RubyGems - attr_encrypted - Versions diffs - 1.0.9 → 1.1.0 - Mend

attr_encrypted 1.0.9 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

data/README.rdoc +308 -0
data/Rakefile +1 -1
data/lib/attr_encrypted.rb +192 -196
data/lib/attr_encrypted/adapters/active_record.rb +55 -0
data/lib/attr_encrypted/adapters/data_mapper.rb +21 -0
data/lib/attr_encrypted/adapters/sequel.rb +13 -0
data/test/active_record_test.rb +1 -1
data/test/attr_encrypted_test.rb +12 -5
data/test/data_mapper_test.rb +1 -1
data/test/sequel_test.rb +1 -1
data/test/test_helper.rb +0 -6
metadata +14 -10
data/CHANGELOG +0 -45
data/README.markdown +0 -299
data/lib/huberry/attr_encrypted/adapters/active_record.rb +0 -57
data/lib/huberry/attr_encrypted/adapters/data_mapper.rb +0 -23
data/lib/huberry/attr_encrypted/adapters/sequel.rb +0 -15

data/lib/attr_encrypted/adapters/active_record.rb ADDED Viewed

@@ -0,0 +1,55 @@
+if defined?(ActiveRecord)
+  module AttrEncrypted
+    module Adapters
+      module ActiveRecord
+        def self.extended(base)
+          base.attr_encrypted_options[:encode] = true
+          base.eigenclass_eval { alias_method_chain :method_missing, :attr_encrypted }
+        end
+        protected
+          # Ensures the attribute methods for db fields have been defined before calling the original
+          # <tt>attr_encrypted</tt> method
+          def attr_encrypted(*attrs)
+            define_attribute_methods rescue nil
+            super
+            attrs.reject { |attr| attr.is_a?(Hash) }.each { |attr| alias_method "#{attr}_before_type_cast", attr }
+          end
+          # Allows you to use dynamic methods like <tt>find_by_email</tt> or <tt>scoped_by_email</tt> for
+          # encrypted attributes
+          #
+          # NOTE: This only works when the <tt>:key</tt> option is specified as a string (see the README)
+          #
+          # This is useful for encrypting fields like email addresses. Your user's email addresses
+          # are encrypted in the database, but you can still look up a user by email for logging in
+          #
+          # Example
+          #
+          #   class User < ActiveRecord::Base
+          #     attr_encrypted :email, :key => 'secret key'
+          #   end
+          #
+          #   User.find_by_email_and_password('test@example.com', 'testing')
+          #   # results in a call to
+          #   User.find_by_encrypted_email_and_password('the_encrypted_version_of_test@example.com', 'testing')
+          def method_missing_with_attr_encrypted(method, *args, &block)
+            if match = /^(find|scoped)_(all_by|by)_([_a-zA-Z]\w*)$/.match(method.to_s)
+              attribute_names = match.captures.last.split('_and_')
+              attribute_names.each_with_index do |attribute, index|
+                if attr_encrypted?(attribute)
+                  args[index] = send("encrypt_#{attribute}", args[index])
+                  attribute_names[index] = encrypted_attributes[attribute]
+                end
+              end
+              method = "#{match.captures[0]}_#{match.captures[1]}_#{attribute_names.join('_and_')}".to_sym
+            end
+            method_missing_without_attr_encrypted(method, *args, &block)
+          end
+      end
+    end
+  end
+  ActiveRecord::Base.extend AttrEncrypted::Adapters::ActiveRecord
+end

data/lib/attr_encrypted/adapters/data_mapper.rb ADDED Viewed

@@ -0,0 +1,21 @@
+if defined?(DataMapper)
+  module AttrEncrypted
+    module Adapters
+      module DataMapper
+        def self.extended(base)
+          base.eigenclass_eval do
+            alias_method :included_without_attr_encrypted, :included
+            alias_method :included, :included_with_attr_encrypted
+          end
+        end
+        def included_with_attr_encrypted(base)
+          included_without_attr_encrypted(base)
+          base.attr_encrypted_options[:encode] = true
+        end
+      end
+    end
+  end
+  DataMapper::Resource.extend AttrEncrypted::Adapters::DataMapper
+end

data/lib/attr_encrypted/adapters/sequel.rb ADDED Viewed

@@ -0,0 +1,13 @@
+if defined?(Sequel)
+  module AttrEncrypted
+    module Adapters
+      module Sequel
+        def self.extended(base)
+          base.attr_encrypted_options[:encode] = true
+        end
+      end
+    end
+  end
+  Sequel::Model.extend AttrEncrypted::Adapters::Sequel
+end

data/test/active_record_test.rb CHANGED Viewed

@@ -20,7 +20,7 @@ create_people_table
 class Person < ActiveRecord::Base
   attr_encrypted :email, :key => 'a secret key'
-  attr_encrypted :credentials, :key => Proc.new { |user| Huberry::Encryptor.encrypt(:value => user.salt, :key => 'some private key') }, :marshal => true
+  attr_encrypted :credentials, :key => Proc.new { |user| Encryptor.encrypt(:value => user.salt, :key => 'some private key') }, :marshal => true
   def after_initialize
     self.salt ||= Digest::SHA256.hexdigest((Time.now.to_i * rand(5)).to_s)

data/test/attr_encrypted_test.rb CHANGED Viewed

@@ -24,6 +24,9 @@ class User
   attr_encrypted :with_false_if, :key => 'secret key', :if => false
   attr_encrypted :with_true_unless, :key => 'secret key', :unless => true
   attr_encrypted :with_false_unless, :key => 'secret key', :unless => false
+  attr_encryptor :aliased, :key => 'secret_key'
   attr_accessor :salt
   def initialize
@@ -157,7 +160,7 @@ class AttrEncryptedTest < Test::Unit::TestCase
     assert_nil @user.ssn_encrypted
     @user.ssn = 'testing'
     assert_not_nil @user.ssn_encrypted
-    assert_equal Huberry::Encryptor.encrypt(:value => 'testing', :key => @user.salt), @user.ssn_encrypted
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => @user.salt), @user.ssn_encrypted
   end
   def test_should_evaluate_a_key_passed_as_a_proc
@@ -165,7 +168,7 @@ class AttrEncryptedTest < Test::Unit::TestCase
     assert_nil @user.crypted_password_test
     @user.password = 'testing'
     assert_not_nil @user.crypted_password_test
-    assert_equal Huberry::Encryptor.encrypt(:value => 'testing', :key => 'User'), @user.crypted_password_test
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'User'), @user.crypted_password_test
   end
   def test_should_use_options_found_in_the_attr_encrypted_options_attribute
@@ -173,7 +176,7 @@ class AttrEncryptedTest < Test::Unit::TestCase
     assert_nil @user.crypted_password_test
     @user.password = 'testing'
     assert_not_nil @user.crypted_password_test
-    assert_equal Huberry::Encryptor.encrypt(:value => 'testing', :key => 'User'), @user.crypted_password_test
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'User'), @user.crypted_password_test
   end
   def test_should_inherit_encrypted_attributes
@@ -215,7 +218,7 @@ class AttrEncryptedTest < Test::Unit::TestCase
     assert_nil @user.encrypted_with_true_if
     @user.with_true_if = 'testing'
     assert_not_nil @user.encrypted_with_true_if
-    assert_equal Huberry::Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_true_if
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_true_if
   end
   def test_should_not_encrypt_with_false_if
@@ -231,7 +234,7 @@ class AttrEncryptedTest < Test::Unit::TestCase
     assert_nil @user.encrypted_with_false_unless
     @user.with_false_unless = 'testing'
     assert_not_nil @user.encrypted_with_false_unless
-    assert_equal Huberry::Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_false_unless
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_false_unless
   end
   def test_should_not_encrypt_with_true_unless
@@ -242,4 +245,8 @@ class AttrEncryptedTest < Test::Unit::TestCase
     assert_equal 'testing', @user.encrypted_with_true_unless
   end
+  def test_should_work_with_aliased_attr_encryptor
+    assert User.encrypted_attributes.include?('aliased')
+  end
 end

data/test/data_mapper_test.rb CHANGED Viewed

@@ -11,7 +11,7 @@ class Client
   property :salt, String
   attr_encrypted :email, :key => 'a secret key'
-  attr_encrypted :credentials, :key => Proc.new { |client| Huberry::Encryptor.encrypt(:value => client.salt, :key => 'some private key') }, :marshal => true
+  attr_encrypted :credentials, :key => Proc.new { |client| Encryptor.encrypt(:value => client.salt, :key => 'some private key') }, :marshal => true
   def initialize(attrs = {})
     super attrs

data/test/sequel_test.rb CHANGED Viewed

@@ -12,7 +12,7 @@ end
 class Human < Sequel::Model(:humans)
   attr_encrypted :email, :key => 'a secret key'
-  attr_encrypted :credentials, :key => Proc.new { |human| Huberry::Encryptor.encrypt(:value => human.salt, :key => 'some private key') }, :marshal => true
+  attr_encrypted :credentials, :key => Proc.new { |human| Encryptor.encrypt(:value => human.salt, :key => 'some private key') }, :marshal => true
   def after_initialize(attrs = {})
     self.salt ||= Digest::SHA1.hexdigest((Time.now.to_i * rand(5)).to_s)

data/test/test_helper.rb CHANGED Viewed

@@ -3,12 +3,6 @@ require 'digest/sha2'
 require 'rubygems'
-gem 'activerecord'
-gem 'datamapper'
-gem 'sequel'
-require 'eigenclass'
-require 'encryptor'
 require 'active_record'
 require 'datamapper'
 require 'sequel'

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: attr_encrypted
 version: !ruby/object:Gem::Version
-  version: 1.0.9
+  version: 1.1.0
 platform: ruby
 authors:
 - Sean Huber
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-01-14 00:00:00 -08:00
+date: 2010-01-28 00:00:00 -08:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -20,7 +20,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.1
+        version: 1.1.1
     version:
 - !ruby/object:Gem::Dependency
   name: encryptor
@@ -30,7 +30,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.0
+        version: 1.1.0
     version:
 description: Generates attr_accessors that encrypt and decrypt attributes transparently
 email: shuber@huberry.com
@@ -41,14 +41,17 @@ extensions: []
 extra_rdoc_files: []
 files:
-- CHANGELOG
 - lib/attr_encrypted.rb
-- lib/huberry/attr_encrypted/adapters/active_record.rb
-- lib/huberry/attr_encrypted/adapters/data_mapper.rb
-- lib/huberry/attr_encrypted/adapters/sequel.rb
+- lib/attr_encrypted/adapters/active_record.rb
+- lib/attr_encrypted/adapters/data_mapper.rb
+- lib/attr_encrypted/adapters/sequel.rb
 - MIT-LICENSE
 - Rakefile
-- README.markdown
+- README.rdoc
+- test/active_record_test.rb
+- test/attr_encrypted_test.rb
+- test/data_mapper_test.rb
+- test/sequel_test.rb
 - test/test_helper.rb
 has_rdoc: true
 homepage: http://github.com/shuber/attr_encrypted
@@ -59,7 +62,7 @@ rdoc_options:
 - --line-numbers
 - --inline-source
 - --main
-- README.markdown
+- README.rdoc
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
@@ -86,3 +89,4 @@ test_files:
 - test/attr_encrypted_test.rb
 - test/data_mapper_test.rb
 - test/sequel_test.rb
+- test/test_helper.rb

data/CHANGELOG DELETED Viewed

@@ -1,45 +0,0 @@
-2009-05-20 - Sean Huber (shuber@huberry.com)
-  * Update ActiveRecord tests
-2009-01-18 - Sean Huber (shuber@huberry.com)
-  * Don't attempt to encrypt/decrypt empty strings
-2009-01-14 - Sean Huber (shuber@huberry.com)
-  * Move Class logic into Object
-2009-01-13 - Sean Huber (shuber@huberry.com)
-  * :marshal no longer defaults to true in ORM adapters
-  * Load gem dependencies
-2009-01-12 - Sean Huber (shuber@huberry.com)
-  * Remove read_attribute and write_attribute methods - unnecessary
-  * ActiveRecord and DataMapper extensions are now "adapters"
-  * Check for existing reader and writer methods separately before creating default ones for encrypted attributes
-  * Typo: should send(encrypted_attribute_name.to_sym) instead of send(encrypted_attribute_name.to_s)
-  * Add Sequel adapter
-  * Update DataMapper tests
-  * Update README
-  * Set attr_encrypted_options instead of overwriting the attr_encrypted method in adapters
-2009-01-11 - Sean Huber (shuber@huberry.com)
-  * Update README
-2009-01-10 - Sean Huber (shuber@huberry.com)
-  * Update README
-2009-01-08 - Sean Huber (shuber@huberry.com)
-  * Update comments and documentation
-  * Update README
-  * Add gemspec
-  * Add support for data mapper
-  * Attribute methods are now defined before calling attr_encrypted when using active record
-  * Add ability to specify your own encoding directives
-  * Update logic that evaluates symbol and proc options
-  * Add support for :if and :unless options
-  * Add AttrEncrypted namespace
-2009-01-07 - Sean Huber (shuber@huberry.com)
-  * Initial commit
-  * Add comments/documentation to the active record related logic
-  * Add more attr_encrypted tests
-  * Update tests and comments

data/README.markdown DELETED Viewed

@@ -1,299 +0,0 @@
-attr\_encrypted
-===============
-Generates attr\_accessors that encrypt and decrypt attributes transparently
-It works with ANY class, however, you get a few extra features when you're using it with ActiveRecord, DataMapper, or Sequel
-Installation
-------------
-	gem install attr_encrypted --source http://gemcutter.org
-Usage
------
-### Basic ###
-Encrypting attributes has never been easier:
-	class User
-	  attr_accessor :name
-	  attr_encrypted :ssn, :key => 'a secret key'
-	  def load
-	    # loads the stored data
-	  end
-	  def save
-	    # saves the :name and :encrypted_ssn attributes somewhere (e.g. filesystem, database, etc)
-	  end
-	end
-	@user = User.new
-	@user.ssn = '123-45-6789'
-	@user.encrypted_ssn # returns the encrypted version of :ssn
-	@user.save
-	@user = User.load
-	@user.ssn # decrypts :encrypted_ssn and returns '123-45-6789'
-### Specifying the encrypted attribute name ###
-By default, the encrypted attribute name is `encrypted_#{attribute}` (e.g. `attr_encrypted :email` would create an attribute named `encrypted_email`). So, if you're storing the encrypted attribute in the database, you need to make sure the `encrypted_#{attribute}` field exists in your table. You have a couple of options if you want to name your attribute something else.
-#### The `:attribute` option ####
-You can simply pass the name of the encrypted attribute as the `:attribute` option:
-	class User
-	  attr_encrypted :email, :key => 'a secret key', :attribute => 'email_encrypted'
-	end
-This would generate an attribute named `email_encrypted`
-#### The `:prefix` and `:suffix` options ####
-If you're planning on encrypting a few different attributes and you don't like the `encrypted_#{attribute}` naming convention then you can specify your own:
-	class User
-	  attr_encrypted :email, :credit_card, :ssn, :key => 'a secret key', :prefix => 'secret_', :suffix => '_crypted'
-	end
-This would generate the following attributes: `secret_email_crypted`, `secret_credit_card_crypted`, and `secret_ssn_crypted`.
-### Encryption keys ###
-Although a `:key` option may not be required (see custom encryptor below), it has a few special features
-#### Unique keys for each attribute ####
-You can specify unique keys for each attribute if you'd like:
-	class User
-	  attr_encrypted :email, :key => 'a secret key'
-	  attr_encrypted :ssn, :key => 'a different secret key'
-	end
-#### Symbols representing instance methods as keys ####
-If your class has an instance method that determines the encryption key to use, simply pass a symbol representing it like so:
-	class User
-	  attr_encrypted :email, :key => :encryption_key
-	  def encryption_key
-	    # does some fancy logic and returns an encryption key
-	  end
-	end
-#### Procs as keys ####
-You can pass a proc/lambda object as the `:key` option as well:
-	class User
-	  attr_encrypted :email, :key => proc { |user| ... }
-	end
-### Conditional encrypting ###
-There may be times that you want to only encrypt when certain conditions are met. For example maybe you're using rails and you don't want to encrypt
-attributes when you're in development mode. You can specify conditions like this:
-	class User < ActiveRecord::Base
-	  attr_encrypted :email, :key => 'a secret key', :unless => Rails.env.development?
-	end
-You can specify both `:if` and `:unless` options. If you pass a symbol representing an instance method then the result of the method will be evaluated.
-Any objects that respond to `:call` are evaluated as well.
-### Custom encryptor ###
-The [Huberry::Encryptor](http://github.com/shuber/encryptor) class is used by default. You may use your own custom encryptor by specifying
-the `:encryptor`, `:encrypt_method`, and `:decrypt_method` options
-Lets suppose you'd like to use this custom encryptor class:
-	class SillyEncryptor
-	  def self.silly_encrypt(options)
-	    (options[:value] + options[:secret_key]).reverse
-	  end
-	  def self.silly_decrypt(options)
-	    options[:value].reverse.gsub(/#{options[:secret_key]}$/, '')
-	  end
-	end
-Simply set up your class like so:
-	class User
-	  attr_encrypted :email, :secret_key => 'a secret key', :encryptor => SillyEncryptor, :encrypt_method => :silly_encrypt, :decrypt_method => :silly_decrypt
-	end
-Any options that you pass to `attr_encrypted` will be passed to the encryptor along with the `:value` option which contains the string to encrypt/decrypt.
-Notice it uses `:secret_key` instead of `:key`.
-### Custom algorithms ###
-The default [Huberry::Encryptor](http://github.com/shuber/encryptor) uses the standard ruby OpenSSL library. It's default algorithm is `aes-256-cbc`. You can
-modify this by passing the `:algorithm` option to the `attr_encrypted` call like so:
-	class User
-	  attr_encrypted :email, :key => 'a secret key', :algorithm => 'bf'
-	end
-Run `openssl list-cipher-commands` to view a list of algorithms supported on your platform. See [http://github.com/shuber/encryptor](http://github.com/shuber/encryptor) for more information.
-	aes-128-cbc
-	aes-128-ecb
-	aes-192-cbc
-	aes-192-ecb
-	aes-256-cbc
-	aes-256-ecb
-	base64
-	bf
-	bf-cbc
-	bf-cfb
-	bf-ecb
-	bf-ofb
-	cast
-	cast-cbc
-	cast5-cbc
-	cast5-cfb
-	cast5-ecb
-	cast5-ofb
-	des
-	des-cbc
-	des-cfb
-	des-ecb
-	des-ede
-	des-ede-cbc
-	des-ede-cfb
-	des-ede-ofb
-	des-ede3
-	des-ede3-cbc
-	des-ede3-cfb
-	des-ede3-ofb
-	des-ofb
-	des3
-	desx
-	idea
-	idea-cbc
-	idea-cfb
-	idea-ecb
-	idea-ofb
-	rc2
-	rc2-40-cbc
-	rc2-64-cbc
-	rc2-cbc
-	rc2-cfb
-	rc2-ecb
-	rc2-ofb
-	rc4
-	rc4-40
-### Default options ###
-Let's imagine that you have a few attributes that you want to encrypt with different keys, but you don't like the `encrypted_#{attribute}` naming convention.
-Instead of having to define your class like this:
-	class User
-	  attr_encrypted :email, :key => 'a secret key', :prefix => '', :suffix => '_crypted'
-	  attr_encrypted :ssn, :key => 'a different secret key', :prefix => '', :suffix => '_crypted'
-	  attr_encrypted :credit_card, :key => 'another secret key', :prefix => '', :suffix => '_crypted'
-	end
-You can simply define some default options like so:
-	class User
-	  attr_encrypted_options.merge!(:prefix => '', :suffix => '_crypted')
-	  attr_encrypted :email, :key => 'a secret key'
-	  attr_encrypted :ssn, :key => 'a different secret key'
-	  attr_encrypted :credit_card, :key => 'another secret key'
-	end
-This should help keep your classes clean and DRY.
-### Encoding ###
-You're probably going to be storing your encrypted attributes somehow (e.g. filesystem, database, etc) and may run into some issues trying to store a weird
-encrypted string. I've had this problem myself using MySQL. You can simply pass the `:encode` option to automatically encode/decode when encrypting/decrypting.
-	class User
-	  attr_encrypted :email, :key => 'some secret key', :encode => true
-	end
-The default encoding is `m*` (base64). You can change this by setting `:encode => 'some encoding'`. See  [Array#pack](http://www.ruby-doc.org/core/classes/Array.html#M002245) for more encoding options.
-### Marshaling ###
-You may want to encrypt objects other than strings (e.g. hashes, arrays, etc). If this is the case, simply pass the `:marshal` option to automatically marshal
-when encrypting/decrypting.
-	class User
-	  attr_encrypted :credentials, :key => 'some secret key', :marshal => true
-	end
-### Encrypt/decrypt attribute methods ###
-If you use the same key to encrypt every record (per attribute) like this:
-	class User
-	  attr_encrypted :email, :key => 'a secret key'
-	end
-Then you'll have these two class methods available for each attribute: `User.encrypt_email(email_to_encrypt)` and `User.decrypt_email(email_to_decrypt)`. This can
-be useful when you're using ActiveRecord (see below).
-### ActiveRecord ###
-If you're using this gem with ActiveRecord, you get a few extra features:
-#### Default options ####
-For your convenience, the `:encode` option is set to true by default since you'll be storing everything in a database.
-#### Dynamic find\_by\_ and scoped\_by\_ methods ####
-Let's say you'd like to encrypt your user's email addresses, but you also need a way for them to login. Simply set up your class like so:
-	class User < ActiveRecord::Base
-	  attr_encrypted :email, :key => 'a secret key'
-	  attr_encrypted :password, :key => 'some other secret key'
-	end
-You can now lookup and login users like so:
-	User.find_by_email_and_password('test@example.com', 'testing')
-The call to `find_by_email_and_password` is intercepted and modified to `find_by_encrypted_email_and_encrypted_password('ENCRYPTED EMAIL', 'ENCRYPTED PASSWORD')`.
-The dynamic scope methods like `scoped_by_email_and_password` work the same way.
-NOTE: This only works if all records are encrypted with the same encryption key (per attribute).
-### DataMapper and Sequel ###
-Just like the default options for ActiveRecord, the `:encode` option is set to true by default since you'll be storing everything in a database.
-Contact
--------
-Problems, comments, and suggestions all welcome: [shuber@huberry.com](mailto:shuber@huberry.com)