Support regexes in model whitelist

RegioHelden · May 30, 2024 · 777f65e · 777f65e
1 parent 95f8540
commit 777f65e
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -308,6 +308,8 @@ and booleans (usually) can't contain sensitive personal data. These fields will
 
 Whitelists a list of models which will not be checked during `scrub_validation` and when 
 activating the strict mode. Defaults to the non-privacy-related Django base models.
+Items can either be full model names (e.g. `auth.Group`) or regular expression patterns matching
+against the full model name (e.g. `re.compile(auth.*)` to whitelist all auth models).
 
 (default: ['auth.Group', 'auth.Permission', 'contenttypes.ContentType', 'sessions.Session', 'sites.Site', 
 'django_scrubber.FakeData',))

diff --git a/django_scrubber/services/validator.py b/django_scrubber/services/validator.py
@@ -1,3 +1,5 @@
+import re
+
 from django.apps import apps
 
 from django_scrubber import settings_with_fallback
@@ -8,6 +10,15 @@ class ScrubberValidatorService:
     Service to validate if all text-based fields are being scrubbed within your project and dependencies.
     """
 
+    @staticmethod
+    def check_pattern(pattern: str | re.Pattern, value):
+        if isinstance(pattern, str):
+            return pattern == value
+        elif isinstance(pattern, re.Pattern):
+            return pattern.fullmatch(value)
+        else:
+            raise ValueError("Invalid pattern type")
+
     def process(self) -> dict:
         from django_scrubber.management.commands.scrub_data import _get_model_scrubbers
 
@@ -24,7 +35,10 @@ def process(self) -> dict:
         for model in model_list:
 
             # Check if model is whitelisted
-            if model._meta.label in model_whitelist:
+            if any(
+                self.check_pattern(pattern, model._meta.label)
+                for pattern in model_whitelist
+            ):
                 continue
 
             text_based_fields = []

diff --git a/tests/services/test_validator.py b/tests/services/test_validator.py
@@ -1,3 +1,5 @@
+import re
+
 try:
     from unittest import mock
 except ImportError:
@@ -62,3 +64,14 @@ def test_process_scrubber_required_field_type_variable_used(self):
         result = service.process()
 
         self.assertEqual(len(result), 0)
+
+    @override_settings(
+        SCRUBBER_REQUIRED_FIELD_MODEL_WHITELIST=[re.compile("auth.*")],
+    )
+    def test_process_scrubber_required_field_model_whitelist_regex(self):
+        service = ScrubberValidatorService()
+        result = service.process()
+
+        model_list = tuple(result.keys())
+        self.assertNotIn('auth.User', model_list)
+        self.assertNotIn('auth.Permission', model_list)