diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md index f09060f119..6510fc0333 100644 --- a/activerecord/CHANGELOG.md +++ b/activerecord/CHANGELOG.md @@ -1,3 +1,13 @@ +* Add automatic filtering of encrypted attributes on inspect + + This feature is enabled by default but can be disabled with + + ```ruby + config.active_record.encryption.add_to_filter_parameters = false + ``` + + *Hartley McGuire* + * Clear locking column on #dup This change fixes not to duplicate locking_column like id and timestamps. diff --git a/activerecord/lib/active_record/encryption/configurable.rb b/activerecord/lib/active_record/encryption/configurable.rb index db13e0b0f1..2a26f1a2cf 100644 --- a/activerecord/lib/active_record/encryption/configurable.rb +++ b/activerecord/lib/active_record/encryption/configurable.rb @@ -51,7 +51,10 @@ module ActiveRecord def install_auto_filtered_parameters_hook(application) # :nodoc: ActiveRecord::Encryption.on_encrypted_attribute_declared do |klass, encrypted_attribute_name| filter_parameter = [("#{klass.model_name.element}" if klass.name), encrypted_attribute_name.to_s].compact.join(".") - application.config.filter_parameters << filter_parameter unless excluded_from_filter_parameters?(filter_parameter) + unless excluded_from_filter_parameters?(filter_parameter) + application.config.filter_parameters << filter_parameter + klass.filter_attributes += [encrypted_attribute_name] + end end end diff --git a/activerecord/lib/active_record/railtie.rb b/activerecord/lib/active_record/railtie.rb index 5b1b115e57..0b9335acc0 100644 --- a/activerecord/lib/active_record/railtie.rb +++ b/activerecord/lib/active_record/railtie.rb @@ -377,10 +377,8 @@ To keep using the current cache store, you can turn off cache versioning entirel end # Filtered params - ActiveSupport.on_load(:action_controller, run_once: true) do - if ActiveRecord::Encryption.config.add_to_filter_parameters - ActiveRecord::Encryption.install_auto_filtered_parameters_hook(app) - end + if ActiveRecord::Encryption.config.add_to_filter_parameters + ActiveRecord::Encryption.install_auto_filtered_parameters_hook(app) end end diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index 87128824e6..1fd3ad4893 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -3399,6 +3399,44 @@ module ApplicationTests assert_equal [ :password, :credit_card_number ], ActiveRecord::Base.filter_attributes end + test "encrypted attributes are added to record's filter_attributes by default" do + app_file "app/models/post.rb", <<-RUBY + class Post < ActiveRecord::Base + encrypts :content + end + RUBY + + add_to_config <<-RUBY + config.enable_reloading = false + config.eager_load = true + RUBY + + app "production" + + assert_includes Post.filter_attributes, :content + assert_not_includes ActiveRecord::Base.filter_attributes, :content + end + + test "encrypted attributes are not added to record filter_attributes if disabled" do + app_file "app/models/post.rb", <<-RUBY + class Post < ActiveRecord::Base + encrypts :content + end + RUBY + + add_to_config <<-RUBY + config.enable_reloading = false + config.eager_load = true + + config.active_record.encryption.add_to_filter_parameters = false + RUBY + + app "production" + + assert_not_includes Post.filter_attributes, :content + assert_not_includes ActiveRecord::Base.filter_attributes, :content + end + test "ActiveStorage.routes_prefix can be configured via config.active_storage.routes_prefix" do app_file "config/environments/development.rb", <<-RUBY Rails.application.configure do