Module: PiiSafeSchema::Annotations

Included in:

PiiColumn

Defined in:

lib/pii_safe_schema/annotations.rb

Constant Summary

SENSITIVE_DATA_NAMES =

%w[
  sin social_insurance_number ssn social_security_number
  tin tax_idenfification_number national_insurance_number mifid
].freeze

COLUMNS =

{
  email: {
    comment: {
      pii: { obfuscate: 'email_obfuscator' },
    },
    regexp: /email/,
  },
  phone: {
    comment: {
      pii: { obfuscate: 'phone_obfuscator' },
    },
    regexp: /phone/,
  },
  ip_address: {
    comment: {
      pii: { obfuscate: 'ip_obfuscator' },
    },
    regexp: /ip_address/,
  },
  geolocation: {
    comment: {
      pii: { obfuscate: 'geo_obfuscator' },
    },
    regexp: /latitude|longitude/,
  },
  address: {
    comment: {
      pii: { obfuscate: 'null_obfuscator' },
    },
    regexp: /(^street|apt|apartment|unit_n)/,
  },
  postal_code: {
    comment: {
      pii: { obfuscate: 'postal_code_obfuscator' },
    },
    regexp: /(postal|zip)_code/,
  },
  name: {
    comment: {
      pii: { obfuscate: 'name_obfuscator' },
    },
    regexp: /(last|sur|full|^)_?(name)/,
  },
  sensitive_data: {
    comment: {
      pii: { tokenize: 'sha256_tokenizer' },
    },
    regexp: /(^|_)(#{SENSITIVE_DATA_NAMES.join("|")})(_|$)/,
  },
  encrypted_data: {
    comment: {
      pii: { obfuscate: 'null_obfuscator' },
    },
    regexp: /encrypted/,
  },
}.freeze

Class Method Summary

• .comment(annotation_type) ⇒ Object

Instance Method Summary

• #apply_encrypted_recommendation?(column) ⇒ Boolean
• #apply_recommendation?(column, pii_info) ⇒ Boolean
• #encrypted?(column) ⇒ Boolean
• #recommended_comment(column) ⇒ Object

Class Method Details

.comment(annotation_type) ⇒ Object

# File 'lib/pii_safe_schema/annotations.rb', line 73

def self.comment(annotation_type)
  COLUMNS.dig(annotation_type.to_sym, :comment)
end

Instance Method Details

#apply_encrypted_recommendation?(column) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/pii_safe_schema/annotations.rb', line 87

def apply_encrypted_recommendation?(column)
  encrypted?(column) && column.comment != COLUMNS[:encrypted_data][:comment].to_json
end

#apply_recommendation?(column, pii_info) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/pii_safe_schema/annotations.rb', line 77

def apply_recommendation?(column, pii_info)
  !encrypted?(column) &&
    pii_info[:regexp].match?(column.name) &&
    column.comment != pii_info[:comment].to_json
end

#encrypted?(column) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/pii_safe_schema/annotations.rb', line 83

def encrypted?(column)
  COLUMNS[:encrypted_data][:regexp].match?(column.name)
end

#recommended_comment(column) ⇒ Object

# File 'lib/pii_safe_schema/annotations.rb', line 64

def recommended_comment(column)
  return COLUMNS[:encrypted_data][:comment] if apply_encrypted_recommendation?(column)

  COLUMNS.each do |_type, info|
    return info[:comment] if apply_recommendation?(column, info)
  end
  nil
end