As of today, we just blindly try to match a global list of fields we want to be obfuscated against all the attributes of every row Polo traverses:

To do so, we pass in a list of fields to Polo.configure

Polo.configure do
  obfuscate :email
end

While this has been working well, it could be the case that someone wants to only obfuscate certain fields in certain tables.

What I'm suggesting is that we change the obfuscate method to also accept something like this:

Polo.configure do
  obfuscate "users.email" 
end

So in this case we're only obfuscating email fields in the users table, and not obfuscating emails on some other tables such as invites or some other table where emails are not sensitive.

We currently use SQLite in our test cases, but I never actually tried to populate a SQLite database with a data dump from Polo.

We'd need to implement both on_duplicate strategies for SQLite and make sure everything else works.

Title perhaps doesn't explain the problem well, code does:

class Account
  has_and_belongs_to_many :roles
end

class Role
  has_and_belongs_to_many :accounts
end

account = Account.create name: "Matt"
role = Role.create name: "admin"

account.roles << role

Polo.explore(Account, [1,2,3], [:roles])

This will result in the INSERT SQL for account and role being created, but not for the join table. The "solution" appears to be to use has_many through: instead, and always have an AR model with an ID column as the join table.

I don't have a solution, so I feel the README should at least clarify that HABTM doesn't work right now, and to use has_many through: instead.

Encountered on Rails 3.2

Hello!

Thank you for open sourcing this gem, think it's a brilliant idea. I've been able to give it a try with sqlite3, but I haven't had much luck making it work with PostgreSQL. (Latest Rails 4.2 and Ruby 2.2.3)

Given a User model, with a attribute of name, if one is present in the database; when I run Polo.explore(User, 1), I get the following stack trace:

irb(main):001:0> Polo.explore(User, 1)
  User Load (0.3ms)  SELECT "users".* FROM "users" WHERE "users"."id" = $1  [["id", 1]]
  User Load (0.7ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 1
  User Load (1.0ms)  SELECT "users".* FROM "users" WHERE "users"."id" = $1
ActiveRecord::StatementInvalid: PG::ProtocolViolation: ERROR:  bind message supplies 0 parameters, but prepared statement "" requires 1
: SELECT "users".* FROM "users" WHERE "users"."id" = $1
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/postgresql_adapter.rb:592:in `async_exec'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/postgresql_adapter.rb:592:in `block in exec_no_cache'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/abstract_adapter.rb:472:in `block in log'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/abstract_adapter.rb:466:in `log'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/postgresql_adapter.rb:592:in `exec_no_cache'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/postgresql_adapter.rb:584:in `execute_and_clear'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/postgresql/database_statements.rb:160:in `exec_query'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/abstract/database_statements.rb:355:in `select'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/abstract/database_statements.rb:32:in `select_all'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/connection_adapters/abstract/query_cache.rb:70:in `select_all'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activerecord-4.2.5/lib/active_record/querying.rb:39:in `find_by_sql'
    from /Users/bcb/.gem/ruby/2.2.3/gems/polo-0.1.0/lib/polo/translator.rb:24:in `block in instances'
    from /Users/bcb/.gem/ruby/2.2.3/gems/polo-0.1.0/lib/polo/translator.rb:23:in `each'
    from /Users/bcb/.gem/ruby/2.2.3/gems/polo-0.1.0/lib/polo/translator.rb:23:in `flat_map'
    from /Users/bcb/.gem/ruby/2.2.3/gems/polo-0.1.0/lib/polo/translator.rb:23:in `instances'
... 5 levels...
    from /Users/bcb/.gem/ruby/2.2.3/gems/railties-4.2.5/lib/rails/commands/console.rb:9:in `start'
    from /Users/bcb/.gem/ruby/2.2.3/gems/railties-4.2.5/lib/rails/commands/commands_tasks.rb:68:in `console'
    from /Users/bcb/.gem/ruby/2.2.3/gems/railties-4.2.5/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
    from /Users/bcb/.gem/ruby/2.2.3/gems/railties-4.2.5/lib/rails/commands.rb:17:in `<top (required)>'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:274:in `require'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:274:in `block in require'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:240:in `load_dependency'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:274:in `require'
    from /Users/bcb/code/polo_rails_test/bin/rails:9:in `<top (required)>'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:268:in `load'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:268:in `block in load'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:240:in `load_dependency'
    from /Users/bcb/.gem/ruby/2.2.3/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:268:in `load'
    from /Users/bcb/.rubies/ruby-2.2.3/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require'
    from /Users/bcb/.rubies/ruby-2.2.3/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require'

Here's a sample application that exhibits this behavior: https://github.com/bbonamin/polo_rails_test

Let me know if I can be of any help :) To be honest I'm kind of lost on where to go an fix this, but apparently it's related to the fact that PostgreSQL validates prepared statements. rails/rails#20077

We currently run all of our tests using SQLite in memory.

While this runs super fast and works great it doesn't really test Polo against some specific scenarios such as how different databases quote fields or how on_duplicate works with different databases.

My assumption is that we could set up some extra databases with appraisal and get some more coverage.

Seeing the following error. Is this not supported on Rails 5.2?

NoMethodError (undefined method `arel_attributes_with_values_for_create' for #<Reason:0x00007f9b7a9e2740>)

Hey @nettofarah, thank you for this awesome gem :)

This issue is more an idea. I'm finding hard times to check which version has been packaged to Rubygems and which one is the current version on master branch.

What do you think in keeping a Changelog? :)

Is anyone at IFTTT still maintaining this? Master branch has some changes that would be nice to have in a release but in #54 @nettofarah mentioned being unable to publish to RubyGems. I'm happy to help out if necessary.

Provide some examples (documentation or ruby files) with some common use cases.

e.g.

• Rake task to pull some complex data relationships
• Code snippet of how to export generated inserts to a .sql file
• Sample rsync command to download .sql files from a remote server
• Sample scp command

I think it makes sense for some more complex obfuscation strategies to be aware of the context in which they are operating. Even simple ones. Some examples

1. You have a table of phone numbers which must be unique and valid after obfuscation. One way to achieve this would be a caesar cipher or a simple rotation. Neither of these do a particularly good job of obfuscating the data though. An approach we have used in the past is essentially to replace the first 7 digits of the record with the ID so "415-000-0000" would become "415-123-4567" for user record 1234567
2. You have a table with some sensitive data and some not. Perhaps your users table. You wish to obfuscate emails only of non-engineers. To do this you need the context of the record.
3. You store phone numbers both normalized and "pretty". You need to consistently transform the number in both cases so that the normalized and pretty number are the same.

My thought is that one would modify lib/polo/translator.rb#L50 to pass new_field_value(field, strategy, instance), and call strategy with an optional second argument of strategy.call(value, instance). I believe this would be backwards compatible too.

I'm happy to build this myself, just want some assurance maintainers are open to it.

I'm getting this on every request. I tried a very simple case:

inserts = Polo.explore(User, 1)

I get this error on every model.

I'm using Rails 4.0.0 with Ruby 2.1.2

Hi,

I'm using globalize 3.1.0
with this gem I get a nil Exception within
cast_attribute. The error starts within
def raw_sql(record) because
record.column_for_attribute(key) for translated columns
returns nil.

Globalize offers a method translated_attributes to determine such attributes.
Is it possible to support globalize or simply skip columns without a database column?

Regards
Dieter

def intersection(attrs, fields)
  attrs & fields.to_a.flatten.map(&:to_s)
end

fields.to_a.flatten.map(&:to_s) does not yield the array-of-strings you are looking for... instead it yields:

Currently Polo's usage goes by Polo.explore(Product, 1). But, in some cases you might not be wanting to look for an specific ID but for objects that have a specific type of data, for example: Polo.explore(Product.most_popular). Or, in cases where you completely truncate a table and re-populate it often and you can't have static primary key values.

In that case it would be nice to be able to omit the ID parameter. Right now we can workaround this by doing: Polo.explore(Product.most_popular, Product.most_popular.pluck(:id)), but that looks very inefficient.

Another possibility would be to remove completely the ID param and only rely on scopes for that, like Polo.explore(Product.where(id: 1)), but I do see the value of having that param as a way to simplify the usage.

The SQL file Polo generates doesn't work with Postgres on my setup. I noticed there has been some discussion of support for Postgres already, but only partial support has been implemented. Can anyone fill in the the status of the support for Postgres?

AFAIK Polo relies on ActiveSupport::Notifications.subscribed to traverse the ActiveRecord tree. This works fine when associated data is small however in production scenario, we have experienced huge memory consumption as collect_sql stores everything in memory. I was wondering if others have similar issues and how they solved this? Also, are there plans to perhaps implement a streaming style methodology (e.g. probably using yield) in future?

I realized that after restoring the dump file generated by Polo, I still had to reset the id sequences postgres uses to determine the next id for a new record. This entails looking up the highest id number in the imported rows, and running the following command for every table:

ALTER SEQUENCE users_id_seq RESTART WITH 208

It would be great if Polo did this automatically, though.

Similar to #50, it looks like Rails 6 has broken/removed attributes_with_values_for_create

NoMethodError: undefined method `attributes_with_values_for_create' for #<User:0x00007f9a584e9310>

@charliepark - could you please add a section in the Advanced Usage area that describes the MySQL-specific feature where you can pass in update or ignore and have the importing respect the desired action when there are collisions of keys.

Can you add in some ability to require obfuscation for certain fields, across the board. This can be opt-in, but once it's been opted-in to a codebase, it should not be able to be bypassed. Right now, you can obfuscate with:

Polo::Traveler.collect(AR::Chef, 1).translate(obfuscate: [:email])

This makes it very easy for someone to accidentally forget the obfuscate call, potentially pulling sensitive data out of the production environment. Something done either in a configuration (for the entire project and all models) or declaratively per-model would make it impossible to get non-obfuscated data out.

I'm curious to know what cool stuff people are using Polo for.

• What environments are you generating data for?
• What version of Rails?
• How big is your final .sql file?
• What database are you using?
• How many database tables is Polo touching?
• How hard was it to find a good sample size?
• Are you using any advanced features?
• How are you running Polo in prod? rake task, rails runner, rails console, etc.
• Do you have an automated process to generate the files?
• How do you transfer your data across environments? Publishing artifacts, rsync, scp...

No need to answer everything, but I would love to know how people are using the library so we know what to prioritize.

Thank you for using Polo <3