activerecord 7.1.5.1 → 8.0.2

data/lib/active_record/delegated_type.rb

@@ -113,6 +113,26 @@ module ActiveRecord
   #     end
   #   end
   #
+  # == Querying across records
+  #
+  # A consequence of delegated types is that querying attributes spread across multiple classes becomes slightly more
+  # tricky, but not impossible.
+  #
+  # The simplest method is to join the "superclass" to the "subclass" and apply the query parameters (i.e. <tt>#where</tt>)
+  # in appropriate places:
+  #
+  #   Comment.joins(:entry).where(comments: { content: 'Hello!' }, entry: { creator: Current.user } )
+  #
+  # For convenience, add a scope on the concern. Now all classes that implement the concern will automatically include
+  # the method:
+  #
+  #   # app/models/concerns/entryable.rb
+  #   scope :with_entry, ->(attrs) { joins(:entry).where(entry: attrs) }
+  #
+  # Now the query can be shortened significantly:
+  #
+  #   Comment.where(content: 'Hello!').with_entry(creator: Current.user)
+  #
   # == Adding further delegation
   #
   # The delegated type shouldn't just answer the question of what the underlying class is called. In fact, that's
@@ -161,16 +181,16 @@ module ActiveRecord
     #     delegated_type :entryable, types: %w[ Message Comment ], dependent: :destroy
     #   end
     #
-    #   Entry#entryable_class # => +Message+ or +Comment+
-    #   Entry#entryable_name  # => "message" or "comment"
-    #   Entry.messages        # => Entry.where(entryable_type: "Message")
-    #   Entry#message?        # => true when entryable_type == "Message"
-    #   Entry#message         # => returns the message record, when entryable_type == "Message", otherwise nil
-    #   Entry#message_id      # => returns entryable_id, when entryable_type == "Message", otherwise nil
-    #   Entry.comments        # => Entry.where(entryable_type: "Comment")
-    #   Entry#comment?        # => true when entryable_type == "Comment"
-    #   Entry#comment         # => returns the comment record, when entryable_type == "Comment", otherwise nil
-    #   Entry#comment_id      # => returns entryable_id, when entryable_type == "Comment", otherwise nil
+    #   @entry.entryable_class # => Message or Comment
+    #   @entry.entryable_name  # => "message" or "comment"
+    #   Entry.messages         # => Entry.where(entryable_type: "Message")
+    #   @entry.message?        # => true when entryable_type == "Message"
+    #   @entry.message         # => returns the message record, when entryable_type == "Message", otherwise nil
+    #   @entry.message_id      # => returns entryable_id, when entryable_type == "Message", otherwise nil
+    #   Entry.comments         # => Entry.where(entryable_type: "Comment")
+    #   @entry.comment?        # => true when entryable_type == "Comment"
+    #   @entry.comment         # => returns the comment record, when entryable_type == "Comment", otherwise nil
+    #   @entry.comment_id      # => returns entryable_id, when entryable_type == "Comment", otherwise nil
     #
     # You can also declare namespaced types:
     #
@@ -179,25 +199,25 @@ module ActiveRecord
     #   end
     #
     #   Entry.access_notice_messages
-    #   entry.access_notice_message
-    #   entry.access_notice_message?
+    #   @entry.access_notice_message
+    #   @entry.access_notice_message?
     #
     # === Options
     #
     # The +options+ are passed directly to the +belongs_to+ call, so this is where you declare +dependent+ etc.
     # The following options can be included to specialize the behavior of the delegated type convenience methods.
     #
-    # [:foreign_key]
+    # [+:foreign_key+]
     #   Specify the foreign key used for the convenience methods. By default this is guessed to be the passed
     #   +role+ with an "_id" suffix. So a class that defines a
     #   <tt>delegated_type :entryable, types: %w[ Message Comment ]</tt> association will use "entryable_id" as
     #   the default <tt>:foreign_key</tt>.
-    # [:foreign_type]
+    # [+:foreign_type+]
     #   Specify the column used to store the associated object's type. By default this is inferred to be the passed
     #   +role+ with a "_type" suffix. A class that defines a
     #   <tt>delegated_type :entryable, types: %w[ Message Comment ]</tt> association will use "entryable_type" as
     #   the default <tt>:foreign_type</tt>.
-    # [:primary_key]
+    # [+:primary_key+]
     #   Specify the method that returns the primary key of associated object used for the convenience methods.
     #   By default this is +id+.
     #
@@ -206,8 +226,8 @@ module ActiveRecord
     #     delegated_type :entryable, types: %w[ Message Comment ], primary_key: :uuid, foreign_key: :entryable_uuid
     #   end
     #
-    #   Entry#message_uuid      # => returns entryable_uuid, when entryable_type == "Message", otherwise nil
-    #   Entry#comment_uuid      # => returns entryable_uuid, when entryable_type == "Comment", otherwise nil
+    #   @entry.message_uuid # => returns entryable_uuid, when entryable_type == "Message", otherwise nil
+    #   @entry.comment_uuid # => returns entryable_uuid, when entryable_type == "Comment", otherwise nil
     def delegated_type(role, types:, **options)
       belongs_to role, options.delete(:scope), **options.merge(polymorphic: true)
       define_delegated_type_methods role, types: types, options: options
@@ -219,6 +239,10 @@ module ActiveRecord
         role_type = options[:foreign_type] || "#{role}_type"
         role_id   = options[:foreign_key] || "#{role}_id"
 
+        define_singleton_method "#{role}_types" do
+          types.map(&:to_s)
+        end
+
         define_method "#{role}_class" do
           public_send(role_type).constantize
         end

data/lib/active_record/dynamic_matchers.rb

@@ -12,12 +12,12 @@ module ActiveRecord
         end
       end
 
-      def method_missing(name, *arguments, &block)
+      def method_missing(name, ...)
         match = Method.match(self, name)
 
         if match && match.valid?
           match.define
-          send(name, *arguments, &block)
+          send(name, ...)
         else
           super
         end

data/lib/active_record/encryption/config.rb

@@ -8,7 +8,8 @@ module ActiveRecord
     class Config
       attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
                     :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
-                    :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption
+                    :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption,
+                    :compressor
 
       def initialize
         set_defaults
@@ -55,6 +56,7 @@ module ActiveRecord
           self.previous_schemes = []
           self.forced_encoding_for_deterministic_encryption = Encoding::UTF_8
           self.hash_digest_class = OpenSSL::Digest::SHA1
+          self.compressor = Zlib
 
           # TODO: Setting to false for now as the implementation is a bit experimental
           self.extend_queries = false

data/lib/active_record/encryption/encryptable_record.rb

@@ -46,11 +46,11 @@ module ActiveRecord
         # * <tt>:previous</tt> - List of previous encryption schemes. When provided, they will be used in order when trying to read
         #   the attribute. Each entry of the list can contain the properties supported by #encrypts. Also, when deterministic
         #   encryption is used, they will be used to generate additional ciphertexts to check in the queries.
-        def encrypts(*names, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], **context_properties)
+        def encrypts(*names, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], compress: true, compressor: nil, **context_properties)
           self.encrypted_attributes ||= Set.new # not using :default because the instance would be shared across classes
 
           names.each do |name|
-            encrypt_attribute name, key_provider: key_provider, key: key, deterministic: deterministic, support_unencrypted_data: support_unencrypted_data, downcase: downcase, ignore_case: ignore_case, previous: previous, **context_properties
+            encrypt_attribute name, key_provider: key_provider, key: key, deterministic: deterministic, support_unencrypted_data: support_unencrypted_data, downcase: downcase, ignore_case: ignore_case, previous: previous, compress: compress, compressor: compressor, **context_properties
           end
         end
 
@@ -81,12 +81,12 @@ module ActiveRecord
             end
           end
 
-          def encrypt_attribute(name, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], **context_properties)
+          def encrypt_attribute(name, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], compress: true, compressor: nil, **context_properties)
             encrypted_attributes << name.to_sym
 
-            attribute name do |cast_type|
+            decorate_attributes([name]) do |name, cast_type|
               scheme = scheme_for key_provider: key_provider, key: key, deterministic: deterministic, support_unencrypted_data: support_unencrypted_data, \
-                downcase: downcase, ignore_case: ignore_case, previous: previous, **context_properties
+                downcase: downcase, ignore_case: ignore_case, previous: previous, compress: compress, compressor: compressor, **context_properties
 
               ActiveRecord::Encryption::EncryptedAttributeType.new(scheme: scheme, cast_type: cast_type, default: columns_hash[name.to_s]&.default)
             end
@@ -123,7 +123,7 @@ module ActiveRecord
             end)
           end
 
-          def load_schema!
+          def load_schema! # :nodoc:
             super
 
             add_length_validation_for_encrypted_columns if ActiveRecord::Encryption.config.validate_column_size
@@ -221,7 +221,7 @@ module ActiveRecord
         end
 
         def cant_modify_encrypted_attributes_when_frozen
-          self.class&.encrypted_attributes.each do |attribute|
+          self.class.encrypted_attributes.each do |attribute|
             errors.add(attribute.to_sym, "can't be modified because it is encrypted") if changed_attributes.include?(attribute)
           end
         end

data/lib/active_record/encryption/encrypted_attribute_type.rb

@@ -7,13 +7,13 @@ module ActiveRecord
     # This is the central piece that connects the encryption system with +encrypts+ declarations in the
     # model classes. Whenever you declare an attribute as encrypted, it configures an +EncryptedAttributeType+
     # for that attribute.
-    class EncryptedAttributeType < ::ActiveRecord::Type::Text
+    class EncryptedAttributeType < ::ActiveModel::Type::Value
       include ActiveModel::Type::Helpers::Mutable
 
       attr_reader :scheme, :cast_type
 
       delegate :key_provider, :downcase?, :deterministic?, :previous_schemes, :with_context, :fixed?, to: :scheme
-      delegate :accessor, to: :cast_type
+      delegate :accessor, :type, to: :cast_type
 
       # === Options
       #
@@ -81,7 +81,7 @@ module ActiveRecord
           @previous_type
         end
 
-        def decrypt(value)
+        def decrypt_as_text(value)
           with_context do
             unless value.nil?
               if @default && @default == value
@@ -99,6 +99,10 @@ module ActiveRecord
           end
         end
 
+        def decrypt(value)
+          text_to_database_type decrypt_as_text(database_type_to_text(value))
+        end
+
         def try_to_deserialize_with_previous_encrypted_types(value)
           previous_types.each.with_index do |type, index|
             break type.deserialize(value)
@@ -129,12 +133,20 @@ module ActiveRecord
           encrypt(casted_value.to_s) unless casted_value.nil?
         end
 
-        def encrypt(value)
+        def encrypt_as_text(value)
           with_context do
+            if encryptor.binary? && !cast_type.binary?
+              raise Errors::Encoding, "Binary encoded data can only be stored in binary columns"
+            end
+
             encryptor.encrypt(value, **encryption_options)
           end
         end
 
+        def encrypt(value)
+          text_to_database_type encrypt_as_text(value)
+        end
+
         def encryptor
           ActiveRecord::Encryption.encryptor
         end
@@ -150,6 +162,23 @@ module ActiveRecord
         def clean_text_scheme
           @clean_text_scheme ||= ActiveRecord::Encryption::Scheme.new(downcase: downcase?, encryptor: ActiveRecord::Encryption::NullEncryptor.new)
         end
+
+        def text_to_database_type(value)
+          if value && cast_type.binary?
+            ActiveModel::Type::Binary::Data.new(value)
+          else
+            value
+          end
+        end
+
+        def database_type_to_text(value)
+          if value && cast_type.binary?
+            binary_cast_type = cast_type.serialized? ? cast_type.subtype : cast_type
+            binary_cast_type.deserialize(value)
+          else
+            value
+          end
+        end
     end
   end
 end

data/lib/active_record/encryption/encryptor.rb

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 require "openssl"
-require "zlib"
 require "active_support/core_ext/numeric"
 
 module ActiveRecord
@@ -12,6 +11,22 @@ module ActiveRecord
     # It interacts with a KeyProvider for getting the keys, and delegate to
     # ActiveRecord::Encryption::Cipher the actual encryption algorithm.
     class Encryptor
+      # The compressor to use for compressing the payload
+      attr_reader :compressor
+
+      # === Options
+      #
+      # * <tt>:compress</tt> - Boolean indicating whether records should be compressed before encryption.
+      #   Defaults to +true+.
+      # * <tt>:compressor</tt> - The compressor to use.
+      #   1. If compressor is provided, it will be used.
+      #   2. If not, it will use ActiveRecord::Encryption.config.compressor which default value is +Zlib+.
+      #   If you want to use a custom compressor, it must respond to +deflate+ and +inflate+.
+      def initialize(compress: true, compressor: nil)
+        @compress = compress
+        @compressor = compressor || ActiveRecord::Encryption.config.compressor
+      end
+
       # Encrypts +clean_text+ and returns the encrypted result
       #
       # Internally, it will:
@@ -38,7 +53,7 @@ module ActiveRecord
         serialize_message build_encrypted_message(clear_text, key_provider: key_provider, cipher_options: cipher_options)
       end
 
-      # Decrypts a +clean_text+ and returns the result as clean text
+      # Decrypts an +encrypted_text+ and returns the result as clean text
       #
       # === Options
       #
@@ -66,6 +81,14 @@ module ActiveRecord
         false
       end
 
+      def binary?
+        serializer.binary?
+      end
+
+      def compress? # :nodoc:
+        @compress
+      end
+
       private
         DECRYPT_ERRORS = [OpenSSL::Cipher::CipherError, Errors::EncryptedContentIntegrity, Errors::Decryption]
         ENCODING_ERRORS = [EncodingError, Errors::Encoding]
@@ -100,7 +123,6 @@ module ActiveRecord
         end
 
         def deserialize_message(message)
-          raise Errors::Encoding unless message.is_a?(String)
           serializer.load message
         rescue ArgumentError, TypeError, Errors::ForbiddenClass
           raise Errors::Encoding
@@ -112,7 +134,7 @@ module ActiveRecord
 
         # Under certain threshold, ZIP compression is actually worse that not compressing
         def compress_if_worth_it(string)
-          if string.bytesize > THRESHOLD_TO_JUSTIFY_COMPRESSION
+          if compress? && string.bytesize > THRESHOLD_TO_JUSTIFY_COMPRESSION
             [compress(string), true]
           else
             [string, false]
@@ -120,7 +142,7 @@ module ActiveRecord
         end
 
         def compress(data)
-          Zlib::Deflate.deflate(data).tap do |compressed_data|
+          @compressor.deflate(data).tap do |compressed_data|
             compressed_data.force_encoding(data.encoding)
           end
         end
@@ -134,7 +156,7 @@ module ActiveRecord
         end
 
         def uncompress(data)
-          Zlib::Inflate.inflate(data).tap do |uncompressed_data|
+          @compressor.inflate(data).tap do |uncompressed_data|
             uncompressed_data.force_encoding(data.encoding)
           end
         end

data/lib/active_record/encryption/extended_deterministic_queries.rb

@@ -41,6 +41,8 @@ module ActiveRecord
       module EncryptedQuery # :nodoc:
         class << self
           def process_arguments(owner, args, check_for_additional_values)
+            owner = owner.model if owner.is_a?(Relation)
+
             return args if owner.deterministic_encrypted_attributes&.empty?
 
             if args.is_a?(Array) && (options = args.first).is_a?(Hash)
@@ -102,12 +104,12 @@ module ActiveRecord
         end
 
         def scope_for_create
-          return super unless klass.deterministic_encrypted_attributes&.any?
+          return super unless model.deterministic_encrypted_attributes&.any?
 
           scope_attributes = super
           wheres = where_values_hash
 
-          klass.deterministic_encrypted_attributes.each do |attribute_name|
+          model.deterministic_encrypted_attributes.each do |attribute_name|
             attribute_name = attribute_name.to_s
             values = wheres[attribute_name]
             if values.is_a?(Array) && values[1..].all?(AdditionalValue)

data/lib/active_record/encryption/key_provider.rb

@@ -12,7 +12,7 @@ module ActiveRecord
         @keys = Array(keys)
       end
 
-      # Returns the first key in the list as the active key to perform encryptions
+      # Returns the last key in the list as the active key to perform encryptions
       #
       # When +ActiveRecord::Encryption.config.store_key_references+ is true, the key will include
       # a public tag referencing the key itself. That key will be stored in the public

data/lib/active_record/encryption/message_pack_message_serializer.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+require "active_support/message_pack"
+
+module ActiveRecord
+  module Encryption
+    # A message serializer that serializes +Messages+ with MessagePack.
+    #
+    # The message is converted to a hash with this structure:
+    #
+    #   {
+    #     p: <payload>,
+    #     h: {
+    #       header1: value1,
+    #       header2: value2,
+    #       ...
+    #     }
+    #   }
+    #
+    # Then it is converted to the MessagePack format.
+    class MessagePackMessageSerializer
+      def dump(message)
+        raise Errors::ForbiddenClass unless message.is_a?(Message)
+        ActiveSupport::MessagePack.dump(message_to_hash(message))
+      end
+
+      def load(serialized_content)
+        data = ActiveSupport::MessagePack.load(serialized_content)
+        hash_to_message(data, 1)
+      rescue RuntimeError
+        raise Errors::Decryption
+      end
+
+      def binary?
+        true
+      end
+
+      private
+        def message_to_hash(message)
+          {
+            "p" => message.payload,
+            "h" => headers_to_hash(message.headers)
+          }
+        end
+
+        def headers_to_hash(headers)
+          headers.transform_values do |value|
+            value.is_a?(Message) ? message_to_hash(value) : value
+          end
+        end
+
+        def hash_to_message(data, level)
+          validate_message_data_format(data, level)
+          Message.new(payload: data["p"], headers: parse_properties(data["h"], level))
+        end
+
+        def validate_message_data_format(data, level)
+          if level > 2
+            raise Errors::Decryption, "More than one level of hash nesting in headers is not supported"
+          end
+
+          unless data.is_a?(Hash) && data.has_key?("p")
+            raise Errors::Decryption, "Invalid data format: hash without payload"
+          end
+        end
+
+        def parse_properties(headers, level)
+          Properties.new.tap do |properties|
+            headers&.each do |key, value|
+              properties[key] = value.is_a?(Hash) ? hash_to_message(value, level + 1) : value
+            end
+          end
+        end
+    end
+  end
+end

data/lib/active_record/encryption/message_serializer.rb

@@ -33,6 +33,10 @@ module ActiveRecord
         JSON.dump message_to_json(message)
       end
 
+      def binary?
+        false
+      end
+
       private
         def parse_message(data, level)
           validate_message_data_format(data, level)

data/lib/active_record/encryption/null_encryptor.rb

@@ -16,6 +16,10 @@ module ActiveRecord
       def encrypted?(text)
         false
       end
+
+      def binary?
+        false
+      end
     end
   end
 end

data/lib/active_record/encryption/read_only_null_encryptor.rb

@@ -19,6 +19,10 @@ module ActiveRecord
       def encrypted?(text)
         false
       end
+
+      def binary?
+        false
+      end
     end
   end
 end

data/lib/active_record/encryption/scheme.rb

@@ -11,7 +11,7 @@ module ActiveRecord
       attr_accessor :previous_schemes
 
       def initialize(key_provider: nil, key: nil, deterministic: nil, support_unencrypted_data: nil, downcase: nil, ignore_case: nil,
-                     previous_schemes: nil, **context_properties)
+                     previous_schemes: nil, compress: true, compressor: nil, **context_properties)
         # Initializing all attributes to +nil+ as we want to allow a "not set" semantics so that we
         # can merge schemes without overriding values with defaults. See +#merge+
 
@@ -24,8 +24,13 @@ module ActiveRecord
         @previous_schemes_param = previous_schemes
         @previous_schemes = Array.wrap(previous_schemes)
         @context_properties = context_properties
+        @compress = compress
+        @compressor = compressor
 
         validate_config!
+
+        @context_properties[:encryptor] = Encryptor.new(compress: @compress) unless @compress
+        @context_properties[:encryptor] = Encryptor.new(compressor: compressor) if compressor
       end
 
       def ignore_case?
@@ -78,6 +83,8 @@ module ActiveRecord
         def validate_config!
           raise Errors::Configuration, "ignore_case: can only be used with deterministic encryption" if @ignore_case && !@deterministic
           raise Errors::Configuration, "key_provider: and key: can't be used simultaneously" if @key_provider_param && @key
+          raise Errors::Configuration, "compressor: can't be used with compress: false" if !@compress && @compressor
+          raise Errors::Configuration, "compressor: can't be used with encryptor" if @compressor && @context_properties[:encryptor]
         end
 
         def key_provider_from_key

data/lib/active_record/enum.rb

@@ -213,26 +213,16 @@ module ActiveRecord
         attr_reader :name, :mapping
     end
 
-    def enum(name = nil, values = nil, **options)
-      if name
-        values, options = options, {} unless values
-        return _enum(name, values, **options)
-      end
-
-      definitions = options.slice!(:_prefix, :_suffix, :_scopes, :_default, :_instance_methods)
-      options.transform_keys! { |key| :"#{key[1..-1]}" }
-
-      definitions.each { |name, values| _enum(name, values, **options) }
+    def enum(name, values = nil, **options)
+      values, options = options, {} unless values
+      _enum(name, values, **options)
     end
 
     private
-      def inherited(base)
-        base.defined_enums = defined_enums.deep_dup
-        super
-      end
-
       def _enum(name, values, prefix: nil, suffix: nil, scopes: true, instance_methods: true, validate: false, **options)
         assert_valid_enum_definition_values(values)
+        assert_valid_enum_options(options)
+
         # statuses = { }
         enum_values = ActiveSupport::HashWithIndifferentAccess.new
         name = name.to_s
@@ -245,7 +235,9 @@ module ActiveRecord
         detect_enum_conflict!(name, name)
         detect_enum_conflict!(name, "#{name}=")
 
-        attribute(name, **options) do |subtype|
+        attribute(name, **options)
+
+        decorate_attributes([name]) do |_name, subtype|
           if subtype == ActiveModel::Type.default_value
             raise "Undeclared attribute type for enum '#{name}' in #{self.name}. Enums must be" \
               " backed by a database column or declared with an explicit type" \
@@ -294,6 +286,11 @@ module ActiveRecord
         enum_values.freeze
       end
 
+      def inherited(base)
+        base.defined_enums = defined_enums.deep_dup
+        super
+      end
+
       class EnumMethods < Module # :nodoc:
         def initialize(klass)
           @klass = klass
@@ -361,6 +358,13 @@ module ActiveRecord
         end
       end
 
+      def assert_valid_enum_options(options)
+        invalid_keys = options.keys & %i[_prefix _suffix _scopes _default _instance_methods]
+        unless invalid_keys.empty?
+          raise ArgumentError, "invalid option(s): #{invalid_keys.map(&:inspect).join(", ")}. Valid options are: :prefix, :suffix, :scopes, :default, :instance_methods, and :validate."
+        end
+      end
+
       ENUM_CONFLICT_MESSAGE = \
         "You tried to define an enum named \"%{enum}\" on the model \"%{klass}\", but " \
         "this will generate a %{type} method \"%{method}\", which is already defined " \