Clean ActiveRecord::RecordNotUnique error message

Like we've done before for `PG::UniqueViolation`, sanitize the `ActiveRecord::RecordNotUnique` message. The `RecordNotUnique` error class is a type of error that wraps around errors from database adapter gems like the "pg" gem's `PG::UniqueViolation`. The message for this `RecordNotUnique` error is the same for `PG::UniqueViolation` in this case, prefixed with error class name. Fixes #833
appsignal · Mar 9, 2022 · 399cf79 · 399cf79
1 parent 2d8c525
commit 399cf79
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 1 deletion.
diff --git a/.changesets/sanitize-activerecord::recordnotunique-error-messages.md b/.changesets/sanitize-activerecord::recordnotunique-error-messages.md
@@ -0,0 +1,6 @@
+---
+bump: "patch"
+type: "add"
+---
+
+Sanitize `ActiveRecord::RecordNotUnique` error messages to not include any database values that is not unique in the database. This ensures no personal information is sent to AppSignal through error messages from this error.
diff --git a/lib/appsignal/transaction.rb b/lib/appsignal/transaction.rb
@@ -537,7 +537,7 @@ def cleaned_backtrace(backtrace)
     # Returns an unchanged message otherwise.
     def cleaned_error_message(error)
       case error.class.to_s
-      when "PG::UniqueViolation"
+      when "PG::UniqueViolation", "ActiveRecord::RecordNotUnique"
         error.message.to_s.gsub(/\)=\(.*\)/, ")=(?)")
       else
         error.message.to_s

diff --git a/spec/lib/appsignal/transaction_spec.rb b/spec/lib/appsignal/transaction_spec.rb
@@ -1364,6 +1364,25 @@ def session_exists?(_env)
         expect(subject).to eq "ERROR: duplicate key value violates unique constraint \"index_users_on_email\" DETAIL: Key (email)=(?) already exists."
       end
     end
+
+    context "with a ActiveRecord::RecordNotUnique" do
+      before do
+        stub_const("ActiveRecord::RecordNotUnique", Class.new(StandardError))
+      end
+
+      let(:error) do
+        ActiveRecord::RecordNotUnique.new(
+          "PG::UniqueViolation: ERROR: duplicate key value violates unique constraint \"example_constraint\"\n" \
+          "DETAIL: Key (email)=([email protected]) already exists."
+        )
+      end
+
+      it "returns a sanizited error message" do
+        expect(subject).to eq \
+          "PG::UniqueViolation: ERROR: duplicate key value violates unique constraint \"example_constraint\"\n" \
+          "DETAIL: Key (email)=(?) already exists."
+      end
+    end
   end
 
   describe ".to_hash / .to_h" do