activerecord 6.1.4.1 → 7.0.0.rc2

data/lib/active_record/database_configurations.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "uri"
 require "active_record/database_configurations/database_config"
 require "active_record/database_configurations/hash_config"
 require "active_record/database_configurations/url_config"
@@ -20,7 +21,7 @@ module ActiveRecord
     end
 
     # Collects the configs for the environment and optionally the specification
-    # name passed in. To include replica configurations pass <tt>include_replicas: true</tt>.
+    # name passed in. To include replica configurations pass <tt>include_hidden: true</tt>.
     #
     # If a name is provided a single DatabaseConfig object will be
     # returned, otherwise an array of DatabaseConfig objects will be
@@ -33,22 +34,26 @@ module ActiveRecord
     # * <tt>name:</tt> The db config name (i.e. primary, animals, etc.). Defaults
     #   to +nil+. If no +env_name+ is specified the config for the default env and the
     #   passed +name+ will be returned.
-    # * <tt>include_replicas:</tt> Determines whether to include replicas in
+    # * <tt>include_replicas:</tt> Deprecated. Determines whether to include replicas in
     #   the returned list. Most of the time we're only iterating over the write
     #   connection (i.e. migrations don't need to run for the write and read connection).
     #   Defaults to +false+.
-    def configs_for(env_name: nil, spec_name: nil, name: nil, include_replicas: false)
-      if spec_name
-        name = spec_name
-        ActiveSupport::Deprecation.warn("The kwarg `spec_name` is deprecated in favor of `name`. `spec_name` will be removed in Rails 6.2")
+    # * <tt>include_hidden:</tte Determines whether to include replicas and configurations
+    #   hidden by +database_tasks: false+ in the returned list. Most of the time we're only
+    #   iterating over the primary connections (i.e. migrations don't need to run for the
+    #   write and read connection). Defaults to +false+.
+    def configs_for(env_name: nil, name: nil, include_replicas: false, include_hidden: false)
+      if include_replicas
+        include_hidden = include_replicas
+        ActiveSupport::Deprecation.warn("The kwarg `include_replicas` is deprecated in favor of `include_hidden`. When `include_hidden` is passed, configurations with `replica: true` or `database_tasks: false` will be returned. `include_replicas` will be removed in Rails 7.1.")
       end
 
       env_name ||= default_env if name
       configs = env_with_configs(env_name)
 
-      unless include_replicas
+      unless include_hidden
         configs = configs.select do |db_config|
-          !db_config.replica?
+          db_config.database_tasks?
         end
       end
 
@@ -61,19 +66,6 @@ module ActiveRecord
       end
     end
 
-    # Returns the config hash that corresponds with the environment
-    #
-    # If the application has multiple databases +default_hash+ will
-    # return the first config hash for the environment.
-    #
-    #   { database: "my_db", adapter: "mysql2" }
-    def default_hash(env = default_env)
-      default = find_db_config(env)
-      default.configuration_hash if default
-    end
-    alias :[] :default_hash
-    deprecate "[]": "Use configs_for", default_hash: "Use configs_for"
-
     # Returns a single DatabaseConfig object based on the requested environment.
     #
     # If the application has multiple databases +find_db_config+ will return
@@ -100,14 +92,6 @@ module ActiveRecord
       first_config && name == first_config.name
     end
 
-    # Returns the DatabaseConfigurations object as a Hash.
-    def to_h
-      configurations.inject({}) do |memo, db_config|
-        memo.merge(db_config.env_name => db_config.configuration_hash.stringify_keys)
-      end
-    end
-    deprecate to_h: "You can use `ActiveRecord::Base.configurations.configs_for(env_name: 'env', name: 'primary').configuration_hash` to get the configuration hashes."
-
     # Checks if the application's configurations are empty.
     #
     # Aliased to blank?
@@ -166,7 +150,7 @@ module ActiveRecord
         return configs if configs.is_a?(Array)
 
         db_configs = configs.flat_map do |env_name, config|
-          if config.is_a?(Hash) && config.all? { |_, v| v.is_a?(Hash) }
+          if config.is_a?(Hash) && config.values.all?(Hash)
             walk_configs(env_name.to_s, config)
           else
             build_db_config_from_raw_config(env_name.to_s, "primary", config)
@@ -193,7 +177,7 @@ module ActiveRecord
           raise AdapterNotSpecified, <<~MSG
             The `#{name}` database is not configured for the `#{default_env}` environment.
 
-              Available databases configurations are:
+              Available database configurations are:
 
               #{build_configuration_sentence}
           MSG
@@ -201,7 +185,7 @@ module ActiveRecord
       end
 
       def build_configuration_sentence
-        configs = configs_for(include_replicas: true)
+        configs = configs_for(include_hidden: true)
 
         configs.group_by(&:env_name).map do |env, config|
           names = config.map(&:name)

data/lib/active_record/delegated_type.rb

@@ -51,10 +51,9 @@ module ActiveRecord
   #     end
   #   end
   #
-  #   # Schema: messages[ id, subject ]
+  #   # Schema: messages[ id, subject, body ]
   #   class Message < ApplicationRecord
   #     include Entryable
-  #     has_rich_text :content
   #   end
   #
   #   # Schema: comments[ id, content ]
@@ -66,7 +65,7 @@ module ActiveRecord
   # resides in the +Entry+ "superclass". But the +Entry+ absolutely can stand alone in terms of querying capacity
   # in particular. You can now easily do things like:
   #
-  #   Account.entries.order(created_at: :desc).limit(50)
+  #   Account.find(1).entries.order(created_at: :desc).limit(50)
   #
   # Which is exactly what you want when displaying both comments and messages together. The entry itself can
   # be rendered as its delegated type easily, like so:
@@ -76,7 +75,9 @@ module ActiveRecord
   #
   #   # entries/entryables/_message.html.erb
   #   <div class="message">
-  #     Posted on <%= entry.created_at %> by <%= entry.creator.name %>: <%= entry.message.content %>
+  #     <div class="subject"><%= entry.message.subject %></div>
+  #     <p><%= entry.message.body %></p>
+  #     <i>Posted on <%= entry.created_at %> by <%= entry.creator.name %></i>
   #   </div>
   #
   #   # entries/entryables/_comment.html.erb
@@ -136,6 +137,21 @@ module ActiveRecord
   #   end
   #
   # Now you can list a bunch of entries, call +Entry#title+, and polymorphism will provide you with the answer.
+  #
+  # == Nested Attributes
+  #
+  # Enabling nested attributes on a delegated_type association allows you to
+  # create the entry and message in one go:
+  #
+  #   class Entry < ApplicationRecord
+  #     delegated_type :entryable, types: %w[ Message Comment ]
+  #     accepts_nested_attributes_for :entryable
+  #   end
+  #
+  #   params = { entry: { entryable_type: 'Message', entryable_attributes: { subject: 'Smiling' } } }
+  #   entry = Entry.create(params[:entry])
+  #   entry.entryable.id # => 2
+  #   entry.entryable.subject # => 'Smiling'
   module DelegatedType
     # Defines this as a class that'll delegate its type for the passed +role+ to the class references in +types+.
     # That'll create a polymorphic +belongs_to+ relationship to that +role+, and it'll add all the delegated
@@ -156,8 +172,6 @@ module ActiveRecord
     #   Entry#comment         # => returns the comment record, when entryable_type == "Comment", otherwise nil
     #   Entry#comment_id      # => returns entryable_id, when entryable_type == "Comment", otherwise nil
     #
-    # The +options+ are passed directly to the +belongs_to+ call, so this is where you declare +dependent+ etc.
-    #
     # You can also declare namespaced types:
     #
     #   class Entry < ApplicationRecord
@@ -167,15 +181,38 @@ module ActiveRecord
     #   Entry.access_notice_messages
     #   entry.access_notice_message
     #   entry.access_notice_message?
+    #
+    # === Options
+    #
+    # The +options+ are passed directly to the +belongs_to+ call, so this is where you declare +dependent+ etc.
+    # The following options can be included to specialize the behavior of the delegated type convenience methods.
+    #
+    # [:foreign_key]
+    #   Specify the foreign key used for the convenience methods. By default this is guessed to be the passed
+    #   +role+ with an "_id" suffix. So a class that defines a
+    #   <tt>delegated_type :entryable, types: %w[ Message Comment ]</tt> association will use "entryable_id" as
+    #   the default <tt>:foreign_key</tt>.
+    # [:primary_key]
+    #   Specify the method that returns the primary key of associated object used for the convenience methods.
+    #   By default this is +id+.
+    #
+    # Option examples:
+    #   class Entry < ApplicationRecord
+    #     delegated_type :entryable, types: %w[ Message Comment ], primary_key: :uuid, foreign_key: :entryable_uuid
+    #   end
+    #
+    #   Entry#message_uuid      # => returns entryable_uuid, when entryable_type == "Message", otherwise nil
+    #   Entry#comment_uuid      # => returns entryable_uuid, when entryable_type == "Comment", otherwise nil
     def delegated_type(role, types:, **options)
       belongs_to role, options.delete(:scope), **options.merge(polymorphic: true)
-      define_delegated_type_methods role, types: types
+      define_delegated_type_methods role, types: types, options: options
     end
 
     private
-      def define_delegated_type_methods(role, types:)
+      def define_delegated_type_methods(role, types:, options:)
+        primary_key = options[:primary_key] || "id"
         role_type = "#{role}_type"
-        role_id   = "#{role}_id"
+        role_id   = options[:foreign_key] || "#{role}_id"
 
         define_method "#{role}_class" do
           public_send("#{role}_type").constantize
@@ -185,8 +222,12 @@ module ActiveRecord
           public_send("#{role}_class").model_name.singular.inquiry
         end
 
+        define_method "build_#{role}" do |*params|
+          public_send("#{role}=", public_send("#{role}_class").new(*params))
+        end
+
         types.each do |type|
-          scope_name = type.tableize.gsub("/", "_")
+          scope_name = type.tableize.tr("/", "_")
           singular   = scope_name.singularize
           query      = "#{singular}?"
 
@@ -200,7 +241,7 @@ module ActiveRecord
             public_send(role) if public_send(query)
           end
 
-          define_method "#{singular}_id" do
+          define_method "#{singular}_#{primary_key}" do
             public_send(role_id) if public_send(query)
           end
         end

data/lib/active_record/destroy_association_async_job.rb

@@ -6,7 +6,7 @@ module ActiveRecord
 
   # Job to destroy the records associated with a destroyed record in background.
   class DestroyAssociationAsyncJob < ActiveJob::Base
-    queue_as { ActiveRecord::Base.queues[:destroy] }
+    queue_as { ActiveRecord.queues[:destroy] }
 
     discard_on ActiveJob::DeserializationError
 

data/lib/active_record/disable_joins_association_relation.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  class DisableJoinsAssociationRelation < Relation # :nodoc:
+    attr_reader :ids, :key
+
+    def initialize(klass, key, ids)
+      @ids = ids.uniq
+      @key = key
+      super(klass)
+    end
+
+    def limit(value)
+      records.take(value)
+    end
+
+    def first(limit = nil)
+      if limit
+        records.limit(limit).first
+      else
+        records.first
+      end
+    end
+
+    def load
+      super
+      records = @records
+
+      records_by_id = records.group_by do |record|
+        record[key]
+      end
+
+      records = ids.flat_map { |id| records_by_id[id.to_i] }
+      records.compact!
+
+      @records = records
+    end
+  end
+end

data/lib/active_record/dynamic_matchers.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module ActiveRecord
-  module DynamicMatchers #:nodoc:
+  module DynamicMatchers # :nodoc:
     private
       def respond_to_missing?(name, _)
         if self == Base

data/lib/active_record/encryption/cipher/aes256_gcm.rb

@@ -0,0 +1,98 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "base64"
+
+module ActiveRecord
+  module Encryption
+    class Cipher
+      # A 256-GCM cipher.
+      #
+      # By default it will use random initialization vectors. For deterministic encryption, it will use a SHA-256 hash of
+      # the text to encrypt and the secret.
+      #
+      # See +Encryptor+
+      class Aes256Gcm
+        CIPHER_TYPE = "aes-256-gcm"
+
+        class << self
+          def key_length
+            OpenSSL::Cipher.new(CIPHER_TYPE).key_len
+          end
+
+          def iv_length
+            OpenSSL::Cipher.new(CIPHER_TYPE).iv_len
+          end
+        end
+
+        # When iv not provided, it will generate a random iv on each encryption operation (default and
+        # recommended operation)
+        def initialize(secret, deterministic: false)
+          @secret = secret
+          @deterministic = deterministic
+        end
+
+        def encrypt(clear_text)
+          # This code is extracted from +ActiveSupport::MessageEncryptor+. Not using it directly because we want to control
+          # the message format and only serialize things once at the +ActiveRecord::Encryption::Message+ level. Also, this
+          # cipher is prepared to deal with deterministic/non deterministic encryption modes.
+
+          cipher = OpenSSL::Cipher.new(CIPHER_TYPE)
+          cipher.encrypt
+          cipher.key = @secret
+
+          iv = generate_iv(cipher, clear_text)
+          cipher.iv = iv
+
+          encrypted_data = clear_text.empty? ? clear_text.dup : cipher.update(clear_text)
+          encrypted_data << cipher.final
+
+          ActiveRecord::Encryption::Message.new(payload: encrypted_data).tap do |message|
+            message.headers.iv = iv
+            message.headers.auth_tag = cipher.auth_tag
+          end
+        end
+
+        def decrypt(encrypted_message)
+          encrypted_data = encrypted_message.payload
+          iv = encrypted_message.headers.iv
+          auth_tag = encrypted_message.headers.auth_tag
+
+          # Currently the OpenSSL bindings do not raise an error if auth_tag is
+          # truncated, which would allow an attacker to easily forge it. See
+          # https://github.com/ruby/openssl/issues/63
+          raise ActiveRecord::Encryption::Errors::EncryptedContentIntegrity if auth_tag.nil? || auth_tag.bytes.length != 16
+
+          cipher = OpenSSL::Cipher.new(CIPHER_TYPE)
+
+          cipher.decrypt
+          cipher.key = @secret
+          cipher.iv = iv
+
+          cipher.auth_tag = auth_tag
+          cipher.auth_data = ""
+
+          decrypted_data = encrypted_data.empty? ? encrypted_data : cipher.update(encrypted_data)
+          decrypted_data << cipher.final
+
+          decrypted_data
+        rescue OpenSSL::Cipher::CipherError, TypeError, ArgumentError
+          raise ActiveRecord::Encryption::Errors::Decryption
+        end
+
+        private
+          def generate_iv(cipher, clear_text)
+            if @deterministic
+              generate_deterministic_iv(clear_text)
+            else
+              cipher.random_iv
+            end
+          end
+
+          def generate_deterministic_iv(clear_text)
+            OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, @secret, clear_text)[0, ActiveRecord::Encryption.cipher.iv_length]
+          end
+      end
+    end
+  end
+end

data/lib/active_record/encryption/cipher.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module Encryption
+    # The algorithm used for encrypting and decrypting +Message+ objects.
+    #
+    # It uses AES-256-GCM. It will generate a random IV for non deterministic encryption (default)
+    # or derive an initialization vector from the encrypted content for deterministic encryption.
+    #
+    # See +Cipher::Aes256Gcm+.
+    class Cipher
+      DEFAULT_ENCODING = Encoding::UTF_8
+
+      # Encrypts the provided text and return an encrypted +Message+.
+      def encrypt(clean_text, key:, deterministic: false)
+        cipher_for(key, deterministic: deterministic).encrypt(clean_text).tap do |message|
+          message.headers.encoding = clean_text.encoding.name unless clean_text.encoding == DEFAULT_ENCODING
+        end
+      end
+
+      # Decrypt the provided +Message+.
+      #
+      # When +key+ is an Array, it will try all the keys raising a
+      # +ActiveRecord::Encryption::Errors::Decryption+ if none works.
+      def decrypt(encrypted_message, key:)
+        try_to_decrypt_with_each(encrypted_message, keys: Array(key)).tap do |decrypted_text|
+          decrypted_text.force_encoding(encrypted_message.headers.encoding || DEFAULT_ENCODING)
+        end
+      end
+
+      def key_length
+        Aes256Gcm.key_length
+      end
+
+      def iv_length
+        Aes256Gcm.iv_length
+      end
+
+      private
+        def try_to_decrypt_with_each(encrypted_text, keys:)
+          keys.each.with_index do |key, index|
+            return cipher_for(key).decrypt(encrypted_text)
+          rescue ActiveRecord::Encryption::Errors::Decryption
+            raise if index == keys.length - 1
+          end
+        end
+
+        def cipher_for(secret, deterministic: false)
+          Aes256Gcm.new(secret, deterministic: deterministic)
+        end
+    end
+  end
+end

data/lib/active_record/encryption/config.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module Encryption
+    # Container of configuration options
+    class Config
+      attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt,
+                    :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
+                    :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption
+
+      def initialize
+        set_defaults
+      end
+
+      # Configure previous encryption schemes.
+      #
+      #   config.active_record.encryption.previous = [ { key_provider: MyOldKeyProvider.new } ]
+      def previous=(previous_schemes_properties)
+        previous_schemes_properties.each do |properties|
+          add_previous_scheme(**properties)
+        end
+      end
+
+      private
+        def set_defaults
+          self.store_key_references = false
+          self.support_unencrypted_data = false
+          self.encrypt_fixtures = false
+          self.validate_column_size = true
+          self.add_to_filter_parameters = true
+          self.excluded_from_filter_parameters = []
+          self.previous_schemes = []
+          self.forced_encoding_for_deterministic_encryption = Encoding::UTF_8
+
+          # TODO: Setting to false for now as the implementation is a bit experimental
+          self.extend_queries = false
+        end
+
+        def add_previous_scheme(**properties)
+          previous_schemes << ActiveRecord::Encryption::Scheme.new(**properties)
+        end
+    end
+  end
+end

data/lib/active_record/encryption/configurable.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module Encryption
+    # Configuration API for +ActiveRecord::Encryption+
+    module Configurable
+      extend ActiveSupport::Concern
+
+      included do
+        mattr_reader :config, default: Config.new
+        mattr_accessor :encrypted_attribute_declaration_listeners
+      end
+
+      class_methods do
+        # Expose getters for context properties
+        Context::PROPERTIES.each do |name|
+          delegate name, to: :context
+        end
+
+        def configure(primary_key:, deterministic_key:, key_derivation_salt:, **properties) # :nodoc:
+          config.primary_key = primary_key
+          config.deterministic_key = deterministic_key
+          config.key_derivation_salt = key_derivation_salt
+
+          context.key_provider = ActiveRecord::Encryption::DerivedSecretKeyProvider.new(primary_key)
+
+          properties.each do |name, value|
+            [:context, :config].each do |configurable_object_name|
+              configurable_object = ActiveRecord::Encryption.send(configurable_object_name)
+              configurable_object.send "#{name}=", value if configurable_object.respond_to?("#{name}=")
+            end
+          end
+        end
+
+        # Register callback to be invoked when an encrypted attribute is declared.
+        #
+        # === Example:
+        #
+        #   ActiveRecord::Encryption.on_encrypted_attribute_declared do |klass, attribute_name|
+        #     ...
+        #   end
+        def on_encrypted_attribute_declared(&block)
+          self.encrypted_attribute_declaration_listeners ||= Concurrent::Array.new
+          self.encrypted_attribute_declaration_listeners << block
+        end
+
+        def encrypted_attribute_was_declared(klass, name) # :nodoc:
+          self.encrypted_attribute_declaration_listeners&.each do |block|
+            block.call(klass, name)
+          end
+        end
+
+        def install_auto_filtered_parameters(application) # :nodoc:
+          ActiveRecord::Encryption.on_encrypted_attribute_declared do |klass, encrypted_attribute_name|
+            application.config.filter_parameters << encrypted_attribute_name unless ActiveRecord::Encryption.config.excluded_from_filter_parameters.include?(name)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_record/encryption/context.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module Encryption
+    # An encryption context configures the different entities used to perform encryption:
+    #
+    # * A key provider
+    # * A key generator
+    # * An encryptor, the facade to encrypt data
+    # * A cipher, the encryption algorithm
+    # * A message serializer
+    class Context
+      PROPERTIES = %i[ key_provider key_generator cipher message_serializer encryptor frozen_encryption ]
+
+      PROPERTIES.each do |name|
+        attr_accessor name
+      end
+
+      def initialize
+        set_defaults
+      end
+
+      alias frozen_encryption? frozen_encryption
+
+      private
+        def set_defaults
+          self.frozen_encryption = false
+          self.key_generator = ActiveRecord::Encryption::KeyGenerator.new
+          self.cipher = ActiveRecord::Encryption::Cipher.new
+          self.encryptor = ActiveRecord::Encryption::Encryptor.new
+          self.message_serializer = ActiveRecord::Encryption::MessageSerializer.new
+        end
+    end
+  end
+end

data/lib/active_record/encryption/contexts.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module Encryption
+    # +ActiveRecord::Encryption+ uses encryption contexts to configure the different entities used to
+    # encrypt/decrypt at a given moment in time.
+    #
+    # By default, the library uses a default encryption context. This is the +Context+ that gets configured
+    # initially via +config.active_record.encryption+ options. Library users can define nested encryption contexts
+    # when running blocks of code.
+    #
+    # See +Context+.
+    module Contexts
+      extend ActiveSupport::Concern
+
+      included do
+        mattr_reader :default_context, default: Context.new
+        thread_mattr_accessor :custom_contexts
+      end
+
+      class_methods do
+        # Configures a custom encryption context to use when running the provided block of code.
+        #
+        # It supports overriding all the properties defined in +Context+.
+        #
+        # Example:
+        #
+        #     ActiveRecord::Encryption.with_encryption_context(encryptor: ActiveRecord::Encryption::NullEncryptor.new) do
+        #       ...
+        #     end
+        #
+        # Encryption contexts can be nested.
+        def with_encryption_context(properties)
+          self.custom_contexts ||= []
+          self.custom_contexts << default_context.dup
+          properties.each do |key, value|
+            self.current_custom_context.send("#{key}=", value)
+          end
+
+          yield
+        ensure
+          self.custom_contexts.pop
+        end
+
+        # Runs the provided block in an encryption context where encryption is disabled:
+        #
+        # * Reading encrypted content will return its ciphertexts.
+        # * Writing encrypted content will write its clear text.
+        def without_encryption(&block)
+          with_encryption_context encryptor: ActiveRecord::Encryption::NullEncryptor.new, &block
+        end
+
+        # Runs the provided block in an encryption context where:
+        #
+        # * Reading encrypted content will return its ciphertext.
+        # * Writing encrypted content will fail.
+        def protecting_encrypted_data(&block)
+          with_encryption_context encryptor: ActiveRecord::Encryption::EncryptingOnlyEncryptor.new, frozen_encryption: true, &block
+        end
+
+        # Returns the current context. By default it will return the current context.
+        def context
+          self.current_custom_context || self.default_context
+        end
+
+        def current_custom_context
+          self.custom_contexts&.last
+        end
+      end
+    end
+  end
+end

data/lib/active_record/encryption/derived_secret_key_provider.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module Encryption
+    # A +KeyProvider+ that derives keys from passwords.
+    class DerivedSecretKeyProvider < KeyProvider
+      def initialize(passwords)
+        super(Array(passwords).collect { |password| Key.derive_from(password) })
+      end
+    end
+  end
+end