blind_index 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: e26dcb60e11724a65676d7f36d31cbcf7f261fb8
-  data.tar.gz: a1308e6c01819a59ef5e3c041b77cab2a93995c5
+SHA256:
+  metadata.gz: 370f6b1f09b18d3031f83b76785b8604e7ea8efa553a74d205ca874505abf26d
+  data.tar.gz: dd69a591d88afec3cb63433e78cf9d443828b544fe47c965cfbaf65965c4047e
 SHA512:
-  metadata.gz: bfa731e6ad5e26ed636e13da6f2ec4a2c292e121c35a6a6abde027faaab80964931f035a6cdd4599df71d243884d883784bf66a8ed9a7cd770bb7cccfdb7beb7
-  data.tar.gz: 1a2e24f6e6fd38b1406c5b6585953b99de642850b5707ddd052dbf1732b14043c3ad962d9e874a8d2dbdc4a40e250e3634699be6e2d0e4608cfc59bac8930f41
+  metadata.gz: b3e1e1c4a05f421a65039197e8e7ce4db8057d06529c7b01ba69395c207b77ef3bfbf3b8c5bcc208818d96a6dd78c0d1ddfd42e0ceb525e348c390647014b400
+  data.tar.gz: 017240cd3b9c125c5a9d455085825bee6f985dff4db129e0adb54dd032ef5d74281267f2fd39b74f38b4043c04798a87c3e1d79e71d29ce3c093ee95fd3d0060

data/.travis.yml

@@ -2,6 +2,7 @@ language: ruby
 rvm: 2.4.2
 gemfile:
   - Gemfile
+  - test/gemfiles/activerecord51.gemfile
   - test/gemfiles/activerecord50.gemfile
 sudo: false
 before_install: gem install bundler

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.1.1
+
+- Added support for ActiveRecord 5.2
+- Added `callback` option
+- Added support for `key` proc
+- Fixed error inheritance
+
 ## 0.1.0
 
 - First release

data/README.md

@@ -1,12 +1,14 @@
 # Blind Index
 
-Securely query encrypted database fields
+Securely search encrypted database fields
 
 Designed for use with [attr_encrypted](https://github.com/attr-encrypted/attr_encrypted)
 
+[![Build Status](https://travis-ci.org/ankane/blind_index.svg?branch=master)](https://travis-ci.org/ankane/blind_index)
+
 ## How It Works
 
-We use [this approach](https://www.sitepoint.com/how-to-search-on-securely-encrypted-database-fields/) described by Scott Arciszewski. To summarize, we compute a keyed hash of the sensitive data and store it in a column. To query, we apply the keyed hash function (PBKDF2-HMAC-SHA256) to the value we’re searching and then perform a database search. This results in performant queries for equality operations, while keeping the data secure from those without the key.
+This project uses [this approach](https://www.sitepoint.com/how-to-search-on-securely-encrypted-database-fields/) by Scott Arciszewski. To summarize, we compute a keyed hash of the sensitive data and store it in a column. To query, we apply the keyed hash function (PBKDF2-HMAC-SHA256) to the value we’re searching and then perform a database search. This results in performant queries for equality operations, while keeping the data secure from those without the key.
 
 ## Getting Started
 
@@ -70,7 +72,7 @@ You can apply expressions to attributes before indexing and searching. This give
 
 ```ruby
 class User < ApplicationRecord
-  blind_index :email, expression: -> (v) { v.downcase } ...
+  blind_index :email, expression: ->(v) { v.downcase } ...
 end
 ```
 
@@ -88,7 +90,7 @@ And update your model
 ```ruby
 class User < ApplicationRecord
   blind_index :email, ...
-  blind_index :email_ci, attribute: :email, expression: -> (v) { v.downcase } ...
+  blind_index :email_ci, attribute: :email, expression: ->(v) { v.downcase } ...
 end
 ```
 
@@ -110,6 +112,18 @@ end
 
 The default is `10000`. Changing this value requires you to recompute the blind index.
 
+## Index Only
+
+If you don’t need to store the original value (for instance, when just checking duplicates), use a virtual attribute:
+
+```ruby
+class User < ApplicationRecord
+  attribute :email
+
+  blind_index :email, ...
+end
+```
+
 ## History
 
 View the [changelog](https://github.com/ankane/blind_index/blob/master/CHANGELOG.md)

data/blind_index.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Andrew Kane"]
   spec.email         = ["andrew@chartkick.com"]
 
-  spec.summary       = "Securely query encrypted database fields"
+  spec.summary       = "Securely search encrypted database fields"
   spec.homepage      = "https://github.com/ankane/blind_index"
   spec.license       = "MIT"
 

data/lib/blind_index/extensions.rb

@@ -23,12 +23,22 @@ module BlindIndex
     end
 
     module UniquenessValidator
-      def build_relation(klass, table, attribute, value)
-        if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
-          value = BlindIndex.generate_bidx(value, bi)
-          attribute = bi[:bidx_attribute]
+      if ActiveRecord::VERSION::STRING >= "5.2"
+        def build_relation(klass, attribute, value)
+          if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
+            value = BlindIndex.generate_bidx(value, bi)
+            attribute = bi[:bidx_attribute]
+          end
+          super(klass, attribute, value)
+        end
+      else
+        def build_relation(klass, table, attribute, value)
+          if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
+            value = BlindIndex.generate_bidx(value, bi)
+            attribute = bi[:bidx_attribute]
+          end
+          super(klass, table, attribute, value)
         end
-        super(klass, table, attribute, value)
       end
     end
   end

data/lib/blind_index/model.rb

@@ -1,6 +1,6 @@
 module BlindIndex
   module Model
-    def blind_index(name, key: nil, iterations: nil, attribute: nil, expression: nil, bidx_attribute: nil)
+    def blind_index(name, key: nil, iterations: nil, attribute: nil, expression: nil, bidx_attribute: nil, callback: true)
       iterations ||= 10000
       attribute ||= name
       bidx_attribute ||= :"encrypted_#{name}_bidx"
@@ -26,10 +26,13 @@ module BlindIndex
           bidx_attribute: bidx_attribute
         }
 
-        before_validation method_name, if: -> { changes.key?(attribute.to_s) }
         define_method method_name do
           self.send("#{bidx_attribute}=", BlindIndex.generate_bidx(send(attribute), self.class.blind_indexes[name]))
         end
+
+        if callback
+          before_validation method_name, if: -> { changes.key?(attribute.to_s) }
+        end
       end
     end
   end

data/lib/blind_index/version.rb

@@ -1,3 +1,3 @@
 module BlindIndex
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/lib/blind_index.rb

@@ -2,14 +2,15 @@
 require "active_support"
 
 # modules
-require "blind_index/extensions"
 require "blind_index/model"
 require "blind_index/version"
 
 module BlindIndex
-  class Error; end
+  class Error < StandardError; end
 
   def self.generate_bidx(value, key:, iterations:, expression: nil, **options)
+    key = key.call if key.respond_to?(:call)
+
     raise BlindIndex::Error, "Missing key for blind index" unless key
 
     # apply expression
@@ -25,9 +26,11 @@ module BlindIndex
 end
 
 ActiveSupport.on_load(:active_record) do
+  require "blind_index/extensions"
   extend BlindIndex::Model
   ActiveRecord::TableMetadata.prepend(BlindIndex::Extensions::TableMetadata)
-  if ActiveRecord::VERSION::STRING.start_with?("5.0.")
+
+  unless ActiveRecord::VERSION::STRING.start_with?("5.1.")
     ActiveRecord::Validations::UniquenessValidator.prepend(BlindIndex::Extensions::UniquenessValidator)
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: blind_index
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-12-18 00:00:00.000000000 Z
+date: 2018-04-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -149,8 +149,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
-summary: Securely query encrypted database fields
+summary: Securely search encrypted database fields
 test_files: []