Merge branch 'api-sentry-extra' into 'master'

Send API parameters as extra data for sentry errors See merge request gitlab-org/gitlab-ce!14644
author: Douwe Maan <douwe@gitlab.com> 2017-10-06 13:41:01 +0000
committer: Douwe Maan <douwe@gitlab.com> 2017-10-06 13:41:01 +0000
commit: 7f8e720f415ff50f791d9efd49b774c9da9ab109 (patch)
tree: 246466fd9cbf92905569a9d0199c42e34f0bd6ba /spec/requests/api
parent: f55f24c49747f74659c4aa8ade48fd167fe67034 (diff)
parent: 60a35e4230404b84d4aee8015fb7821b0b194277 (diff)
download: gitlab-ce-7f8e720f415ff50f791d9efd49b774c9da9ab109.tar.gz
1 files changed, 27 insertions, 1 deletions
diff --git a/spec/requests/api/helpers_spec.rb b/spec/requests/api/helpers_spec.rb
index 060c8902471..862920ad7c3 100644
--- a/spec/requests/api/helpers_spec.rb
+++ b/spec/requests/api/helpers_spec.rb
@@ -1,4 +1,6 @@
 require 'spec_helper'
+require 'raven/transports/dummy'
+require_relative '../../../config/initializers/sentry'
 
 describe API::Helpers do
   include API::APIGuard::HelperMethods
@@ -476,7 +478,7 @@ describe API::Helpers do
       allow(exception).to receive(:backtrace).and_return(caller)
 
       expect_any_instance_of(self.class).to receive(:sentry_context)
-      expect(Raven).to receive(:capture_exception).with(exception)
+      expect(Raven).to receive(:capture_exception).with(exception, extra: {})
 
       handle_api_exception(exception)
     end
@@ -501,6 +503,30 @@ describe API::Helpers do
         expect(json_response['message']).to start_with("\nRuntimeError (Runtime Error!):")
       end
     end
+
+    context 'extra information' do
+      # Sentry events are an array of the form [auth_header, data, options]
+      let(:event_data) { Raven.client.transport.events.first[1] }
+
+      before do
+        stub_application_setting(
+          sentry_enabled: true,
+          sentry_dsn: "dummy://12345:67890@sentry.localdomain/sentry/42"
+        )
+        configure_sentry
+        Raven.client.configuration.encoding = 'json'
+      end
+
+      it 'sends the params, excluding confidential values' do
+        expect(Gitlab::Sentry).to receive(:enabled?).twice.and_return(true)
+        expect(ProjectsFinder).to receive(:new).and_raise('Runtime Error!')
+
+        get api('/projects', user), password: 'dont_send_this', other_param: 'send_this'
+
+        expect(event_data).to include('other_param=send_this')
+        expect(event_data).to include('password=********')
+      end
+    end
   end
 
   describe '.authenticate_non_get!' do
author	Douwe Maan <douwe@gitlab.com>	2017-10-06 13:41:01 +0000
committer	Douwe Maan <douwe@gitlab.com>	2017-10-06 13:41:01 +0000
commit	7f8e720f415ff50f791d9efd49b774c9da9ab109 (patch)
tree	246466fd9cbf92905569a9d0199c42e34f0bd6ba /spec/requests/api
parent	f55f24c49747f74659c4aa8ade48fd167fe67034 (diff)
parent	60a35e4230404b84d4aee8015fb7821b0b194277 (diff)
download	gitlab-ce-7f8e720f415ff50f791d9efd49b774c9da9ab109.tar.gz