configure the job
+    to not put the sensitive argument in the logs.
+
+    *Rafael Mendonça França*
+
 *   Changes in `queue_name_prefix` of a job no longer affects all other jobs. Fixes #37084.
 
     *Lucas Mansur*
diff --git a/activejob/lib/active_job/log_subscriber.rb b/activejob/lib/active_job/log_subscriber.rb
index c621daff41..d6cd90798d 100644
--- a/activejob/lib/active_job/log_subscriber.rb
+++ b/activejob/lib/active_job/log_subscriber.rb
@@ -77,7 +77,7 @@ module ActiveJob
       end
 
       def args_info(job)
-        if job.arguments.any?
+        if job.class.log_arguments? && job.arguments.any?
           " with arguments: " +
             job.arguments.map { |arg| format(arg).inspect }.join(", ")
         else
diff --git a/activejob/lib/active_job/logging.rb b/activejob/lib/active_job/logging.rb
index 1518f7e031..8ce5d1a02c 100644
--- a/activejob/lib/active_job/logging.rb
+++ b/activejob/lib/active_job/logging.rb
@@ -10,6 +10,7 @@ module ActiveJob
 
     included do
       cattr_accessor :logger, default: ActiveSupport::TaggedLogging.new(ActiveSupport::Logger.new(STDOUT))
+      class_attribute :log_arguments, instance_accessor: false, default: true
 
       around_enqueue { |_, block| tag_logger(&block) }
       around_perform { |job, block| tag_logger(job.class.name, job.job_id, &block) }
diff --git a/activejob/test/cases/logging_test.rb b/activejob/test/cases/logging_test.rb
index 1ceebc61db..2cd43c5b84 100644
--- a/activejob/test/cases/logging_test.rb
+++ b/activejob/test/cases/logging_test.rb
@@ -9,6 +9,7 @@ require "jobs/overridden_logging_job"
 require "jobs/nested_job"
 require "jobs/rescue_job"
 require "jobs/retry_job"
+require "jobs/disable_log_job"
 require "models/person"
 
 class LoggingTest < ActiveSupport::TestCase
@@ -122,6 +123,18 @@ class LoggingTest < ActiveSupport::TestCase
     end
   end
 
+  def test_perform_disabled_job_logging
+    perform_enqueued_jobs do
+      DisableLogJob.perform_later "Dummy"
+      assert_no_match(/Enqueued DisableLogJob \(Job ID: .*?\) from .*? with arguments:.*Dummy/, @logger.messages)
+      assert_no_match(/Performing DisableLogJob \(Job ID: .*?\) from .*? with arguments:.*Dummy/, @logger.messages)
+
+      assert_match(/enqueued at /, @logger.messages)
+      assert_match(/Dummy, here is it: Dummy/, @logger.messages)
+      assert_match(/Performed DisableLogJob \(Job ID: .*?\) from .*? in .*ms/, @logger.messages)
+    end
+  end
+
   def test_perform_nested_jobs_logging
     perform_enqueued_jobs do
       NestedJob.perform_later
diff --git a/activejob/test/jobs/disable_log_job.rb b/activejob/test/jobs/disable_log_job.rb
new file mode 100644
index 0000000000..bdbef9b20f
--- /dev/null
+++ b/activejob/test/jobs/disable_log_job.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class DisableLogJob < ActiveJob::Base
+  self.log_arguments = false
+
+  def perform(dummy)
+    logger.info "Dummy, here is it: #{dummy}"
+  end
+
+  def job_id
+    "LOGGING-JOB-ID"
+  end
+end
diff --git a/guides/source/configuring.md b/guides/source/configuring.md
index 86dad8f472..608b296b7a 100644
--- a/guides/source/configuring.md
+++ b/guides/source/configuring.md
@@ -805,6 +805,8 @@ There are a few configuration options available in Active Support:
 
 * `config.active_job.return_false_on_aborted_enqueue` change the return value of `#enqueue` to false instead of the job instance when the enqueuing is aborted. Defaults to `false`.
 
+* `config.active_job.log_arguments` controls if the arguments of a job are logged. Defaults to `true`.
+
 ### Configuring Action Cable
 
 * `config.action_cable.url` accepts a string for the URL for where