Interface ParameterRedactor
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
This is display-only: it does not change what is bound to the database. Pyranid never invokes a
ParameterRedactor for SecureParameter values; SecureParameter.getMask() always wins. For batch
executions, Pyranid renders a bounded batch summary and does not invoke this redactor for individual batch values.
Scope. A ParameterRedactor governs Pyranid's rendering of its own parameters=[...]
diagnostic list only. It does not reach text the database driver itself produces: driver error messages can
echo bound values (for example, constraint-violation detail), and only values explicitly wrapped with
Parameters.secure(Object) trigger Pyranid's best-effort scrub of driver-echoed text - see SecureParameter
for that mechanism and its limits. Note that under the default none(), non-secure values render verbatim
in statement logs and exception text; configure redactAll() or a custom redactor if diagnostics may leave
a trusted boundary.
Redaction failures are fail-fast. If an implementation throws, Pyranid propagates the failure from the diagnostic rendering call site.
- Since:
- 4.4.0
- Author:
- Mark Allen
-
Method Summary
Modifier and TypeMethodDescriptionstatic @NonNull ParameterRedactornone()Acquires the default redactor, which renders non-secure values verbatim for non-batch executions.static @NonNull ParameterRedactorAcquires a redactor that masks every non-secure value as<redacted>.@Nullable ObjectredactParameter(@NonNull StatementContext<?> statementContext, int parameterIndex, @Nullable Object parameter) Redacts a single non-secure parameter for diagnostics.
-
Method Details
-
redactParameter
@Nullable Object redactParameter(@NonNull StatementContext<?> statementContext, int parameterIndex, @Nullable Object parameter) Redacts a single non-secure parameter for diagnostics.- Parameters:
statementContext- current SQL contextparameterIndex- zero-based index intoStatementContext.getParameters()after IN-list expansionparameter- parameter value to render safely- Returns:
- the safe display value
-
none
Acquires the default redactor, which renders non-secure values verbatim for non-batch executions.- Returns:
- the default redactor
-
redactAll
Acquires a redactor that masks every non-secure value as<redacted>.- Returns:
- a redactor that masks every non-secure value
-