我注意到,每当Ruby on Rails中的任何控制器执行任何操作时,某些日志都会自动写入日志文件,例如:
Processing by CasesController#update as HTML
Parameters: {"utf8"=>"✓",
"authenticity_token"=>"XAAgI8MGxIIyqcBTUqtHvqjechgNHqxKLtZAVIaceZSuhEskQA6i2mjbItbbruabPMPWGM8AXKDWNdnqJRCGBw==",
"versionId"=>"9",
"type"=>"case",
"queue"=>"filing",
"disposition"=>"Filed",
"assignee"=>"abc",
"decisionDate"=>"2020-05-19",
"filingDate"=>"2020-05-19",
"accounts"=>[{"lineOfBusiness"=>"ACCS",
"obfuscatedMerchantId"=>"A1JLF6PVG3MPCN",
"fpsAccountId"=>"",
"productAccountId"=>"",
"includeInInvestigation"=>"yes",
"includeInFiling"=>"yes"}],
"relatedItems"=>[{"itemType"=>"OBSERVATION_ID",
"itemValue"=>"RI:1-MPI:1-PI:4839201-JI:10334165-RRD:13-MAY-20-EQR:Rule_ACCS_SAM_MultiACCSBankAccounts-CID:A1JLF6PVG3MPCN"},
{"itemType"=>"IWB_TASK_ID", "itemValue"=>"7017140401"}],
"button"=>"", "id"=>"cab90a9e-78e9-6d58-c5c8-c4b3424d0751"}
我希望避免某些敏感参数被记录,例如,我希望避免versionId被记录。我怎样才能做到这一点?
您可以将敏感参数从日志中排除,方法是将它们添加到config.filter_parameters中,如官方Rails指南中所述:
config.filter_parameters用于筛选出您不希望在日志中显示的参数,如密码或信用卡号。当对活动记录对象调用#inspect时,它还过滤掉数据库列的敏感值。默认情况下,Rails通过在config/initializers/filter_parameter_logging.rb中添加Rails.application.config.filter_parameters += [:password]来过滤密码。参数过滤器通过部分匹配正则表达式来工作。