RubyGems - activerecord - Versions diffs - 6.1.6 → 7.0.0.alpha1 - Mend

activerecord 6.1.6 → 7.0.0.alpha1

Potentially problematic release.

This version of activerecord might be problematic. Click here for more details.

Files changed (218) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +728 -1279
data/MIT-LICENSE +1 -1
data/README.rdoc +1 -1
data/lib/active_record/aggregations.rb +1 -1
data/lib/active_record/association_relation.rb +0 -10
data/lib/active_record/associations/association.rb +31 -9
data/lib/active_record/associations/association_scope.rb +1 -3
data/lib/active_record/associations/belongs_to_association.rb +15 -4
data/lib/active_record/associations/belongs_to_polymorphic_association.rb +10 -2
data/lib/active_record/associations/builder/association.rb +8 -2
data/lib/active_record/associations/builder/belongs_to.rb +19 -6
data/lib/active_record/associations/builder/collection_association.rb +1 -1
data/lib/active_record/associations/builder/has_many.rb +3 -2
data/lib/active_record/associations/builder/has_one.rb +2 -1
data/lib/active_record/associations/builder/singular_association.rb +2 -2
data/lib/active_record/associations/collection_association.rb +14 -23
data/lib/active_record/associations/collection_proxy.rb +8 -3
data/lib/active_record/associations/disable_joins_association_scope.rb +59 -0
data/lib/active_record/associations/has_many_association.rb +1 -1
data/lib/active_record/associations/has_many_through_association.rb +2 -1
data/lib/active_record/associations/has_one_association.rb +10 -7
data/lib/active_record/associations/has_one_through_association.rb +1 -1
data/lib/active_record/associations/preloader/association.rb +161 -47
data/lib/active_record/associations/preloader/batch.rb +51 -0
data/lib/active_record/associations/preloader/branch.rb +147 -0
data/lib/active_record/associations/preloader/through_association.rb +37 -11
data/lib/active_record/associations/preloader.rb +46 -110
data/lib/active_record/associations/singular_association.rb +8 -2
data/lib/active_record/associations/through_association.rb +1 -1
data/lib/active_record/associations.rb +76 -81
data/lib/active_record/asynchronous_queries_tracker.rb +57 -0
data/lib/active_record/attribute_assignment.rb +1 -1
data/lib/active_record/attribute_methods/before_type_cast.rb +7 -2
data/lib/active_record/attribute_methods/dirty.rb +41 -16
data/lib/active_record/attribute_methods/primary_key.rb +2 -2
data/lib/active_record/attribute_methods/query.rb +2 -2
data/lib/active_record/attribute_methods/read.rb +7 -5
data/lib/active_record/attribute_methods/serialization.rb +66 -12
data/lib/active_record/attribute_methods/time_zone_conversion.rb +4 -3
data/lib/active_record/attribute_methods/write.rb +7 -10
data/lib/active_record/attribute_methods.rb +6 -9
data/lib/active_record/attributes.rb +24 -35
data/lib/active_record/autosave_association.rb +3 -18
data/lib/active_record/base.rb +19 -1
data/lib/active_record/callbacks.rb +2 -2
data/lib/active_record/connection_adapters/abstract/connection_handler.rb +312 -0
data/lib/active_record/connection_adapters/abstract/connection_pool/queue.rb +209 -0
data/lib/active_record/connection_adapters/abstract/connection_pool/reaper.rb +76 -0
data/lib/active_record/connection_adapters/abstract/connection_pool.rb +31 -558
data/lib/active_record/connection_adapters/abstract/database_statements.rb +45 -21
data/lib/active_record/connection_adapters/abstract/query_cache.rb +24 -12
data/lib/active_record/connection_adapters/abstract/quoting.rb +11 -4
data/lib/active_record/connection_adapters/abstract/schema_creation.rb +4 -17
data/lib/active_record/connection_adapters/abstract/schema_definitions.rb +30 -13
data/lib/active_record/connection_adapters/abstract/schema_statements.rb +60 -16
data/lib/active_record/connection_adapters/abstract/transaction.rb +3 -3
data/lib/active_record/connection_adapters/abstract_adapter.rb +112 -66
data/lib/active_record/connection_adapters/abstract_mysql_adapter.rb +96 -81
data/lib/active_record/connection_adapters/mysql/database_statements.rb +33 -23
data/lib/active_record/connection_adapters/mysql/quoting.rb +16 -1
data/lib/active_record/connection_adapters/mysql/schema_statements.rb +1 -1
data/lib/active_record/connection_adapters/mysql2_adapter.rb +12 -6
data/lib/active_record/connection_adapters/pool_config.rb +1 -3
data/lib/active_record/connection_adapters/postgresql/database_statements.rb +19 -14
data/lib/active_record/connection_adapters/postgresql/oid/date.rb +8 -0
data/lib/active_record/connection_adapters/postgresql/oid/date_time.rb +5 -0
data/lib/active_record/connection_adapters/postgresql/oid/hstore.rb +53 -14
data/lib/active_record/connection_adapters/postgresql/oid/range.rb +1 -1
data/lib/active_record/connection_adapters/postgresql/oid/timestamp.rb +15 -0
data/lib/active_record/connection_adapters/postgresql/oid/timestamp_with_time_zone.rb +28 -0
data/lib/active_record/connection_adapters/postgresql/oid/type_map_initializer.rb +18 -6
data/lib/active_record/connection_adapters/postgresql/oid.rb +2 -0
data/lib/active_record/connection_adapters/postgresql/quoting.rb +6 -6
data/lib/active_record/connection_adapters/postgresql/referential_integrity.rb +32 -0
data/lib/active_record/connection_adapters/postgresql/schema_definitions.rb +5 -1
data/lib/active_record/connection_adapters/postgresql/schema_statements.rb +12 -12
data/lib/active_record/connection_adapters/postgresql_adapter.rb +157 -100
data/lib/active_record/connection_adapters/schema_cache.rb +36 -37
data/lib/active_record/connection_adapters/sqlite3/database_statements.rb +23 -19
data/lib/active_record/connection_adapters/sqlite3/schema_statements.rb +4 -2
data/lib/active_record/connection_adapters/sqlite3_adapter.rb +61 -30
data/lib/active_record/connection_adapters.rb +6 -5
data/lib/active_record/connection_handling.rb +20 -38
data/lib/active_record/core.rb +111 -110
data/lib/active_record/database_configurations/connection_url_resolver.rb +0 -1
data/lib/active_record/database_configurations/database_config.rb +12 -0
data/lib/active_record/database_configurations/hash_config.rb +27 -1
data/lib/active_record/database_configurations/url_config.rb +2 -2
data/lib/active_record/database_configurations.rb +17 -9
data/lib/active_record/delegated_type.rb +33 -11
data/lib/active_record/destroy_association_async_job.rb +1 -1
data/lib/active_record/disable_joins_association_relation.rb +39 -0
data/lib/active_record/dynamic_matchers.rb +1 -1
data/lib/active_record/encryption/cipher/aes256_gcm.rb +98 -0
data/lib/active_record/encryption/cipher.rb +53 -0
data/lib/active_record/encryption/config.rb +44 -0
data/lib/active_record/encryption/configurable.rb +61 -0
data/lib/active_record/encryption/context.rb +35 -0
data/lib/active_record/encryption/contexts.rb +72 -0
data/lib/active_record/encryption/derived_secret_key_provider.rb +12 -0
data/lib/active_record/encryption/deterministic_key_provider.rb +14 -0
data/lib/active_record/encryption/encryptable_record.rb +208 -0
data/lib/active_record/encryption/encrypted_attribute_type.rb +140 -0
data/lib/active_record/encryption/encrypted_fixtures.rb +38 -0
data/lib/active_record/encryption/encrypting_only_encryptor.rb +12 -0
data/lib/active_record/encryption/encryptor.rb +155 -0
data/lib/active_record/encryption/envelope_encryption_key_provider.rb +55 -0
data/lib/active_record/encryption/errors.rb +15 -0
data/lib/active_record/encryption/extended_deterministic_queries.rb +160 -0
data/lib/active_record/encryption/extended_deterministic_uniqueness_validator.rb +29 -0
data/lib/active_record/encryption/key.rb +28 -0
data/lib/active_record/encryption/key_generator.rb +42 -0
data/lib/active_record/encryption/key_provider.rb +46 -0
data/lib/active_record/encryption/message.rb +33 -0
data/lib/active_record/encryption/message_serializer.rb +80 -0
data/lib/active_record/encryption/null_encryptor.rb +21 -0
data/lib/active_record/encryption/properties.rb +76 -0
data/lib/active_record/encryption/read_only_null_encryptor.rb +24 -0
data/lib/active_record/encryption/scheme.rb +99 -0
data/lib/active_record/encryption.rb +55 -0
data/lib/active_record/enum.rb +41 -41
data/lib/active_record/errors.rb +66 -3
data/lib/active_record/fixture_set/file.rb +15 -1
data/lib/active_record/fixture_set/table_row.rb +40 -5
data/lib/active_record/fixture_set/table_rows.rb +4 -4
data/lib/active_record/fixtures.rb +16 -11
data/lib/active_record/future_result.rb +139 -0
data/lib/active_record/gem_version.rb +4 -4
data/lib/active_record/inheritance.rb +55 -17
data/lib/active_record/insert_all.rb +34 -5
data/lib/active_record/integration.rb +1 -1
data/lib/active_record/internal_metadata.rb +1 -5
data/lib/active_record/locking/optimistic.rb +10 -9
data/lib/active_record/log_subscriber.rb +6 -2
data/lib/active_record/middleware/database_selector/resolver.rb +6 -10
data/lib/active_record/middleware/database_selector.rb +8 -3
data/lib/active_record/migration/command_recorder.rb +4 -4
data/lib/active_record/migration/compatibility.rb +89 -10
data/lib/active_record/migration/join_table.rb +1 -1
data/lib/active_record/migration.rb +109 -79
data/lib/active_record/model_schema.rb +45 -31
data/lib/active_record/nested_attributes.rb +3 -3
data/lib/active_record/no_touching.rb +2 -2
data/lib/active_record/null_relation.rb +2 -6
data/lib/active_record/persistence.rb +134 -45
data/lib/active_record/query_cache.rb +2 -2
data/lib/active_record/query_logs.rb +203 -0
data/lib/active_record/querying.rb +15 -5
data/lib/active_record/railtie.rb +117 -17
data/lib/active_record/railties/controller_runtime.rb +1 -1
data/lib/active_record/railties/databases.rake +72 -48
data/lib/active_record/readonly_attributes.rb +11 -0
data/lib/active_record/reflection.rb +45 -44
data/lib/active_record/relation/batches/batch_enumerator.rb +19 -5
data/lib/active_record/relation/batches.rb +3 -3
data/lib/active_record/relation/calculations.rb +39 -26
data/lib/active_record/relation/delegation.rb +6 -6
data/lib/active_record/relation/finder_methods.rb +31 -22
data/lib/active_record/relation/merger.rb +20 -13
data/lib/active_record/relation/predicate_builder.rb +1 -6
data/lib/active_record/relation/query_attribute.rb +5 -11
data/lib/active_record/relation/query_methods.rb +230 -47
data/lib/active_record/relation/record_fetch_warning.rb +2 -2
data/lib/active_record/relation/spawn_methods.rb +2 -2
data/lib/active_record/relation/where_clause.rb +8 -4
data/lib/active_record/relation.rb +166 -77
data/lib/active_record/result.rb +17 -2
data/lib/active_record/runtime_registry.rb +2 -4
data/lib/active_record/sanitization.rb +11 -7
data/lib/active_record/schema_dumper.rb +3 -3
data/lib/active_record/schema_migration.rb +0 -4
data/lib/active_record/scoping/default.rb +61 -12
data/lib/active_record/scoping/named.rb +3 -11
data/lib/active_record/scoping.rb +40 -22
data/lib/active_record/serialization.rb +1 -1
data/lib/active_record/signed_id.rb +1 -1
data/lib/active_record/tasks/database_tasks.rb +106 -22
data/lib/active_record/tasks/mysql_database_tasks.rb +1 -1
data/lib/active_record/tasks/postgresql_database_tasks.rb +14 -11
data/lib/active_record/test_databases.rb +1 -1
data/lib/active_record/test_fixtures.rb +4 -4
data/lib/active_record/timestamp.rb +3 -4
data/lib/active_record/transactions.rb +9 -14
data/lib/active_record/translation.rb +2 -2
data/lib/active_record/type/adapter_specific_registry.rb +32 -7
data/lib/active_record/type/hash_lookup_type_map.rb +34 -1
data/lib/active_record/type/internal/timezone.rb +2 -2
data/lib/active_record/type/serialized.rb +1 -1
data/lib/active_record/type/type_map.rb +17 -20
data/lib/active_record/type.rb +1 -2
data/lib/active_record/validations/associated.rb +1 -1
data/lib/active_record.rb +170 -2
data/lib/arel/attributes/attribute.rb +0 -8
data/lib/arel/crud.rb +18 -22
data/lib/arel/delete_manager.rb +2 -4
data/lib/arel/insert_manager.rb +2 -3
data/lib/arel/nodes/casted.rb +1 -1
data/lib/arel/nodes/delete_statement.rb +8 -13
data/lib/arel/nodes/insert_statement.rb +2 -2
data/lib/arel/nodes/select_core.rb +2 -2
data/lib/arel/nodes/select_statement.rb +2 -2
data/lib/arel/nodes/update_statement.rb +3 -2
data/lib/arel/predications.rb +1 -1
data/lib/arel/select_manager.rb +10 -4
data/lib/arel/table.rb +0 -1
data/lib/arel/tree_manager.rb +0 -12
data/lib/arel/update_manager.rb +2 -4
data/lib/arel/visitors/dot.rb +80 -90
data/lib/arel/visitors/mysql.rb +6 -1
data/lib/arel/visitors/postgresql.rb +0 -10
data/lib/arel/visitors/to_sql.rb +43 -2
data/lib/arel.rb +1 -1
data/lib/rails/generators/active_record/application_record/templates/application_record.rb.tt +1 -1
data/lib/rails/generators/active_record/model/templates/abstract_base_class.rb.tt +1 -1
data/lib/rails/generators/active_record/model/templates/model.rb.tt +1 -1
data/lib/rails/generators/active_record/model/templates/module.rb.tt +2 -2
metadata +55 -17

data/lib/active_record/encryption/key_provider.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A +KeyProvider+ serves keys:
+    #
+    # * An encryption key
+    # * A list of potential decryption keys. Serving multiple decryption keys supports rotation-schemes
+    #   where new keys are added but old keys need to continue working
+    class KeyProvider
+      def initialize(keys)
+        @keys = Array(keys)
+      end
+      # Returns the first key in the list as the active key to perform encryptions
+      #
+      # When +ActiveRecord::Encryption.config.store_key_references+ is true, the key will include
+      # a public tag referencing the key itself. That key will be stored in the public
+      # headers of the encrypted message
+      def encryption_key
+        @encryption_key ||= @keys.last.tap do |key|
+          key.public_tags.encrypted_data_key_id = key.id if ActiveRecord::Encryption.config.store_key_references
+        end
+        @encryption_key
+      end
+      # Returns the list of decryption keys
+      #
+      # When the message holds a reference to its encryption key, it will return an array
+      # with that key. If not, it will return the list of keys.
+      def decryption_keys(encrypted_message)
+        if encrypted_message.headers.encrypted_data_key_id
+          keys_grouped_by_id[encrypted_message.headers.encrypted_data_key_id]
+        else
+          @keys
+        end
+      end
+      private
+        def keys_grouped_by_id
+          @keys_grouped_by_id ||= @keys.group_by(&:id)
+        end
+    end
+  end
+end

data/lib/active_record/encryption/message.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A message defines the structure of the data we store in encrypted attributes. It contains:
+    #
+    # * An encrypted payload
+    # * A list of unencrypted headers
+    #
+    # See +Encryptor#encrypt+
+    class Message
+      attr_accessor :payload, :headers
+      def initialize(payload: nil, headers: {})
+        validate_payload_type(payload)
+        @payload = payload
+        @headers = Properties.new(headers)
+      end
+      def ==(other_message)
+        payload == other_message.payload && headers == other_message.headers
+      end
+      private
+        def validate_payload_type(payload)
+          unless payload.is_a?(String) || payload.nil?
+            raise ActiveRecord::Encryption::Errors::ForbiddenClass, "Only string payloads allowed"
+          end
+        end
+    end
+  end
+end

data/lib/active_record/encryption/message_serializer.rb ADDED Viewed

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A message serializer that serializes +Messages+ with JSON.
+    #
+    # The generated structure is pretty simple:
+    #
+    #   {
+    #     p: <payload>,
+    #     h: {
+    #       header1: value1,
+    #       header2: value2,
+    #       ...
+    #     }
+    #   }
+    #
+    # Both the payload and the header values are encoded with Base64
+    # to prevent JSON parsing errors and encoding issues when
+    # storing the resulting serialized data.
+    class MessageSerializer
+      def load(serialized_content)
+        data = JSON.parse(serialized_content)
+        parse_message(data, 1)
+      rescue JSON::ParserError
+        raise ActiveRecord::Encryption::Errors::Encoding
+      end
+      def dump(message)
+        raise ActiveRecord::Encryption::Errors::ForbiddenClass unless message.is_a?(ActiveRecord::Encryption::Message)
+        JSON.dump message_to_json(message)
+      end
+      private
+        def parse_message(data, level)
+          raise ActiveRecord::Encryption::Errors::Decryption, "More than one level of hash nesting in headers is not supported" if level > 2
+          ActiveRecord::Encryption::Message.new(payload: decode_if_needed(data["p"]), headers: parse_properties(data["h"], level))
+        end
+        def parse_properties(headers, level)
+          ActiveRecord::Encryption::Properties.new.tap do |properties|
+            headers&.each do |key, value|
+              properties[key] = value.is_a?(Hash) ? parse_message(value, level + 1) : decode_if_needed(value)
+            end
+          end
+        end
+        def message_to_json(message)
+          {
+            p: encode_if_needed(message.payload),
+            h: headers_to_json(message.headers)
+          }
+        end
+        def headers_to_json(headers)
+          headers.transform_values do |value|
+            value.is_a?(ActiveRecord::Encryption::Message) ? message_to_json(value) : encode_if_needed(value)
+          end
+        end
+        def encode_if_needed(value)
+          if value.is_a?(String)
+            ::Base64.strict_encode64 value
+          else
+            value
+          end
+        end
+        def decode_if_needed(value)
+          if value.is_a?(String)
+            ::Base64.strict_decode64(value)
+          else
+            value
+          end
+        rescue ArgumentError, TypeError
+          raise Errors::Encoding
+        end
+    end
+  end
+end

data/lib/active_record/encryption/null_encryptor.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # An encryptor that won't decrypt or encrypt. It will just return the passed
+    # values
+    class NullEncryptor
+      def encrypt(clean_text, key_provider: nil, cipher_options: {})
+        clean_text
+      end
+      def decrypt(encrypted_text, key_provider: nil, cipher_options: {})
+        encrypted_text
+      end
+      def encrypted?(text)
+        false
+      end
+    end
+  end
+end

data/lib/active_record/encryption/properties.rb ADDED Viewed

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # This is a wrapper for a hash of encryption properties. It is used by
+    # +Key+ (public tags) and +Message+ (headers).
+    #
+    # Since properties are serialized in messages, it is important for storage
+    # efficiency to keep their keys as short as possible. It defines accessors
+    # for common properties that will keep these keys very short while exposing
+    # a readable name.
+    #
+    #   message.headers.encrypted_data_key # instead of message.headers[:k]
+    #
+    # See +Properties#DEFAULT_PROPERTIES+, +Key+, +Message+
+    class Properties
+      ALLOWED_VALUE_CLASSES = [String, ActiveRecord::Encryption::Message, Numeric, TrueClass, FalseClass, Symbol, NilClass]
+      delegate_missing_to :data
+      delegate :==, to: :data
+      # For each entry it generates an accessor exposing the full name
+      DEFAULT_PROPERTIES = {
+        encrypted_data_key: "k",
+        encrypted_data_key_id: "i",
+        compressed: "c",
+        iv: "iv",
+        auth_tag: "at",
+        encoding: "e"
+      }
+      DEFAULT_PROPERTIES.each do |name, key|
+        define_method name do
+          self[key.to_sym]
+        end
+        define_method "#{name}=" do |value|
+          self[key.to_sym] = value
+        end
+      end
+      def initialize(initial_properties = {})
+        @data = {}
+        add(initial_properties)
+      end
+      # Set a value for a given key
+      #
+      # It will raise an +EncryptedContentIntegrity+ if the value exists
+      def []=(key, value)
+        raise Errors::EncryptedContentIntegrity, "Properties can't be overridden: #{key}" if key?(key)
+        validate_value_type(value)
+        data[key] = value
+      end
+      def validate_value_type(value)
+        unless ALLOWED_VALUE_CLASSES.find { |klass| value.is_a?(klass) }
+          raise ActiveRecord::Encryption::Errors::ForbiddenClass, "Can't store a #{value.class}, only properties of type #{ALLOWED_VALUE_CLASSES.inspect} are allowed"
+        end
+      end
+      def add(other_properties)
+        other_properties.each do |key, value|
+          self[key.to_sym] = value
+        end
+      end
+      def to_h
+        data
+      end
+      private
+        attr_reader :data
+    end
+  end
+end

data/lib/active_record/encryption/read_only_null_encryptor.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A +NullEncryptor+ that will raise an error when trying to encrypt data
+    #
+    # This is useful when you want to reveal ciphertexts for debugging purposes
+    # and you want to make sure you won't overwrite any encryptable attribute with
+    # the wrong content.
+    class ReadOnlyNullEncryptor
+      def encrypt(clean_text, key_provider: nil, cipher_options: {})
+        raise Errors::Encryption, "This encryptor is read-only"
+      end
+      def decrypt(encrypted_text, key_provider: nil, cipher_options: {})
+        encrypted_text
+      end
+      def encrypted?(text)
+        false
+      end
+    end
+  end
+end

data/lib/active_record/encryption/scheme.rb ADDED Viewed

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+module ActiveRecord
+  module Encryption
+    # A container of attribute encryption options.
+    #
+    # It validates and serves attribute encryption options.
+    #
+    # See +EncryptedAttributeType+, +Context+
+    class Scheme
+      attr_accessor :previous_schemes
+      def initialize(key_provider: nil, key: nil, deterministic: nil, downcase: nil, ignore_case: nil,
+                     previous_schemes: nil, **context_properties)
+        # Initializing all attributes to +nil+ as we want to allow a "not set" semantics so that we
+        # can merge schemes without overriding values with defaults. See +#merge+
+        @key_provider_param = key_provider
+        @key = key
+        @deterministic = deterministic
+        @downcase = downcase || ignore_case
+        @ignore_case = ignore_case
+        @previous_schemes_param = previous_schemes
+        @previous_schemes = Array.wrap(previous_schemes)
+        @context_properties = context_properties
+        validate_config!
+      end
+      def ignore_case?
+        @ignore_case
+      end
+      def downcase?
+        @downcase
+      end
+      def deterministic?
+        @deterministic
+      end
+      def fixed?
+        # by default deterministic encryption is fixed
+        @fixed ||= @deterministic && (!@deterministic.is_a?(Hash) || @deterministic[:fixed])
+      end
+      def key_provider
+        @key_provider ||= begin
+          validate_keys!
+          @key_provider_param || build_key_provider
+        end
+      end
+      def merge(other_scheme)
+        self.class.new(**to_h.merge(other_scheme.to_h))
+      end
+      def to_h
+        { key_provider: @key_provider_param, key: @key, deterministic: @deterministic, downcase: @downcase, ignore_case: @ignore_case,
+          previous_schemes: @previous_schemes_param, **@context_properties }.compact
+      end
+      def with_context(&block)
+        if @context_properties.present?
+          ActiveRecord::Encryption.with_encryption_context(**@context_properties, &block)
+        else
+          block.call
+        end
+      end
+      private
+        def validate_config!
+          raise Errors::Configuration, "ignore_case: can only be used with deterministic encryption" if @ignore_case && !@deterministic
+          raise Errors::Configuration, "key_provider: and key: can't be used simultaneously" if @key_provider_param && @key
+        end
+        def validate_keys!
+          validate_credential :key_derivation_salt
+          validate_credential :primary_key, "needs to be configured to use non-deterministic encryption" unless @deterministic
+          validate_credential :deterministic_key, "needs to be configured to use deterministic encryption" if @deterministic
+        end
+        def validate_credential(key, error_message = "is not configured")
+          unless ActiveRecord::Encryption.config.public_send(key).present?
+            raise Errors::Configuration, "#{key} #{error_message}. Please configure it via credential"\
+              "active_record_encryption.#{key} or by setting config.active_record.encryption.#{key}"
+          end
+        end
+        def build_key_provider
+          return DerivedSecretKeyProvider.new(@key) if @key.present?
+          if @deterministic && (deterministic_key = ActiveRecord::Encryption.config.deterministic_key)
+            DeterministicKeyProvider.new(deterministic_key)
+          end
+        end
+    end
+  end
+end

data/lib/active_record/encryption.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+require "active_support/core_ext/module"
+require "active_support/core_ext/array"
+module ActiveRecord
+  module Encryption
+    extend ActiveSupport::Autoload
+    eager_autoload do
+      autoload :Cipher
+      autoload :Config
+      autoload :Configurable
+      autoload :Context
+      autoload :Contexts
+      autoload :DerivedSecretKeyProvider
+      autoload :EncryptableRecord
+      autoload :EncryptedAttributeType
+      autoload :EncryptedFixtures
+      autoload :EncryptingOnlyEncryptor
+      autoload :DeterministicKeyProvider
+      autoload :Encryptor
+      autoload :EnvelopeEncryptionKeyProvider
+      autoload :Errors
+      autoload :ExtendedDeterministicQueries
+      autoload :ExtendedDeterministicUniquenessValidator
+      autoload :Key
+      autoload :KeyGenerator
+      autoload :KeyProvider
+      autoload :Message
+      autoload :MessageSerializer
+      autoload :NullEncryptor
+      autoload :Properties
+      autoload :ReadOnlyNullEncryptor
+      autoload :Scheme
+    end
+    class Cipher
+      extend ActiveSupport::Autoload
+      eager_autoload do
+        autoload :Aes256Gcm
+      end
+    end
+    include Configurable
+    include Contexts
+    def self.eager_load!
+      super
+      Cipher.eager_load!
+    end
+  end
+end

data/lib/active_record/enum.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
+require "active_support/core_ext/hash/slice"
 require "active_support/core_ext/object/deep_dup"
 module ActiveRecord
@@ -7,7 +8,7 @@ module ActiveRecord
   # but can be queried by name. Example:
   #
   #   class Conversation < ActiveRecord::Base
-  #     enum status: [ :active, :archived ]
+  #     enum :status, [ :active, :archived ]
   #   end
   #
   #   # conversation.update! status: 0
@@ -41,16 +42,16 @@ module ActiveRecord
   #   Conversation.where(status: [:active, :archived])
   #   Conversation.where.not(status: :active)
   #
-  # Defining scopes can be disabled by setting +:_scopes+ to +false+.
+  # Defining scopes can be disabled by setting +:scopes+ to +false+.
   #
   #   class Conversation < ActiveRecord::Base
-  #     enum status: [ :active, :archived ], _scopes: false
+  #     enum :status, [ :active, :archived ], scopes: false
   #   end
   #
-  # You can set the default enum value by setting +:_default+, like:
+  # You can set the default enum value by setting +:default+, like:
   #
   #   class Conversation < ActiveRecord::Base
-  #     enum status: [ :active, :archived ], _default: "active"
+  #     enum :status, [ :active, :archived ], default: :active
   #   end
   #
   #   conversation = Conversation.new
@@ -60,7 +61,7 @@ module ActiveRecord
   # database integer with a hash:
   #
   #   class Conversation < ActiveRecord::Base
-  #     enum status: { active: 0, archived: 1 }
+  #     enum :status, active: 0, archived: 1
   #   end
   #
   # Note that when an array is used, the implicit mapping from the values to database
@@ -85,14 +86,14 @@ module ActiveRecord
   #
   #   Conversation.where("status <> ?", Conversation.statuses[:archived])
   #
-  # You can use the +:_prefix+ or +:_suffix+ options when you need to define
+  # You can use the +:prefix+ or +:suffix+ options when you need to define
   # multiple enums with same values. If the passed value is +true+, the methods
   # are prefixed/suffixed with the name of the enum. It is also possible to
   # supply a custom value:
   #
   #   class Conversation < ActiveRecord::Base
-  #     enum status: [:active, :archived], _suffix: true
-  #     enum comments_status: [:active, :inactive], _prefix: :comments
+  #     enum :status, [ :active, :archived ], suffix: true
+  #     enum :comments_status, [ :active, :inactive ], prefix: :comments
   #   end
   #
   # With the above example, the bang and predicate methods along with the
@@ -103,7 +104,6 @@ module ActiveRecord
   #
   #   conversation.comments_inactive!
   #   conversation.comments_active? # => false
   module Enum
     def self.extended(base) # :nodoc:
       base.class_attribute(:defined_enums, instance_writer: false, default: {})
@@ -128,10 +128,8 @@ module ActiveRecord
           value.to_s
         elsif mapping.has_value?(value)
           mapping.key(value)
-        elsif value.blank?
-          nil
         else
-          assert_valid_value(value)
+          value.presence
         end
       end
@@ -140,7 +138,11 @@ module ActiveRecord
       end
       def serialize(value)
-        mapping.fetch(value, value)
+        subtype.serialize(mapping.fetch(value, value))
+      end
+      def serializable?(value, &block)
+        subtype.serializable?(mapping.fetch(value, value), &block)
       end
       def assert_valid_value(value)
@@ -155,15 +157,20 @@ module ActiveRecord
         attr_reader :name, :mapping
     end
-    def enum(definitions)
-      enum_prefix = definitions.delete(:_prefix)
-      enum_suffix = definitions.delete(:_suffix)
-      enum_scopes = definitions.delete(:_scopes)
+    def enum(name = nil, values = nil, **options)
+      if name
+        values, options = options, {} unless values
+        return _enum(name, values, **options)
+      end
+      definitions = options.slice!(:_prefix, :_suffix, :_scopes, :_default)
+      options.transform_keys! { |key| :"#{key[1..-1]}" }
-      default = {}
-      default[:default] = definitions.delete(:_default) if definitions.key?(:_default)
+      definitions.each { |name, values| _enum(name, values, **options) }
+    end
-      definitions.each do |name, values|
+    private
+      def _enum(name, values, prefix: nil, suffix: nil, scopes: true, **options)
         assert_valid_enum_definition_values(values)
         # statuses = { }
         enum_values = ActiveSupport::HashWithIndifferentAccess.new
@@ -177,24 +184,19 @@ module ActiveRecord
         detect_enum_conflict!(name, name)
         detect_enum_conflict!(name, "#{name}=")
-        attr = attribute_alias?(name) ? attribute_alias(name) : name
-        decorate_attribute_type(attr, **default) do |subtype|
-          EnumType.new(attr, enum_values, subtype)
+        attribute(name, **options) do |subtype|
+          subtype = subtype.subtype if EnumType === subtype
+          EnumType.new(name, enum_values, subtype)
         end
         value_method_names = []
         _enum_methods_module.module_eval do
-          prefix = if enum_prefix == true
-            "#{name}_"
-          elsif enum_prefix
-            "#{enum_prefix}_"
+          prefix = if prefix
+            prefix == true ? "#{name}_" : "#{prefix}_"
           end
-          suffix = if enum_suffix == true
-            "_#{name}"
-          elsif enum_suffix
-            "_#{enum_suffix}"
+          suffix = if suffix
+            suffix == true ? "_#{name}" : "_#{suffix}"
           end
           pairs = values.respond_to?(:each_pair) ? values.each_pair : values.each_with_index
@@ -204,23 +206,21 @@ module ActiveRecord
             value_method_name = "#{prefix}#{label}#{suffix}"
             value_method_names << value_method_name
-            define_enum_methods(name, value_method_name, value, enum_scopes)
+            define_enum_methods(name, value_method_name, value, scopes)
             method_friendly_label = label.gsub(/[\W&&[:ascii:]]+/, "_")
             value_method_alias = "#{prefix}#{method_friendly_label}#{suffix}"
             if value_method_alias != value_method_name && !value_method_names.include?(value_method_alias)
               value_method_names << value_method_alias
-              define_enum_methods(name, value_method_alias, value, enum_scopes)
+              define_enum_methods(name, value_method_alias, value, scopes)
             end
           end
         end
-        detect_negative_enum_conditions!(value_method_names) if enum_scopes != false
+        detect_negative_enum_conditions!(value_method_names) if scopes
         enum_values.freeze
       end
-    end
-    private
       class EnumMethods < Module # :nodoc:
         def initialize(klass)
           @klass = klass
@@ -229,7 +229,7 @@ module ActiveRecord
         private
           attr_reader :klass
-          def define_enum_methods(name, value_method_name, value, enum_scopes)
+          def define_enum_methods(name, value_method_name, value, scopes)
             # def active?() status_for_database == 0 end
             klass.send(:detect_enum_conflict!, name, "#{value_method_name}?")
             define_method("#{value_method_name}?") { public_send(:"#{name}_for_database") == value }
@@ -240,7 +240,7 @@ module ActiveRecord
             # scope :active, -> { where(status: 0) }
             # scope :not_active, -> { where.not(status: 0) }
-            if enum_scopes != false
+            if scopes
               klass.send(:detect_enum_conflict!, name, value_method_name, true)
               klass.scope value_method_name, -> { where(name => value) }
@@ -260,7 +260,7 @@ module ActiveRecord
       end
       def assert_valid_enum_definition_values(values)
-        unless values.is_a?(Hash) || values.all? { |v| v.is_a?(Symbol) } || values.all? { |v| v.is_a?(String) }
+        unless values.is_a?(Hash) || values.all?(Symbol) || values.all?(String)
           error_message = <<~MSG
             Enum values #{values} must be either a hash, an array of symbols, or an array of strings.
           MSG