Skip to content

Provide context when logging unpermitted parameters#41809

Merged
rafaelfranca merged 1 commit intorails:mainfrom
bbuchalter:bb.improved_strong_params_logging
Apr 1, 2021
Merged

Provide context when logging unpermitted parameters#41809
rafaelfranca merged 1 commit intorails:mainfrom
bbuchalter:bb.improved_strong_params_logging

Conversation

@bbuchalter
Copy link
Contributor

@bbuchalter bbuchalter commented Mar 31, 2021
edited
Loading

Currently, the payload of the unpermitted_parameters.action_controller
events emitted by StrongParameters does not provide enough information for
developers to understand which controller and action received the
unpermitted parameters. This PR modifies ActionController::Parameters to
allow callers to specify a "context" which is included in the logging
payload.

Implementation Strategy
Since the ActionController::Parameters class is only loosely coupled
with controllers and can technically be used in any context, this PR
expects the caller to provide logging context.

Since StrongParameters is the caller in Rails and has access to the
request object I chose to provide a payload similar to the
start_processing.action_controller event.

@bbuchalter bbuchalter force-pushed the bb.improved_strong_params_logging branch 2 times, most recently from cadd005 to d83c83b Compare March 31, 2021 12:26
This was referenced Mar 31, 2021
Closed
Closed
rafaelfranca
rafaelfranca reviewed Mar 31, 2021
View reviewed changes
@bbuchalter
Provide context when logging unpermitted parameters
6be9c49 
Currently, the payload of the unpermitted_parameters.action_controller
events emitted by StrongParameters does not provide enough information for
developers to understand which controller and action received the
unpermitted parameters. This PR modifies ActionController::Parameters to
allow callers to specify a "context" which is included in the logging
payload.

*Implementation Strategy*
Since the ActionController::Parameters class is only loosely coupled
with controllers and can technically be used in any context, this PR
expects the caller to provide logging context.

Since StrongParameters is caller in Rails and has access to the
request object I chose to provide a payload similar to the
start_processing.action_controller event.
@bbuchalter bbuchalter force-pushed the bb.improved_strong_params_logging branch from 13554c6 to 6be9c49 Compare March 31, 2021 23:15
@rafaelfranca rafaelfranca merged commit 3a32f44 into rails:main Apr 1, 2021
hidr0
hidr0 reviewed Jun 17, 2021
View reviewed changes
guides/source/active_support_instrumentation.md
| `:keys` | Unpermitted keys |
| Key | Value |
| ------------- | --------------------------------------------------------------------- |
| `:key` | The unpermitted keys |
Copy link

@hidr0 hidr0 Jun 17, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be :key or keys? Why does it change from before?

Copy link
Member

@zzak zzak Jun 17, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hidr0 Good catch! Fixed in fe1cb68.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rafaelfranca rafaelfranca rafaelfranca left review comments

@zzak zzak zzak left review comments

+1 more reviewer

@hidr0 hidr0 hidr0 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

actionpack docs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bbuchalter @rafaelfranca @zzak @hidr0