RubyGems - activerecord - Versions diffs - 6.0.0 → 7.2.3 - Mend

activerecord 6.0.0 → 7.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (376) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +996 -594
data/MIT-LICENSE +1 -1
data/README.rdoc +34 -34
data/examples/performance.rb +2 -2
data/lib/active_record/aggregations.rb +22 -20
data/lib/active_record/association_relation.rb +22 -12
data/lib/active_record/associations/alias_tracker.rb +41 -30
data/lib/active_record/associations/association.rb +106 -41
data/lib/active_record/associations/association_scope.rb +30 -21
data/lib/active_record/associations/belongs_to_association.rb +69 -14
data/lib/active_record/associations/belongs_to_polymorphic_association.rb +20 -6
data/lib/active_record/associations/builder/association.rb +39 -6
data/lib/active_record/associations/builder/belongs_to.rb +47 -17
data/lib/active_record/associations/builder/collection_association.rb +14 -6
data/lib/active_record/associations/builder/has_and_belongs_to_many.rb +3 -10
data/lib/active_record/associations/builder/has_many.rb +7 -3
data/lib/active_record/associations/builder/has_one.rb +13 -16
data/lib/active_record/associations/builder/singular_association.rb +7 -3
data/lib/active_record/associations/collection_association.rb +90 -53
data/lib/active_record/associations/collection_proxy.rb +54 -19
data/lib/active_record/associations/disable_joins_association_scope.rb +59 -0
data/lib/active_record/associations/errors.rb +265 -0
data/lib/active_record/associations/foreign_association.rb +21 -1
data/lib/active_record/associations/has_many_association.rb +41 -10
data/lib/active_record/associations/has_many_through_association.rb +29 -12
data/lib/active_record/associations/has_one_association.rb +33 -9
data/lib/active_record/associations/has_one_through_association.rb +1 -1
data/lib/active_record/associations/join_dependency/join_association.rb +41 -17
data/lib/active_record/associations/join_dependency/join_part.rb +3 -3
data/lib/active_record/associations/join_dependency.rb +97 -54
data/lib/active_record/associations/nested_error.rb +47 -0
data/lib/active_record/associations/preloader/association.rb +237 -54
data/lib/active_record/associations/preloader/batch.rb +48 -0
data/lib/active_record/associations/preloader/branch.rb +153 -0
data/lib/active_record/associations/preloader/through_association.rb +51 -17
data/lib/active_record/associations/preloader.rb +55 -121
data/lib/active_record/associations/singular_association.rb +16 -4
data/lib/active_record/associations/through_association.rb +26 -15
data/lib/active_record/associations.rb +454 -440
data/lib/active_record/asynchronous_queries_tracker.rb +60 -0
data/lib/active_record/attribute_assignment.rb +11 -14
data/lib/active_record/attribute_methods/before_type_cast.rb +36 -11
data/lib/active_record/attribute_methods/composite_primary_key.rb +84 -0
data/lib/active_record/attribute_methods/dirty.rb +75 -34
data/lib/active_record/attribute_methods/primary_key.rb +53 -31
data/lib/active_record/attribute_methods/query.rb +31 -22
data/lib/active_record/attribute_methods/read.rb +16 -17
data/lib/active_record/attribute_methods/serialization.rb +177 -35
data/lib/active_record/attribute_methods/time_zone_conversion.rb +18 -15
data/lib/active_record/attribute_methods/write.rb +16 -28
data/lib/active_record/attribute_methods.rb +227 -100
data/lib/active_record/attributes.rb +94 -56
data/lib/active_record/autosave_association.rb +119 -73
data/lib/active_record/base.rb +31 -21
data/lib/active_record/callbacks.rb +168 -55
data/lib/active_record/coders/column_serializer.rb +61 -0
data/lib/active_record/coders/json.rb +1 -1
data/lib/active_record/coders/yaml_column.rb +70 -25
data/lib/active_record/connection_adapters/abstract/connection_handler.rb +284 -0
data/lib/active_record/connection_adapters/abstract/connection_pool/queue.rb +211 -0
data/lib/active_record/connection_adapters/abstract/connection_pool/reaper.rb +79 -0
data/lib/active_record/connection_adapters/abstract/connection_pool.rb +367 -565
data/lib/active_record/connection_adapters/abstract/database_limits.rb +3 -57
data/lib/active_record/connection_adapters/abstract/database_statements.rb +277 -89
data/lib/active_record/connection_adapters/abstract/query_cache.rb +241 -69
data/lib/active_record/connection_adapters/abstract/quoting.rb +122 -134
data/lib/active_record/connection_adapters/abstract/savepoints.rb +4 -3
data/lib/active_record/connection_adapters/abstract/schema_creation.rb +153 -116
data/lib/active_record/connection_adapters/abstract/schema_definitions.rb +324 -72
data/lib/active_record/connection_adapters/abstract/schema_dumper.rb +17 -4
data/lib/active_record/connection_adapters/abstract/schema_statements.rb +611 -211
data/lib/active_record/connection_adapters/abstract/transaction.rb +425 -82
data/lib/active_record/connection_adapters/abstract_adapter.rb +698 -211
data/lib/active_record/connection_adapters/abstract_mysql_adapter.rb +464 -239
data/lib/active_record/connection_adapters/column.rb +28 -1
data/lib/active_record/connection_adapters/deduplicable.rb +29 -0
data/lib/active_record/connection_adapters/mysql/column.rb +2 -1
data/lib/active_record/connection_adapters/mysql/database_statements.rb +32 -137
data/lib/active_record/connection_adapters/mysql/explain_pretty_printer.rb +1 -2
data/lib/active_record/connection_adapters/mysql/quoting.rb +90 -43
data/lib/active_record/connection_adapters/mysql/schema_creation.rb +41 -7
data/lib/active_record/connection_adapters/mysql/schema_definitions.rb +18 -1
data/lib/active_record/connection_adapters/mysql/schema_dumper.rb +13 -4
data/lib/active_record/connection_adapters/mysql/schema_statements.rb +53 -15
data/lib/active_record/connection_adapters/mysql/type_metadata.rb +10 -1
data/lib/active_record/connection_adapters/mysql2/database_statements.rb +152 -0
data/lib/active_record/connection_adapters/mysql2_adapter.rb +127 -63
data/lib/active_record/connection_adapters/pool_config.rb +83 -0
data/lib/active_record/connection_adapters/pool_manager.rb +57 -0
data/lib/active_record/connection_adapters/postgresql/column.rb +54 -2
data/lib/active_record/connection_adapters/postgresql/database_statements.rb +127 -100
data/lib/active_record/connection_adapters/postgresql/oid/array.rb +1 -2
data/lib/active_record/connection_adapters/postgresql/oid/cidr.rb +9 -5
data/lib/active_record/connection_adapters/postgresql/oid/date.rb +10 -2
data/lib/active_record/connection_adapters/postgresql/oid/date_time.rb +15 -2
data/lib/active_record/connection_adapters/postgresql/oid/enum.rb +0 -1
data/lib/active_record/connection_adapters/postgresql/oid/hstore.rb +53 -15
data/lib/active_record/connection_adapters/postgresql/oid/interval.rb +49 -0
data/lib/active_record/connection_adapters/postgresql/oid/legacy_point.rb +2 -3
data/lib/active_record/connection_adapters/postgresql/oid/macaddr.rb +25 -0
data/lib/active_record/connection_adapters/postgresql/oid/money.rb +5 -4
data/lib/active_record/connection_adapters/postgresql/oid/oid.rb +1 -1
data/lib/active_record/connection_adapters/postgresql/oid/point.rb +2 -3
data/lib/active_record/connection_adapters/postgresql/oid/range.rb +35 -8
data/lib/active_record/connection_adapters/postgresql/oid/specialized_string.rb +1 -1
data/lib/active_record/connection_adapters/postgresql/oid/timestamp.rb +15 -0
data/lib/active_record/connection_adapters/postgresql/oid/timestamp_with_time_zone.rb +30 -0
data/lib/active_record/connection_adapters/postgresql/oid/type_map_initializer.rb +18 -6
data/lib/active_record/connection_adapters/postgresql/oid/uuid.rb +23 -4
data/lib/active_record/connection_adapters/postgresql/oid.rb +4 -0
data/lib/active_record/connection_adapters/postgresql/quoting.rb +139 -106
data/lib/active_record/connection_adapters/postgresql/referential_integrity.rb +30 -2
data/lib/active_record/connection_adapters/postgresql/schema_creation.rb +98 -4
data/lib/active_record/connection_adapters/postgresql/schema_definitions.rb +176 -4
data/lib/active_record/connection_adapters/postgresql/schema_dumper.rb +78 -1
data/lib/active_record/connection_adapters/postgresql/schema_statements.rb +462 -118
data/lib/active_record/connection_adapters/postgresql/type_metadata.rb +8 -0
data/lib/active_record/connection_adapters/postgresql/utils.rb +9 -11
data/lib/active_record/connection_adapters/postgresql_adapter.rb +585 -295
data/lib/active_record/connection_adapters/schema_cache.rb +399 -60
data/lib/active_record/connection_adapters/sql_type_metadata.rb +8 -0
data/lib/active_record/connection_adapters/sqlite3/column.rb +62 -0
data/lib/active_record/connection_adapters/sqlite3/database_statements.rb +99 -48
data/lib/active_record/connection_adapters/sqlite3/quoting.rb +80 -54
data/lib/active_record/connection_adapters/sqlite3/schema_creation.rb +27 -1
data/lib/active_record/connection_adapters/sqlite3/schema_definitions.rb +20 -0
data/lib/active_record/connection_adapters/sqlite3/schema_dumper.rb +16 -0
data/lib/active_record/connection_adapters/sqlite3/schema_statements.rb +102 -24
data/lib/active_record/connection_adapters/sqlite3_adapter.rb +425 -174
data/lib/active_record/connection_adapters/statement_pool.rb +7 -1
data/lib/active_record/connection_adapters/trilogy/database_statements.rb +99 -0
data/lib/active_record/connection_adapters/trilogy_adapter.rb +229 -0
data/lib/active_record/connection_adapters.rb +176 -0
data/lib/active_record/connection_handling.rb +243 -115
data/lib/active_record/core.rb +481 -199
data/lib/active_record/counter_cache.rb +69 -32
data/lib/active_record/database_configurations/connection_url_resolver.rb +107 -0
data/lib/active_record/database_configurations/database_config.rb +77 -10
data/lib/active_record/database_configurations/hash_config.rb +148 -26
data/lib/active_record/database_configurations/url_config.rb +44 -45
data/lib/active_record/database_configurations.rb +190 -114
data/lib/active_record/delegated_type.rb +279 -0
data/lib/active_record/deprecator.rb +7 -0
data/lib/active_record/destroy_association_async_job.rb +38 -0
data/lib/active_record/disable_joins_association_relation.rb +39 -0
data/lib/active_record/dynamic_matchers.rb +5 -6
data/lib/active_record/encryption/auto_filtered_parameters.rb +66 -0
data/lib/active_record/encryption/cipher/aes256_gcm.rb +101 -0
data/lib/active_record/encryption/cipher.rb +53 -0
data/lib/active_record/encryption/config.rb +68 -0
data/lib/active_record/encryption/configurable.rb +60 -0
data/lib/active_record/encryption/context.rb +42 -0
data/lib/active_record/encryption/contexts.rb +76 -0
data/lib/active_record/encryption/derived_secret_key_provider.rb +18 -0
data/lib/active_record/encryption/deterministic_key_provider.rb +14 -0
data/lib/active_record/encryption/encryptable_record.rb +230 -0
data/lib/active_record/encryption/encrypted_attribute_type.rb +175 -0
data/lib/active_record/encryption/encrypted_fixtures.rb +38 -0
data/lib/active_record/encryption/encrypting_only_encryptor.rb +12 -0
data/lib/active_record/encryption/encryptor.rb +171 -0
data/lib/active_record/encryption/envelope_encryption_key_provider.rb +55 -0
data/lib/active_record/encryption/errors.rb +15 -0
data/lib/active_record/encryption/extended_deterministic_queries.rb +157 -0
data/lib/active_record/encryption/extended_deterministic_uniqueness_validator.rb +28 -0
data/lib/active_record/encryption/key.rb +28 -0
data/lib/active_record/encryption/key_generator.rb +53 -0
data/lib/active_record/encryption/key_provider.rb +46 -0
data/lib/active_record/encryption/message.rb +33 -0
data/lib/active_record/encryption/message_pack_message_serializer.rb +76 -0
data/lib/active_record/encryption/message_serializer.rb +96 -0
data/lib/active_record/encryption/null_encryptor.rb +25 -0
data/lib/active_record/encryption/properties.rb +76 -0
data/lib/active_record/encryption/read_only_null_encryptor.rb +28 -0
data/lib/active_record/encryption/scheme.rb +100 -0
data/lib/active_record/encryption.rb +58 -0
data/lib/active_record/enum.rb +224 -73
data/lib/active_record/errors.rb +254 -36
data/lib/active_record/explain.rb +30 -17
data/lib/active_record/explain_registry.rb +11 -6
data/lib/active_record/explain_subscriber.rb +2 -2
data/lib/active_record/fixture_set/file.rb +22 -15
data/lib/active_record/fixture_set/model_metadata.rb +15 -6
data/lib/active_record/fixture_set/render_context.rb +3 -1
data/lib/active_record/fixture_set/table_row.rb +88 -16
data/lib/active_record/fixture_set/table_rows.rb +4 -5
data/lib/active_record/fixtures.rb +229 -116
data/lib/active_record/future_result.rb +178 -0
data/lib/active_record/gem_version.rb +4 -4
data/lib/active_record/inheritance.rb +121 -48
data/lib/active_record/insert_all.rb +178 -29
data/lib/active_record/integration.rb +16 -14
data/lib/active_record/internal_metadata.rb +132 -21
data/lib/active_record/legacy_yaml_adapter.rb +3 -36
data/lib/active_record/locking/optimistic.rb +64 -33
data/lib/active_record/locking/pessimistic.rb +21 -8
data/lib/active_record/log_subscriber.rb +61 -30
data/lib/active_record/marshalling.rb +59 -0
data/lib/active_record/message_pack.rb +124 -0
data/lib/active_record/middleware/database_selector/resolver/session.rb +3 -0
data/lib/active_record/middleware/database_selector/resolver.rb +19 -19
data/lib/active_record/middleware/database_selector.rb +25 -13
data/lib/active_record/middleware/shard_selector.rb +62 -0
data/lib/active_record/migration/command_recorder.rb +160 -55
data/lib/active_record/migration/compatibility.rb +286 -43
data/lib/active_record/migration/default_strategy.rb +22 -0
data/lib/active_record/migration/execution_strategy.rb +19 -0
data/lib/active_record/migration/join_table.rb +1 -2
data/lib/active_record/migration/pending_migration_connection.rb +21 -0
data/lib/active_record/migration.rb +421 -193
data/lib/active_record/model_schema.rb +217 -125
data/lib/active_record/nested_attributes.rb +62 -27
data/lib/active_record/no_touching.rb +4 -4
data/lib/active_record/normalization.rb +163 -0
data/lib/active_record/persistence.rb +322 -319
data/lib/active_record/promise.rb +84 -0
data/lib/active_record/query_cache.rb +18 -15
data/lib/active_record/query_logs.rb +193 -0
data/lib/active_record/query_logs_formatter.rb +41 -0
data/lib/active_record/querying.rb +54 -14
data/lib/active_record/railtie.rb +250 -72
data/lib/active_record/railties/console_sandbox.rb +2 -4
data/lib/active_record/railties/controller_runtime.rb +25 -11
data/lib/active_record/railties/databases.rake +312 -197
data/lib/active_record/railties/job_runtime.rb +23 -0
data/lib/active_record/readonly_attributes.rb +45 -3
data/lib/active_record/reflection.rb +389 -146
data/lib/active_record/relation/batches/batch_enumerator.rb +61 -16
data/lib/active_record/relation/batches.rb +214 -73
data/lib/active_record/relation/calculations.rb +379 -124
data/lib/active_record/relation/delegation.rb +36 -23
data/lib/active_record/relation/finder_methods.rb +159 -49
data/lib/active_record/relation/from_clause.rb +5 -1
data/lib/active_record/relation/merger.rb +41 -33
data/lib/active_record/relation/predicate_builder/array_handler.rb +10 -11
data/lib/active_record/relation/predicate_builder/association_query_value.rb +42 -7
data/lib/active_record/relation/predicate_builder/polymorphic_array_value.rb +20 -13
data/lib/active_record/relation/predicate_builder/relation_handler.rb +5 -1
data/lib/active_record/relation/predicate_builder.rb +79 -53
data/lib/active_record/relation/query_attribute.rb +30 -12
data/lib/active_record/relation/query_methods.rb +1156 -279
data/lib/active_record/relation/record_fetch_warning.rb +12 -11
data/lib/active_record/relation/spawn_methods.rb +10 -9
data/lib/active_record/relation/where_clause.rb +100 -66
data/lib/active_record/relation.rb +829 -194
data/lib/active_record/result.rb +76 -56
data/lib/active_record/runtime_registry.rb +71 -13
data/lib/active_record/sanitization.rb +86 -47
data/lib/active_record/schema.rb +39 -23
data/lib/active_record/schema_dumper.rb +140 -33
data/lib/active_record/schema_migration.rb +74 -29
data/lib/active_record/scoping/default.rb +73 -19
data/lib/active_record/scoping/named.rb +10 -28
data/lib/active_record/scoping.rb +65 -35
data/lib/active_record/secure_password.rb +60 -0
data/lib/active_record/secure_token.rb +34 -8
data/lib/active_record/serialization.rb +11 -4
data/lib/active_record/signed_id.rb +138 -0
data/lib/active_record/statement_cache.rb +26 -10
data/lib/active_record/store.rb +19 -14
data/lib/active_record/suppressor.rb +15 -17
data/lib/active_record/table_metadata.rb +46 -36
data/lib/active_record/tasks/database_tasks.rb +371 -205
data/lib/active_record/tasks/mysql_database_tasks.rb +43 -36
data/lib/active_record/tasks/postgresql_database_tasks.rb +54 -41
data/lib/active_record/tasks/sqlite_database_tasks.rb +25 -13
data/lib/active_record/test_databases.rb +5 -4
data/lib/active_record/test_fixtures.rb +189 -104
data/lib/active_record/testing/query_assertions.rb +121 -0
data/lib/active_record/timestamp.rb +35 -25
data/lib/active_record/token_for.rb +123 -0
data/lib/active_record/touch_later.rb +31 -27
data/lib/active_record/transaction.rb +132 -0
data/lib/active_record/transactions.rb +131 -99
data/lib/active_record/translation.rb +3 -5
data/lib/active_record/type/adapter_specific_registry.rb +33 -18
data/lib/active_record/type/hash_lookup_type_map.rb +34 -2
data/lib/active_record/type/internal/timezone.rb +7 -2
data/lib/active_record/type/serialized.rb +11 -6
data/lib/active_record/type/time.rb +14 -0
data/lib/active_record/type/type_map.rb +17 -21
data/lib/active_record/type/unsigned_integer.rb +0 -1
data/lib/active_record/type.rb +7 -2
data/lib/active_record/type_caster/connection.rb +4 -5
data/lib/active_record/type_caster/map.rb +8 -5
data/lib/active_record/validations/absence.rb +1 -1
data/lib/active_record/validations/associated.rb +13 -8
data/lib/active_record/validations/numericality.rb +36 -0
data/lib/active_record/validations/presence.rb +5 -28
data/lib/active_record/validations/uniqueness.rb +88 -18
data/lib/active_record/validations.rb +15 -8
data/lib/active_record/version.rb +1 -1
data/lib/active_record.rb +446 -40
data/lib/arel/alias_predication.rb +1 -1
data/lib/arel/attributes/attribute.rb +4 -8
data/lib/arel/collectors/bind.rb +8 -1
data/lib/arel/collectors/composite.rb +15 -0
data/lib/arel/collectors/sql_string.rb +7 -0
data/lib/arel/collectors/substitute_binds.rb +7 -0
data/lib/arel/crud.rb +30 -22
data/lib/arel/delete_manager.rb +23 -4
data/lib/arel/errors.rb +10 -0
data/lib/arel/factory_methods.rb +4 -0
data/lib/arel/filter_predications.rb +9 -0
data/lib/arel/insert_manager.rb +2 -3
data/lib/arel/nodes/binary.rb +82 -9
data/lib/arel/nodes/bind_param.rb +8 -0
data/lib/arel/nodes/bound_sql_literal.rb +65 -0
data/lib/arel/nodes/casted.rb +22 -10
data/lib/arel/nodes/cte.rb +36 -0
data/lib/arel/nodes/delete_statement.rb +14 -13
data/lib/arel/nodes/equality.rb +6 -9
data/lib/arel/nodes/filter.rb +10 -0
data/lib/arel/nodes/fragments.rb +35 -0
data/lib/arel/nodes/function.rb +1 -0
data/lib/arel/nodes/grouping.rb +3 -0
data/lib/arel/nodes/homogeneous_in.rb +68 -0
data/lib/arel/nodes/in.rb +8 -1
data/lib/arel/nodes/infix_operation.rb +13 -1
data/lib/arel/nodes/insert_statement.rb +2 -2
data/lib/arel/nodes/join_source.rb +1 -1
data/lib/arel/nodes/leading_join.rb +8 -0
data/lib/arel/nodes/{and.rb → nary.rb} +9 -2
data/lib/arel/nodes/node.rb +122 -11
data/lib/arel/nodes/ordering.rb +27 -0
data/lib/arel/nodes/select_core.rb +2 -2
data/lib/arel/nodes/select_statement.rb +2 -2
data/lib/arel/nodes/sql_literal.rb +16 -0
data/lib/arel/nodes/table_alias.rb +11 -3
data/lib/arel/nodes/unary.rb +0 -1
data/lib/arel/nodes/update_statement.rb +11 -4
data/lib/arel/nodes.rb +10 -3
data/lib/arel/predications.rb +31 -28
data/lib/arel/select_manager.rb +18 -9
data/lib/arel/table.rb +21 -10
data/lib/arel/tree_manager.rb +8 -15
data/lib/arel/update_manager.rb +25 -5
data/lib/arel/visitors/dot.rb +94 -90
data/lib/arel/visitors/mysql.rb +34 -6
data/lib/arel/visitors/postgresql.rb +5 -16
data/lib/arel/visitors/sqlite.rb +25 -1
data/lib/arel/visitors/to_sql.rb +227 -81
data/lib/arel/visitors/visitor.rb +2 -3
data/lib/arel/visitors.rb +0 -7
data/lib/arel.rb +37 -15
data/lib/rails/generators/active_record/application_record/USAGE +8 -0
data/lib/rails/generators/active_record/application_record/application_record_generator.rb +0 -1
data/lib/rails/generators/active_record/application_record/templates/application_record.rb.tt +1 -1
data/lib/rails/generators/active_record/migration/migration_generator.rb +1 -0
data/lib/rails/generators/active_record/migration/templates/create_table_migration.rb.tt +6 -1
data/lib/rails/generators/active_record/migration/templates/migration.rb.tt +4 -4
data/lib/rails/generators/active_record/migration.rb +9 -3
data/lib/rails/generators/active_record/model/USAGE +113 -0
data/lib/rails/generators/active_record/model/model_generator.rb +49 -4
data/lib/rails/generators/active_record/model/templates/abstract_base_class.rb.tt +7 -0
data/lib/rails/generators/active_record/model/templates/model.rb.tt +1 -1
data/lib/rails/generators/active_record/model/templates/module.rb.tt +2 -2
data/lib/rails/generators/active_record/multi_db/multi_db_generator.rb +16 -0
data/lib/rails/generators/active_record/multi_db/templates/multi_db.rb.tt +44 -0
metadata +117 -30
data/lib/active_record/attribute_decorators.rb +0 -90
data/lib/active_record/connection_adapters/connection_specification.rb +0 -297
data/lib/active_record/connection_adapters/determine_if_preparable_visitor.rb +0 -29
data/lib/active_record/define_callbacks.rb +0 -22
data/lib/active_record/null_relation.rb +0 -68
data/lib/active_record/railties/collection_cache_association_loading.rb +0 -34
data/lib/active_record/relation/predicate_builder/base_handler.rb +0 -18
data/lib/active_record/relation/where_clause_factory.rb +0 -33
data/lib/arel/attributes.rb +0 -22
data/lib/arel/visitors/depth_first.rb +0 -204
data/lib/arel/visitors/ibm_db.rb +0 -34
data/lib/arel/visitors/informix.rb +0 -62
data/lib/arel/visitors/mssql.rb +0 -157
data/lib/arel/visitors/oracle.rb +0 -159
data/lib/arel/visitors/oracle12.rb +0 -66
data/lib/arel/visitors/where_sql.rb +0 -23

data/lib/active_record/encryption/encrypted_fixtures.rb ADDED Viewed

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    module EncryptedFixtures
+      def initialize(fixture, model_class)
+        @clean_values = {}
+        encrypt_fixture_data(fixture, model_class)
+        process_preserved_original_columns(fixture, model_class)
+        super
+      end
+      private
+        def encrypt_fixture_data(fixture, model_class)
+          model_class&.encrypted_attributes&.each do |attribute_name|
+            if clean_value = fixture[attribute_name.to_s]
+              @clean_values[attribute_name.to_s] = clean_value
+              type = model_class.type_for_attribute(attribute_name)
+              encrypted_value = type.serialize(clean_value)
+              fixture[attribute_name.to_s] = encrypted_value
+            end
+          end
+        end
+        def process_preserved_original_columns(fixture, model_class)
+          model_class&.encrypted_attributes&.each do |attribute_name|
+            if source_attribute_name = model_class.source_attribute_from_preserved_attribute(attribute_name)
+              clean_value = @clean_values[source_attribute_name.to_s]
+              type = model_class.type_for_attribute(attribute_name)
+              encrypted_value = type.serialize(clean_value)
+              fixture[attribute_name.to_s] = encrypted_value
+            end
+          end
+        end
+    end
+  end
+end

data/lib/active_record/encryption/encrypting_only_encryptor.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # An encryptor that can encrypt data but can't decrypt it.
+    class EncryptingOnlyEncryptor < Encryptor
+      def decrypt(encrypted_text, key_provider: nil, cipher_options: {})
+        encrypted_text
+      end
+    end
+  end
+end

data/lib/active_record/encryption/encryptor.rb ADDED Viewed

@@ -0,0 +1,171 @@
+# frozen_string_literal: true
+require "openssl"
+require "zlib"
+require "active_support/core_ext/numeric"
+module ActiveRecord
+  module Encryption
+    # An encryptor exposes the encryption API that ActiveRecord::Encryption::EncryptedAttributeType
+    # uses for encrypting and decrypting attribute values.
+    #
+    # It interacts with a KeyProvider for getting the keys, and delegate to
+    # ActiveRecord::Encryption::Cipher the actual encryption algorithm.
+    class Encryptor
+      # ==== Options
+      #
+      # [+:compress+]
+      #   Boolean indicating whether records should be compressed before
+      #   encryption. Defaults to +true+.
+      def initialize(compress: true)
+        @compress = compress
+      end
+      # Encrypts +clean_text+ and returns the encrypted result.
+      #
+      # Internally, it will:
+      #
+      # 1. Create a new ActiveRecord::Encryption::Message.
+      # 2. Compress and encrypt +clean_text+ as the message payload.
+      # 3. Serialize it with +ActiveRecord::Encryption.message_serializer+
+      #    (+ActiveRecord::Encryption::SafeMarshal+ by default).
+      # 4. Encode the result with Base64.
+      #
+      # ==== Options
+      #
+      # [+:key_provider+]
+      #   Key provider to use for the encryption operation. It will default to
+      #   +ActiveRecord::Encryption.key_provider+ when not provided.
+      #
+      # [+:cipher_options+]
+      #   Cipher-specific options that will be passed to the Cipher configured in
+      #   +ActiveRecord::Encryption.cipher+.
+      def encrypt(clear_text, key_provider: default_key_provider, cipher_options: {})
+        clear_text = force_encoding_if_needed(clear_text) if cipher_options[:deterministic]
+        validate_payload_type(clear_text)
+        serialize_message build_encrypted_message(clear_text, key_provider: key_provider, cipher_options: cipher_options)
+      end
+      # Decrypts an +encrypted_text+ and returns the result as clean text.
+      #
+      # ==== Options
+      #
+      # [+:key_provider+]
+      #   Key provider to use for the encryption operation. It will default to
+      #   +ActiveRecord::Encryption.key_provider+ when not provided.
+      #
+      # [+:cipher_options+]
+      #   Cipher-specific options that will be passed to the Cipher configured in
+      #   +ActiveRecord::Encryption.cipher+.
+      def decrypt(encrypted_text, key_provider: default_key_provider, cipher_options: {})
+        message = deserialize_message(encrypted_text)
+        keys = key_provider.decryption_keys(message)
+        raise Errors::Decryption unless keys.present?
+        uncompress_if_needed(cipher.decrypt(message, key: keys.collect(&:secret), **cipher_options), message.headers.compressed)
+      rescue *(ENCODING_ERRORS + DECRYPT_ERRORS)
+        raise Errors::Decryption
+      end
+      # Returns whether the text is encrypted or not.
+      def encrypted?(text)
+        deserialize_message(text)
+        true
+      rescue Errors::Encoding, *DECRYPT_ERRORS
+        false
+      end
+      def binary?
+        serializer.binary?
+      end
+      private
+        DECRYPT_ERRORS = [OpenSSL::Cipher::CipherError, Errors::EncryptedContentIntegrity, Errors::Decryption]
+        ENCODING_ERRORS = [EncodingError, Errors::Encoding]
+        THRESHOLD_TO_JUSTIFY_COMPRESSION = 140.bytes
+        def default_key_provider
+          ActiveRecord::Encryption.key_provider
+        end
+        def validate_payload_type(clear_text)
+          unless clear_text.is_a?(String)
+            raise ActiveRecord::Encryption::Errors::ForbiddenClass, "The encryptor can only encrypt string values (#{clear_text.class})"
+          end
+        end
+        def cipher
+          ActiveRecord::Encryption.cipher
+        end
+        def build_encrypted_message(clear_text, key_provider:, cipher_options:)
+          key = key_provider.encryption_key
+          clear_text, was_compressed = compress_if_worth_it(clear_text)
+          cipher.encrypt(clear_text, key: key.secret, **cipher_options).tap do |message|
+            message.headers.add(key.public_tags)
+            message.headers.compressed = true if was_compressed
+          end
+        end
+        def serialize_message(message)
+          serializer.dump(message)
+        end
+        def deserialize_message(message)
+          serializer.load message
+        rescue ArgumentError, TypeError, Errors::ForbiddenClass
+          raise Errors::Encoding
+        end
+        def serializer
+          ActiveRecord::Encryption.message_serializer
+        end
+        # Under certain threshold, ZIP compression is actually worse that not compressing
+        def compress_if_worth_it(string)
+          if compress? && string.bytesize > THRESHOLD_TO_JUSTIFY_COMPRESSION
+            [compress(string), true]
+          else
+            [string, false]
+          end
+        end
+        def compress?
+          @compress
+        end
+        def compress(data)
+          Zlib::Deflate.deflate(data).tap do |compressed_data|
+            compressed_data.force_encoding(data.encoding)
+          end
+        end
+        def uncompress_if_needed(data, compressed)
+          if compressed
+            uncompress(data)
+          else
+            data
+          end
+        end
+        def uncompress(data)
+          Zlib::Inflate.inflate(data).tap do |uncompressed_data|
+            uncompressed_data.force_encoding(data.encoding)
+          end
+        end
+        def force_encoding_if_needed(value)
+          if forced_encoding_for_deterministic_encryption && value && value.encoding != forced_encoding_for_deterministic_encryption
+            value.encode(forced_encoding_for_deterministic_encryption, invalid: :replace, undef: :replace)
+          else
+            value
+          end
+        end
+        def forced_encoding_for_deterministic_encryption
+          ActiveRecord::Encryption.config.forced_encoding_for_deterministic_encryption
+        end
+    end
+  end
+end

data/lib/active_record/encryption/envelope_encryption_key_provider.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # Implements a simple envelope encryption approach where:
+    #
+    # * It generates a random data-encryption key for each encryption operation.
+    # * It stores the generated key along with the encrypted payload. It encrypts this key
+    #   with the master key provided in the +active_record_encryption.primary_key+ credential.
+    #
+    # This provider can work with multiple master keys. It will use the last one for encrypting.
+    #
+    # When +config.active_record.encryption.store_key_references+ is true, it will also store a reference to
+    # the specific master key that was used to encrypt the data-encryption key. When not set,
+    # it will try all the configured master keys looking for the right one, in order to
+    # return the right decryption key.
+    class EnvelopeEncryptionKeyProvider
+      def encryption_key
+        random_secret = generate_random_secret
+        ActiveRecord::Encryption::Key.new(random_secret).tap do |key|
+          key.public_tags.encrypted_data_key = encrypt_data_key(random_secret)
+          key.public_tags.encrypted_data_key_id = active_primary_key.id if ActiveRecord::Encryption.config.store_key_references
+        end
+      end
+      def decryption_keys(encrypted_message)
+        secret = decrypt_data_key(encrypted_message)
+        secret ? [ActiveRecord::Encryption::Key.new(secret)] : []
+      end
+      def active_primary_key
+        @active_primary_key ||= primary_key_provider.encryption_key
+      end
+      private
+        def encrypt_data_key(random_secret)
+          ActiveRecord::Encryption.cipher.encrypt(random_secret, key: active_primary_key.secret)
+        end
+        def decrypt_data_key(encrypted_message)
+          encrypted_data_key = encrypted_message.headers.encrypted_data_key
+          key = primary_key_provider.decryption_keys(encrypted_message)&.collect(&:secret)
+          ActiveRecord::Encryption.cipher.decrypt encrypted_data_key, key: key if key
+        end
+        def primary_key_provider
+          @primary_key_provider ||= DerivedSecretKeyProvider.new(ActiveRecord::Encryption.config.primary_key)
+        end
+        def generate_random_secret
+          ActiveRecord::Encryption.key_generator.generate_random_key
+        end
+    end
+  end
+end

data/lib/active_record/encryption/errors.rb ADDED Viewed

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    module Errors
+      class Base < StandardError; end
+      class Encoding < Base; end
+      class Decryption < Base; end
+      class Encryption < Base; end
+      class Configuration < Base; end
+      class ForbiddenClass < Base; end
+      class EncryptedContentIntegrity < Base; end
+    end
+  end
+end

data/lib/active_record/encryption/extended_deterministic_queries.rb ADDED Viewed

@@ -0,0 +1,157 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # Automatically expand encrypted arguments to support querying both encrypted and unencrypted data
+    #
+    # Active Record \Encryption supports querying the db using deterministic attributes. For example:
+    #
+    #   Contact.find_by(email_address: "jorge@hey.com")
+    #
+    # The value "jorge@hey.com" will get encrypted automatically to perform the query. But there is
+    # a problem while the data is being encrypted. This won't work. During that time, you need these
+    # queries to be:
+    #
+    #   Contact.find_by(email_address: [ "jorge@hey.com", "<encrypted jorge@hey.com>" ])
+    #
+    # This patches ActiveRecord to support this automatically. It addresses both:
+    #
+    # * ActiveRecord::Base - Used in <tt>Contact.find_by_email_address(...)</tt>
+    # * ActiveRecord::Relation - Used in <tt>Contact.internal.find_by_email_address(...)</tt>
+    #
+    # This module is included if `config.active_record.encryption.extend_queries` is `true`.
+    module ExtendedDeterministicQueries
+      def self.install_support
+        # ActiveRecord::Base relies on ActiveRecord::Relation (ActiveRecord::QueryMethods) but it does
+        # some prepared statements caching. That's why we need to intercept +ActiveRecord::Base+ as soon
+        # as it's invoked (so that the proper prepared statement is cached).
+        ActiveRecord::Relation.prepend(RelationQueries)
+        ActiveRecord::Base.include(CoreQueries)
+        ActiveRecord::Encryption::EncryptedAttributeType.prepend(ExtendedEncryptableType)
+      end
+      # When modifying this file run performance tests in
+      # +activerecord/test/cases/encryption/performance/extended_deterministic_queries_performance_test.rb+
+      # to make sure performance overhead is acceptable.
+      #
+      # @TODO We will extend this to support previous "encryption context" versions in future iterations
+      # @TODO Experimental. Support for every kind of query is pending
+      # @TODO It should not patch anything if not needed (no previous schemes or no support for previous encryption schemes)
+      module EncryptedQuery # :nodoc:
+        class << self
+          def process_arguments(owner, args, check_for_additional_values)
+            return args if owner.deterministic_encrypted_attributes&.empty?
+            if args.is_a?(Array) && (options = args.first).is_a?(Hash)
+              options = options.transform_keys do |key|
+                if key.is_a?(Array)
+                  key.map(&:to_s)
+                else
+                  key.to_s
+                end
+              end
+              args[0] = options
+              owner.deterministic_encrypted_attributes&.each do |attribute_name|
+                attribute_name = attribute_name.to_s
+                type = owner.type_for_attribute(attribute_name)
+                if !type.previous_types.empty? && value = options[attribute_name]
+                  options[attribute_name] = process_encrypted_query_argument(value, check_for_additional_values, type)
+                end
+              end
+            end
+            args
+          end
+          private
+            def process_encrypted_query_argument(value, check_for_additional_values, type)
+              return value if check_for_additional_values && value.is_a?(Array) && value.last.is_a?(AdditionalValue)
+              case value
+              when String, Array
+                list = Array(value)
+                list + list.flat_map do |each_value|
+                  if check_for_additional_values && each_value.is_a?(AdditionalValue)
+                    each_value
+                  else
+                    additional_values_for(each_value, type)
+                  end
+                end
+              else
+                value
+              end
+            end
+            def additional_values_for(value, type)
+              type.previous_types.collect do |additional_type|
+                AdditionalValue.new(value, additional_type)
+              end
+            end
+        end
+      end
+      module RelationQueries
+        def where(*args)
+          super(*EncryptedQuery.process_arguments(self, args, true))
+        end
+        def exists?(*args)
+          super(*EncryptedQuery.process_arguments(self, args, true))
+        end
+        def scope_for_create
+          return super unless klass.deterministic_encrypted_attributes&.any?
+          scope_attributes = super
+          wheres = where_values_hash
+          klass.deterministic_encrypted_attributes.each do |attribute_name|
+            attribute_name = attribute_name.to_s
+            values = wheres[attribute_name]
+            if values.is_a?(Array) && values[1..].all?(AdditionalValue)
+              scope_attributes[attribute_name] = values.first
+            end
+          end
+          scope_attributes
+        end
+      end
+      module CoreQueries
+        extend ActiveSupport::Concern
+        class_methods do
+          def find_by(*args)
+            super(*EncryptedQuery.process_arguments(self, args, false))
+          end
+        end
+      end
+      class AdditionalValue
+        attr_reader :value, :type
+        def initialize(value, type)
+          @type = type
+          @value = process(value)
+        end
+        private
+          def process(value)
+            type.serialize(value)
+          end
+      end
+      module ExtendedEncryptableType
+        def serialize(data)
+          if data.is_a?(AdditionalValue)
+            data.value
+          else
+            super
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_record/encryption/extended_deterministic_uniqueness_validator.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    module ExtendedDeterministicUniquenessValidator
+      def self.install_support
+        ActiveRecord::Validations::UniquenessValidator.prepend(EncryptedUniquenessValidator)
+      end
+      module EncryptedUniquenessValidator
+        def validate_each(record, attribute, value)
+          super(record, attribute, value)
+          klass = record.class
+          if klass.deterministic_encrypted_attributes&.include?(attribute)
+            encrypted_type = klass.type_for_attribute(attribute)
+            encrypted_type.previous_types.each do |type|
+              encrypted_value = type.serialize(value)
+              ActiveRecord::Encryption.without_encryption do
+                super(record, attribute, encrypted_value)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_record/encryption/key.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A key is a container for a given +secret+
+    #
+    # Optionally, it can include +public_tags+. These tags are meant to be stored
+    # in clean (public) and can be used, for example, to include information that
+    # references the key for a future retrieval operation.
+    class Key
+      attr_reader :secret, :public_tags
+      def initialize(secret)
+        @secret = secret
+        @public_tags = Properties.new
+      end
+      def self.derive_from(password)
+        secret = ActiveRecord::Encryption.key_generator.derive_key_from(password)
+        ActiveRecord::Encryption::Key.new(secret)
+      end
+      def id
+        Digest::SHA1.hexdigest(secret).first(4)
+      end
+    end
+  end
+end

data/lib/active_record/encryption/key_generator.rb ADDED Viewed

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+require "securerandom"
+module ActiveRecord
+  module Encryption
+    # Utility for generating and deriving random keys.
+    class KeyGenerator
+      attr_reader :hash_digest_class
+      def initialize(hash_digest_class: ActiveRecord::Encryption.config.hash_digest_class)
+        @hash_digest_class = hash_digest_class
+      end
+      # Returns a random key. The key will have a size in bytes of +:length+ (configured +Cipher+'s length by default)
+      def generate_random_key(length: key_length)
+        SecureRandom.random_bytes(length)
+      end
+      # Returns a random key in hexadecimal format. The key will have a size in bytes of +:length+ (configured +Cipher+'s
+      # length by default)
+      #
+      # Hexadecimal format is handy for representing keys as printable text. To maximize the space of characters used, it is
+      # good practice including not printable characters. Hexadecimal format ensures that generated keys are representable with
+      # plain text
+      #
+      # To convert back to the original string with the desired length:
+      #
+      #   [ value ].pack("H*")
+      def generate_random_hex_key(length: key_length)
+        generate_random_key(length: length).unpack("H*")[0]
+      end
+      # Derives a key from the given password. The key will have a size in bytes of +:length+ (configured +Cipher+'s length
+      # by default)
+      #
+      # The generated key will be salted with the value of +ActiveRecord::Encryption.key_derivation_salt+
+      def derive_key_from(password, length: key_length)
+        ActiveSupport::KeyGenerator.new(password, hash_digest_class: hash_digest_class)
+          .generate_key(key_derivation_salt, length)
+      end
+      private
+        def key_derivation_salt
+          @key_derivation_salt ||= ActiveRecord::Encryption.config.key_derivation_salt
+        end
+        def key_length
+          @key_length ||= ActiveRecord::Encryption.cipher.key_length
+        end
+    end
+  end
+end

data/lib/active_record/encryption/key_provider.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A +KeyProvider+ serves keys:
+    #
+    # * An encryption key
+    # * A list of potential decryption keys. Serving multiple decryption keys supports rotation-schemes
+    #   where new keys are added but old keys need to continue working
+    class KeyProvider
+      def initialize(keys)
+        @keys = Array(keys)
+      end
+      # Returns the last key in the list as the active key to perform encryptions
+      #
+      # When +ActiveRecord::Encryption.config.store_key_references+ is true, the key will include
+      # a public tag referencing the key itself. That key will be stored in the public
+      # headers of the encrypted message
+      def encryption_key
+        @encryption_key ||= @keys.last.tap do |key|
+          key.public_tags.encrypted_data_key_id = key.id if ActiveRecord::Encryption.config.store_key_references
+        end
+        @encryption_key
+      end
+      # Returns the list of decryption keys
+      #
+      # When the message holds a reference to its encryption key, it will return an array
+      # with that key. If not, it will return the list of keys.
+      def decryption_keys(encrypted_message)
+        if encrypted_message.headers.encrypted_data_key_id
+          keys_grouped_by_id[encrypted_message.headers.encrypted_data_key_id]
+        else
+          @keys
+        end
+      end
+      private
+        def keys_grouped_by_id
+          @keys_grouped_by_id ||= @keys.group_by(&:id)
+        end
+    end
+  end
+end

data/lib/active_record/encryption/message.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A message defines the structure of the data we store in encrypted attributes. It contains:
+    #
+    # * An encrypted payload
+    # * A list of unencrypted headers
+    #
+    # See Encryptor#encrypt
+    class Message
+      attr_accessor :payload, :headers
+      def initialize(payload: nil, headers: {})
+        validate_payload_type(payload)
+        @payload = payload
+        @headers = Properties.new(headers)
+      end
+      def ==(other_message)
+        payload == other_message.payload && headers == other_message.headers
+      end
+      private
+        def validate_payload_type(payload)
+          unless payload.is_a?(String) || payload.nil?
+            raise ActiveRecord::Encryption::Errors::ForbiddenClass, "Only string payloads allowed"
+          end
+        end
+    end
+  end
+end