Commit 60a35e42 authored by Alejandro Rodríguez's avatar Alejandro Rodríguez

Send API parameters as extra data for sentry errors

parent b40192a9
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
require 'gitlab/current_settings' require 'gitlab/current_settings'
if Rails.env.production? def configure_sentry
# allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done
begin begin
sentry_enabled = Gitlab::CurrentSettings.current_application_settings.sentry_enabled sentry_enabled = Gitlab::CurrentSettings.current_application_settings.sentry_enabled
...@@ -23,3 +23,5 @@ if Rails.env.production? ...@@ -23,3 +23,5 @@ if Rails.env.production?
end end
end end
end end
configure_sentry if Rails.env.production?
...@@ -287,7 +287,7 @@ module API ...@@ -287,7 +287,7 @@ module API
if sentry_enabled? && report_exception?(exception) if sentry_enabled? && report_exception?(exception)
define_params_for_grape_middleware define_params_for_grape_middleware
sentry_context sentry_context
Raven.capture_exception(exception) Raven.capture_exception(exception, extra: params)
end end
# lifted from https://github.com/rails/rails/blob/master/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb#L60 # lifted from https://github.com/rails/rails/blob/master/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb#L60
......
require 'spec_helper' require 'spec_helper'
require 'raven/transports/dummy'
require_relative '../../../config/initializers/sentry'
describe API::Helpers do describe API::Helpers do
include API::APIGuard::HelperMethods include API::APIGuard::HelperMethods
...@@ -476,7 +478,7 @@ describe API::Helpers do ...@@ -476,7 +478,7 @@ describe API::Helpers do
allow(exception).to receive(:backtrace).and_return(caller) allow(exception).to receive(:backtrace).and_return(caller)
expect_any_instance_of(self.class).to receive(:sentry_context) expect_any_instance_of(self.class).to receive(:sentry_context)
expect(Raven).to receive(:capture_exception).with(exception) expect(Raven).to receive(:capture_exception).with(exception, extra: {})
handle_api_exception(exception) handle_api_exception(exception)
end end
...@@ -501,6 +503,30 @@ describe API::Helpers do ...@@ -501,6 +503,30 @@ describe API::Helpers do
expect(json_response['message']).to start_with("\nRuntimeError (Runtime Error!):") expect(json_response['message']).to start_with("\nRuntimeError (Runtime Error!):")
end end
end end
context 'extra information' do
# Sentry events are an array of the form [auth_header, data, options]
let(:event_data) { Raven.client.transport.events.first[1] }
before do
stub_application_setting(
sentry_enabled: true,
sentry_dsn: "dummy://12345:67890@sentry.localdomain/sentry/42"
)
configure_sentry
Raven.client.configuration.encoding = 'json'
end
it 'sends the params, excluding confidential values' do
expect(Gitlab::Sentry).to receive(:enabled?).twice.and_return(true)
expect(ProjectsFinder).to receive(:new).and_raise('Runtime Error!')
get api('/projects', user), password: 'dont_send_this', other_param: 'send_this'
expect(event_data).to include('other_param=send_this')
expect(event_data).to include('password=********')
end
end
end end
describe '.authenticate_non_get!' do describe '.authenticate_non_get!' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment