activerecord 7.2.2.1 → 8.1.2

data/lib/active_record/delegated_type.rb

@@ -181,16 +181,16 @@ module ActiveRecord
     #     delegated_type :entryable, types: %w[ Message Comment ], dependent: :destroy
     #   end
     #
-    #   Entry#entryable_class # => +Message+ or +Comment+
-    #   Entry#entryable_name  # => "message" or "comment"
-    #   Entry.messages        # => Entry.where(entryable_type: "Message")
-    #   Entry#message?        # => true when entryable_type == "Message"
-    #   Entry#message         # => returns the message record, when entryable_type == "Message", otherwise nil
-    #   Entry#message_id      # => returns entryable_id, when entryable_type == "Message", otherwise nil
-    #   Entry.comments        # => Entry.where(entryable_type: "Comment")
-    #   Entry#comment?        # => true when entryable_type == "Comment"
-    #   Entry#comment         # => returns the comment record, when entryable_type == "Comment", otherwise nil
-    #   Entry#comment_id      # => returns entryable_id, when entryable_type == "Comment", otherwise nil
+    #   @entry.entryable_class # => Message or Comment
+    #   @entry.entryable_name  # => "message" or "comment"
+    #   Entry.messages         # => Entry.where(entryable_type: "Message")
+    #   @entry.message?        # => true when entryable_type == "Message"
+    #   @entry.message         # => returns the message record, when entryable_type == "Message", otherwise nil
+    #   @entry.message_id      # => returns entryable_id, when entryable_type == "Message", otherwise nil
+    #   Entry.comments         # => Entry.where(entryable_type: "Comment")
+    #   @entry.comment?        # => true when entryable_type == "Comment"
+    #   @entry.comment         # => returns the comment record, when entryable_type == "Comment", otherwise nil
+    #   @entry.comment_id      # => returns entryable_id, when entryable_type == "Comment", otherwise nil
     #
     # You can also declare namespaced types:
     #
@@ -199,25 +199,25 @@ module ActiveRecord
     #   end
     #
     #   Entry.access_notice_messages
-    #   entry.access_notice_message
-    #   entry.access_notice_message?
+    #   @entry.access_notice_message
+    #   @entry.access_notice_message?
     #
-    # === Options
+    # ==== Options
     #
     # The +options+ are passed directly to the +belongs_to+ call, so this is where you declare +dependent+ etc.
     # The following options can be included to specialize the behavior of the delegated type convenience methods.
     #
-    # [:foreign_key]
+    # [+:foreign_key+]
     #   Specify the foreign key used for the convenience methods. By default this is guessed to be the passed
     #   +role+ with an "_id" suffix. So a class that defines a
     #   <tt>delegated_type :entryable, types: %w[ Message Comment ]</tt> association will use "entryable_id" as
     #   the default <tt>:foreign_key</tt>.
-    # [:foreign_type]
+    # [+:foreign_type+]
     #   Specify the column used to store the associated object's type. By default this is inferred to be the passed
     #   +role+ with a "_type" suffix. A class that defines a
     #   <tt>delegated_type :entryable, types: %w[ Message Comment ]</tt> association will use "entryable_type" as
     #   the default <tt>:foreign_type</tt>.
-    # [:primary_key]
+    # [+:primary_key+]
     #   Specify the method that returns the primary key of associated object used for the convenience methods.
     #   By default this is +id+.
     #
@@ -226,10 +226,10 @@ module ActiveRecord
     #     delegated_type :entryable, types: %w[ Message Comment ], primary_key: :uuid, foreign_key: :entryable_uuid
     #   end
     #
-    #   Entry#message_uuid      # => returns entryable_uuid, when entryable_type == "Message", otherwise nil
-    #   Entry#comment_uuid      # => returns entryable_uuid, when entryable_type == "Comment", otherwise nil
+    #   @entry.message_uuid # => returns entryable_uuid, when entryable_type == "Message", otherwise nil
+    #   @entry.comment_uuid # => returns entryable_uuid, when entryable_type == "Comment", otherwise nil
     def delegated_type(role, types:, **options)
-      belongs_to role, options.delete(:scope), **options.merge(polymorphic: true)
+      belongs_to role, options.delete(:scope), **options, polymorphic: true
       define_delegated_type_methods role, types: types, options: options
     end
 

data/lib/active_record/dynamic_matchers.rb

@@ -7,16 +7,18 @@ module ActiveRecord
         if self == Base
           super
         else
-          match = Method.match(self, name)
-          match && match.valid? || super
+          super || begin
+            match = Method.match(name)
+            match && match.valid?(self, name)
+          end
         end
       end
 
       def method_missing(name, ...)
-        match = Method.match(self, name)
+        match = Method.match(name)
 
-        if match && match.valid?
-          match.define
+        if match && match.valid?(self, name)
+          match.define(self, name)
           send(name, ...)
         else
           super
@@ -24,97 +26,80 @@ module ActiveRecord
       end
 
       class Method
-        @matchers = []
-
         class << self
-          attr_reader :matchers
-
-          def match(model, name)
-            klass = matchers.find { |k| k.pattern.match?(name) }
-            klass.new(model, name) if klass
+          def match(name)
+            FindBy.match?(name) || FindByBang.match?(name)
           end
 
-          def pattern
-            @pattern ||= /\A#{prefix}_([_a-zA-Z]\w*)#{suffix}\Z/
+          def valid?(model, name)
+            attribute_names(model, name.to_s).all? { |name| model.columns_hash[name] || model.reflect_on_aggregation(name.to_sym) }
           end
 
-          def prefix
-            raise NotImplementedError
+          def define(model, name)
+            model.class_eval <<-CODE, __FILE__, __LINE__ + 1
+            def self.#{name}(#{signature(model, name)})
+              #{body(model, name)}
+            end
+            CODE
           end
 
-          def suffix
-            ""
-          end
-        end
+          private
+            def make_pattern(prefix, suffix)
+              /\A#{prefix}_([_a-zA-Z]\w*)#{suffix}\Z/
+            end
 
-        attr_reader :model, :name, :attribute_names
+            def attribute_names(model, name)
+              attribute_names = name.match(pattern)[1].split("_and_")
+              attribute_names.map! { |name| model.attribute_aliases[name] || name }
+            end
 
-        def initialize(model, method_name)
-          @model           = model
-          @name            = method_name.to_s
-          @attribute_names = @name.match(self.class.pattern)[1].split("_and_")
-          @attribute_names.map! { |name| @model.attribute_aliases[name] || name }
-        end
+            def body(model, method_name)
+              "#{finder}(#{attributes_hash(model, method_name)})"
+            end
 
-        def valid?
-          attribute_names.all? { |name| model.columns_hash[name] || model.reflect_on_aggregation(name.to_sym) }
-        end
+            # The parameters in the signature may have reserved Ruby words, in order
+            # to prevent errors, we start each param name with `_`.
+            def signature(model, method_name)
+              attribute_names(model, method_name.to_s).map { |name| "_#{name}" }.join(", ")
+            end
 
-        def define
-          model.class_eval <<-CODE, __FILE__, __LINE__ + 1
-            def self.#{name}(#{signature})
-              #{body}
+            # Given that the parameters starts with `_`, the finder needs to use the
+            # same parameter name.
+            def attributes_hash(model, method_name)
+              "{" + attribute_names(model, method_name).map { |name| ":#{name} => _#{name}" }.join(",") + "}"
             end
-          CODE
         end
+      end
 
-        private
-          def body
-            "#{finder}(#{attributes_hash})"
-          end
+      class FindBy < Method
+        @pattern = make_pattern("find_by", "")
 
-          # The parameters in the signature may have reserved Ruby words, in order
-          # to prevent errors, we start each param name with `_`.
-          def signature
-            attribute_names.map { |name| "_#{name}" }.join(", ")
-          end
+        class << self
+          attr_reader :pattern
 
-          # Given that the parameters starts with `_`, the finder needs to use the
-          # same parameter name.
-          def attributes_hash
-            "{" + attribute_names.map { |name| ":#{name} => _#{name}" }.join(",") + "}"
+          def match?(name)
+            pattern.match?(name) && self
           end
 
           def finder
-            raise NotImplementedError
+            "find_by"
           end
-      end
-
-      class FindBy < Method
-        Method.matchers << self
-
-        def self.prefix
-          "find_by"
-        end
-
-        def finder
-          "find_by"
         end
       end
 
       class FindByBang < Method
-        Method.matchers << self
+        @pattern = make_pattern("find_by", "!")
 
-        def self.prefix
-          "find_by"
-        end
+        class << self
+          attr_reader :pattern
 
-        def self.suffix
-          "!"
-        end
+          def match?(name)
+            pattern.match?(name) && self
+          end
 
-        def finder
-          "find_by!"
+          def finder
+            "find_by!"
+          end
         end
       end
   end

data/lib/active_record/encryption/config.rb

@@ -8,7 +8,8 @@ module ActiveRecord
     class Config
       attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
                     :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
-                    :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption
+                    :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption,
+                    :compressor
 
       def initialize
         set_defaults
@@ -55,6 +56,7 @@ module ActiveRecord
           self.previous_schemes = []
           self.forced_encoding_for_deterministic_encryption = Encoding::UTF_8
           self.hash_digest_class = OpenSSL::Digest::SHA1
+          self.compressor = Zlib
 
           # TODO: Setting to false for now as the implementation is a bit experimental
           self.extend_queries = false

data/lib/active_record/encryption/encryptable_record.rb

@@ -16,7 +16,7 @@ module ActiveRecord
       class_methods do
         # Encrypts the +name+ attribute.
         #
-        # === Options
+        # ==== Options
         #
         # * <tt>:key_provider</tt> - A key provider to provide encryption and decryption keys. Defaults to
         #   +ActiveRecord::Encryption.key_provider+.
@@ -30,10 +30,10 @@ module ActiveRecord
         #   will use the oldest encryption scheme to encrypt new data by default. You can change this by setting
         #   <tt>deterministic: { fixed: false }</tt>. That will make it use the newest encryption scheme for encrypting new
         #   data.
-        # * <tt>:support_unencrypted_data</tt> - If `config.active_record.encryption.support_unencrypted_data` is +true+,
-        #   you can set this to +false+ to opt out of unencrypted data support for this attribute. This is useful for
-        #   scenarios where you encrypt one column, and want to disable support for unencrypted data without having to tweak
-        #   the global setting.
+        # * <tt>:support_unencrypted_data</tt> - When true, unencrypted data can be read normally. When false, it will raise errors.
+        #   Falls back to +config.active_record.encryption.support_unencrypted_data+ if no value is provided.
+        #   This is useful for scenarios where you encrypt one column, and want to disable support for unencrypted data
+        #   without having to tweak the global setting.
         # * <tt>:downcase</tt> - When true, it converts the encrypted content to downcase automatically. This allows to
         #   effectively ignore case when querying data. Notice that the case is lost. Use +:ignore_case+ if you are interested
         #   in preserving it.
@@ -46,11 +46,11 @@ module ActiveRecord
         # * <tt>:previous</tt> - List of previous encryption schemes. When provided, they will be used in order when trying to read
         #   the attribute. Each entry of the list can contain the properties supported by #encrypts. Also, when deterministic
         #   encryption is used, they will be used to generate additional ciphertexts to check in the queries.
-        def encrypts(*names, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], **context_properties)
+        def encrypts(*names, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], compress: true, compressor: nil, **context_properties)
           self.encrypted_attributes ||= Set.new # not using :default because the instance would be shared across classes
 
           names.each do |name|
-            encrypt_attribute name, key_provider: key_provider, key: key, deterministic: deterministic, support_unencrypted_data: support_unencrypted_data, downcase: downcase, ignore_case: ignore_case, previous: previous, **context_properties
+            encrypt_attribute name, key_provider: key_provider, key: key, deterministic: deterministic, support_unencrypted_data: support_unencrypted_data, downcase: downcase, ignore_case: ignore_case, previous: previous, compress: compress, compressor: compressor, **context_properties
           end
         end
 
@@ -81,12 +81,12 @@ module ActiveRecord
             end
           end
 
-          def encrypt_attribute(name, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], **context_properties)
+          def encrypt_attribute(name, key_provider: nil, key: nil, deterministic: false, support_unencrypted_data: nil, downcase: false, ignore_case: false, previous: [], compress: true, compressor: nil, **context_properties)
             encrypted_attributes << name.to_sym
 
             decorate_attributes([name]) do |name, cast_type|
               scheme = scheme_for key_provider: key_provider, key: key, deterministic: deterministic, support_unencrypted_data: support_unencrypted_data, \
-                downcase: downcase, ignore_case: ignore_case, previous: previous, **context_properties
+                downcase: downcase, ignore_case: ignore_case, previous: previous, compress: compress, compressor: compressor, **context_properties
 
               ActiveRecord::Encryption::EncryptedAttributeType.new(scheme: scheme, cast_type: cast_type, default: columns_hash[name.to_s]&.default)
             end

data/lib/active_record/encryption/encrypted_attribute_type.rb

@@ -15,7 +15,7 @@ module ActiveRecord
       delegate :key_provider, :downcase?, :deterministic?, :previous_schemes, :with_context, :fixed?, to: :scheme
       delegate :accessor, :type, to: :cast_type
 
-      # === Options
+      # ==== Options
       #
       # * <tt>:scheme</tt> - A +Scheme+ with the encryption properties for this attribute.
       # * <tt>:cast_type</tt> - A type that will be used to serialize (before encrypting) and deserialize
@@ -59,7 +59,7 @@ module ActiveRecord
       end
 
       def support_unencrypted_data?
-        ActiveRecord::Encryption.config.support_unencrypted_data && scheme.support_unencrypted_data? && !previous_type?
+        scheme.support_unencrypted_data? && !previous_type?
       end
 
       private
@@ -100,7 +100,7 @@ module ActiveRecord
         end
 
         def decrypt(value)
-          text_to_database_type decrypt_as_text(value)
+          text_to_database_type decrypt_as_text(database_type_to_text(value))
         end
 
         def try_to_deserialize_with_previous_encrypted_types(value)
@@ -170,6 +170,15 @@ module ActiveRecord
             value
           end
         end
+
+        def database_type_to_text(value)
+          if value && cast_type.binary?
+            binary_cast_type = cast_type.serialized? ? cast_type.subtype : cast_type
+            binary_cast_type.deserialize(value)
+          else
+            value
+          end
+        end
     end
   end
 end

data/lib/active_record/encryption/encryptor.rb

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 require "openssl"
-require "zlib"
 require "active_support/core_ext/numeric"
 
 module ActiveRecord
@@ -12,33 +11,43 @@ module ActiveRecord
     # It interacts with a KeyProvider for getting the keys, and delegate to
     # ActiveRecord::Encryption::Cipher the actual encryption algorithm.
     class Encryptor
-      # === Options
+      # The compressor to use for compressing the payload.
+      attr_reader :compressor
+
+      # ==== Options
+      #
+      # [+:compress+]
+      #   Boolean indicating whether records should be compressed before
+      #   encryption. Defaults to +true+.
       #
-      # * <tt>:compress</tt> - Boolean indicating whether records should be compressed before encryption.
-      #   Defaults to +true+.
-      def initialize(compress: true)
+      # [+:compressor+]
+      #   The compressor to use. It must respond to +deflate+ and +inflate+.
+      #   If not provided, will default to +ActiveRecord::Encryption.config.compressor+,
+      #   which itself defaults to +Zlib+.
+      def initialize(compress: true, compressor: nil)
         @compress = compress
+        @compressor = compressor || ActiveRecord::Encryption.config.compressor
       end
 
-      # Encrypts +clean_text+ and returns the encrypted result
+      # Encrypts +clean_text+ and returns the encrypted result.
       #
       # Internally, it will:
       #
-      # 1. Create a new ActiveRecord::Encryption::Message
-      # 2. Compress and encrypt +clean_text+ as the message payload
-      # 3. Serialize it with +ActiveRecord::Encryption.message_serializer+ (+ActiveRecord::Encryption::SafeMarshal+
-      #    by default)
-      # 4. Encode the result with Base 64
+      # 1. Create a new ActiveRecord::Encryption::Message.
+      # 2. Compress and encrypt +clean_text+ as the message payload.
+      # 3. Serialize it with +ActiveRecord::Encryption.message_serializer+
+      #    (+ActiveRecord::Encryption::SafeMarshal+ by default).
+      # 4. Encode the result with Base64.
       #
-      # === Options
+      # ==== Options
       #
-      # [:key_provider]
+      # [+:key_provider+]
       #   Key provider to use for the encryption operation. It will default to
       #   +ActiveRecord::Encryption.key_provider+ when not provided.
       #
-      # [:cipher_options]
+      # [+:cipher_options+]
       #   Cipher-specific options that will be passed to the Cipher configured in
-      #   +ActiveRecord::Encryption.cipher+
+      #   +ActiveRecord::Encryption.cipher+.
       def encrypt(clear_text, key_provider: default_key_provider, cipher_options: {})
         clear_text = force_encoding_if_needed(clear_text) if cipher_options[:deterministic]
 
@@ -46,17 +55,17 @@ module ActiveRecord
         serialize_message build_encrypted_message(clear_text, key_provider: key_provider, cipher_options: cipher_options)
       end
 
-      # Decrypts an +encrypted_text+ and returns the result as clean text
+      # Decrypts an +encrypted_text+ and returns the result as clean text.
       #
-      # === Options
+      # ==== Options
       #
-      # [:key_provider]
+      # [+:key_provider+]
       #   Key provider to use for the encryption operation. It will default to
-      #   +ActiveRecord::Encryption.key_provider+ when not provided
+      #   +ActiveRecord::Encryption.key_provider+ when not provided.
       #
-      # [:cipher_options]
+      # [+:cipher_options+]
       #   Cipher-specific options that will be passed to the Cipher configured in
-      #   +ActiveRecord::Encryption.cipher+
+      #   +ActiveRecord::Encryption.cipher+.
       def decrypt(encrypted_text, key_provider: default_key_provider, cipher_options: {})
         message = deserialize_message(encrypted_text)
         keys = key_provider.decryption_keys(message)
@@ -66,7 +75,7 @@ module ActiveRecord
         raise Errors::Decryption
       end
 
-      # Returns whether the text is encrypted or not
+      # Returns whether the text is encrypted or not.
       def encrypted?(text)
         deserialize_message(text)
         true
@@ -78,9 +87,25 @@ module ActiveRecord
         serializer.binary?
       end
 
+      def compress? # :nodoc:
+        @compress
+      end
+
       private
         DECRYPT_ERRORS = [OpenSSL::Cipher::CipherError, Errors::EncryptedContentIntegrity, Errors::Decryption]
         ENCODING_ERRORS = [EncodingError, Errors::Encoding]
+
+        # This threshold cannot be changed.
+        #
+        # Users can search for attributes encrypted with `deterministic: true`.
+        # That is possible because we are able to generate the message for the
+        # given clear text deterministically, and with that perform a regular
+        # string lookup in SQL.
+        #
+        # Problem is, messages may have a "c" header that is present or not
+        # depending on whether compression was applied on encryption. If this
+        # threshold was modified, the message generated for lookup could vary
+        # for the same clear text, and searches on exisiting data could fail.
         THRESHOLD_TO_JUSTIFY_COMPRESSION = 140.bytes
 
         def default_key_provider
@@ -130,12 +155,8 @@ module ActiveRecord
           end
         end
 
-        def compress?
-          @compress
-        end
-
         def compress(data)
-          Zlib::Deflate.deflate(data).tap do |compressed_data|
+          @compressor.deflate(data).tap do |compressed_data|
             compressed_data.force_encoding(data.encoding)
           end
         end
@@ -149,7 +170,7 @@ module ActiveRecord
         end
 
         def uncompress(data)
-          Zlib::Inflate.inflate(data).tap do |uncompressed_data|
+          @compressor.inflate(data).tap do |uncompressed_data|
             uncompressed_data.force_encoding(data.encoding)
           end
         end

data/lib/active_record/encryption/extended_deterministic_queries.rb

@@ -41,6 +41,8 @@ module ActiveRecord
       module EncryptedQuery # :nodoc:
         class << self
           def process_arguments(owner, args, check_for_additional_values)
+            owner = owner.model if owner.is_a?(Relation)
+
             return args if owner.deterministic_encrypted_attributes&.empty?
 
             if args.is_a?(Array) && (options = args.first).is_a?(Hash)
@@ -102,12 +104,12 @@ module ActiveRecord
         end
 
         def scope_for_create
-          return super unless klass.deterministic_encrypted_attributes&.any?
+          return super unless model.deterministic_encrypted_attributes&.any?
 
           scope_attributes = super
           wheres = where_values_hash
 
-          klass.deterministic_encrypted_attributes.each do |attribute_name|
+          model.deterministic_encrypted_attributes.each do |attribute_name|
             attribute_name = attribute_name.to_s
             values = wheres[attribute_name]
             if values.is_a?(Array) && values[1..].all?(AdditionalValue)

data/lib/active_record/encryption/scheme.rb

@@ -11,7 +11,7 @@ module ActiveRecord
       attr_accessor :previous_schemes
 
       def initialize(key_provider: nil, key: nil, deterministic: nil, support_unencrypted_data: nil, downcase: nil, ignore_case: nil,
-                     previous_schemes: nil, **context_properties)
+                     previous_schemes: nil, compress: true, compressor: nil, **context_properties)
         # Initializing all attributes to +nil+ as we want to allow a "not set" semantics so that we
         # can merge schemes without overriding values with defaults. See +#merge+
 
@@ -24,8 +24,13 @@ module ActiveRecord
         @previous_schemes_param = previous_schemes
         @previous_schemes = Array.wrap(previous_schemes)
         @context_properties = context_properties
+        @compress = compress
+        @compressor = compressor
 
         validate_config!
+
+        @context_properties[:encryptor] = Encryptor.new(compress: @compress) unless @compress
+        @context_properties[:encryptor] = Encryptor.new(compressor: compressor) if compressor
       end
 
       def ignore_case?
@@ -54,7 +59,7 @@ module ActiveRecord
       end
 
       def merge(other_scheme)
-        self.class.new(**to_h.merge(other_scheme.to_h))
+        self.class.new(**to_h, **other_scheme.to_h)
       end
 
       def to_h
@@ -78,6 +83,8 @@ module ActiveRecord
         def validate_config!
           raise Errors::Configuration, "ignore_case: can only be used with deterministic encryption" if @ignore_case && !@deterministic
           raise Errors::Configuration, "key_provider: and key: can't be used simultaneously" if @key_provider_param && @key
+          raise Errors::Configuration, "compressor: can't be used with compress: false" if !@compress && @compressor
+          raise Errors::Configuration, "compressor: can't be used with encryptor" if @compressor && @context_properties[:encryptor]
         end
 
         def key_provider_from_key