RubyGems - blind_index - Versions diffs - 2.1.0 → 2.1.1 - Mend

blind_index 2.1.0 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f6749c94ee9432d60e3095e77a3948f480c345b793555dadf5b25261247e406b
-  data.tar.gz: e29eb3a994de26b1f67cb31a16bbaef66742aea0cf366ea5830247421c30a5b0
+  metadata.gz: 030c05f4653c350dbbfc5dd2f39727e44819c286865b27a18ac10c6e94fca449
+  data.tar.gz: f92d3e7d76a1b9ae65fe55bc1cf39e4a133dd633f2c620f0fa75dd0f35df8a55
 SHA512:
-  metadata.gz: 4a195bd440c17774dcaf46196c34f2965a78ef7a95499501534fba3161cafc82af085a0046f9bc5e422e7b38476040c389ae3440cf0589db190cd9240f4c6521
-  data.tar.gz: b1ba60817538b3fda557a392e136a2a61c80341332f16821a36e60b8f573659574fbfe36d85969f7730b172451de5e0c5a369d6a4a11c0e65608cfe369229c37
+  metadata.gz: aa5d431804b50709280499845fd4609b0d576328c01a9be87f5d6cffeeb0a37d9fa10eba6a0f5fa33ccae83056bb939e25b85373839ba3d232f1488c88ce6d36
+  data.tar.gz: ddec86434f1b6908763d454a7fa67507bbb0b98bf30c0038b4331dae26d314c58c4a9312b3db1ffff087aa8a3162e8e30cc4082c60f8aadccb688e78d80c4934

data/CHANGELOG.md CHANGED

@@ -1,3 +1,7 @@
+## 2.1.1 (2020-08-14)
+- Fixed `version` option
 ## 2.1.0 (2020-07-06)
 - Improved performance of uniqueness validations
@@ -12,7 +16,7 @@
 - Added `BlindIndex.backfill` method
-## 2.0.0 (2019-02-10)
+## 2.0.0 (2020-02-10)
 - Blind indexes are updated immediately instead of in a `before_validation` callback
 - Better Lockbox integration - no need to generate a separate key

data/README.md CHANGED

@@ -10,7 +10,7 @@ Learn more about [securing sensitive data in Rails](https://ankane.org/sensitive
 ## How It Works
-We use [this approach](https://paragonie.com/blog/2017/05/building-searchable-encrypted-databases-with-php-and-sql) by Scott Arciszewski. To summarize, we compute a keyed hash of the sensitive data and store it in a column. To query, we apply the keyed hash function to the value we’re searching and then perform a database search. This results in performant queries for exact matches. `LIKE` queries are not possible, but you can index expressions.
+We use [this approach](https://paragonie.com/blog/2017/05/building-searchable-encrypted-databases-with-php-and-sql) by Scott Arciszewski. To summarize, we compute a keyed hash of the sensitive data and store it in a column. To query, we apply the keyed hash function to the value we’re searching and then perform a database search. This results in performant queries for exact matches. Efficient `LIKE` queries are [not possible](#like-ilike-and-full-text-searching), but you can index expressions.
 ## Leakage
@@ -289,6 +289,30 @@ or create `config/initializers/blind_index.rb` with something like
 BlindIndex.master_key = Rails.application.credentials.blind_index_master_key
 ```
+## LIKE, ILIKE, and Full-Text Searching
+Unfortunately, blind indexes can’t be used for `LIKE`, `ILIKE`, or full-text searching. Instead, records must be loaded, decrypted, and searched in memory.
+For `LIKE`, use:
+```ruby
+User.find { |u| u.email.include?("value") }
+```
+For `ILIKE`, use:
+```ruby
+User.find { |u| u.email =~ /value/i }
+```
+For full-text or fuzzy searching, use a gem like [FuzzyMatch](https://github.com/seamusabshere/fuzzy_match):
+```ruby
+FuzzyMatch.new(User.all, read: :email).find("value")
+```
+If the number of records is large, try to find a way to narrow it down. An [expression index](#expressions) is one way to do this, but leaks which records have the same value of the expression, so use it carefully.
 ## Reference
 Set default options in an initializer with:

data/lib/blind_index.rb CHANGED

@@ -146,12 +146,9 @@ ActiveSupport.on_load(:active_record) do
   end
 end
-if defined?(Mongoid)
-  # TODO find better ActiveModel hook
-  require "active_model/callbacks"
-  ActiveModel::Callbacks.include(BlindIndex::Model)
+ActiveSupport.on_load(:mongoid) do
   require "blind_index/mongoid"
+  Mongoid::Document::ClassMethods.include(BlindIndex::Model)
   Mongoid::Criteria.prepend(BlindIndex::Mongoid::Criteria)
   Mongoid::Validatable::UniquenessValidator.prepend(BlindIndex::Mongoid::UniquenessValidator)
 end

data/lib/blind_index/model.rb CHANGED

@@ -10,7 +10,7 @@ module BlindIndex
         # check here so we validate rotate options as well
         unknown_keywords = options.keys - [:algorithm, :attribute, :bidx_attribute,
           :callback, :cost, :encode, :expression, :insecure_key, :iterations, :key,
-          :legacy, :master_key, :size, :slow]
+          :legacy, :master_key, :size, :slow, :version]
         raise ArgumentError, "unknown keywords: #{unknown_keywords.join(", ")}" if unknown_keywords.any?
         attribute = options[:attribute] || name

data/lib/blind_index/version.rb CHANGED

@@ -1,3 +1,3 @@
 module BlindIndex
-  VERSION = "2.1.0"
+  VERSION = "2.1.1"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: blind_index
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.1.1
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-06 00:00:00.000000000 Z
+date: 2020-08-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport