column_anonymizer 0.1.0

data/lib/column_anonymizer/anonymizer.rb

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+require 'faker'
+
+module ColumnAnonymizer
+  class Anonymizer
+    # Built-in generators
+    BUILT_IN_GENERATORS = {
+      email: -> { Faker::Internet.email },
+      phone: -> { Faker::PhoneNumber.phone_number },
+      ssn: -> { Faker::IdNumber.ssn_valid },
+      name: -> { Faker::Name.name },
+      first_name: -> { Faker::Name.first_name },
+      last_name: -> { Faker::Name.last_name },
+      address: -> { Faker::Address.full_address },
+      text: -> { Faker::Lorem.paragraph }
+    }.freeze
+
+    # Custom generators registered by the application
+    @custom_generators = {}
+
+    class << self
+      attr_reader :custom_generators
+
+      # Register a custom anonymization generator
+      #
+      # @param type [Symbol, String] The type identifier to use in YAML config
+      # @param generator [Proc, #call] A callable that returns the anonymized value
+      #
+      # @example Register a custom generator with a block
+      #   ColumnAnonymizer::Anonymizer.register(:credit_card) do
+      #     "XXXX-XXXX-XXXX-#{rand(1000..9999)}"
+      #   end
+      #
+      # @example Register a custom generator with a callable
+      #   ColumnAnonymizer::Anonymizer.register(:company_name, -> { Faker::Company.name })
+      #
+      def register(type, generator = nil, &block)
+        generator = block if block_given?
+
+        unless generator.respond_to?(:call)
+          raise ArgumentError, "Generator must be a Proc or respond to #call"
+        end
+
+        @custom_generators[type.to_sym] = generator
+
+        if defined?(Rails)
+          Rails.logger.info "[ColumnAnonymizer] Registered custom generator: #{type}"
+        end
+      end
+
+      # Unregister a custom generator
+      #
+      # @param type [Symbol, String] The type identifier to remove
+      #
+      def unregister(type)
+        @custom_generators.delete(type.to_sym)
+      end
+
+      # Get all available generators (built-in + custom)
+      #
+      # @return [Hash] All available generators
+      #
+      def all_generators
+        BUILT_IN_GENERATORS.merge(@custom_generators)
+      end
+
+      # Check if a generator exists
+      #
+      # @param type [Symbol, String] The type to check
+      # @return [Boolean]
+      #
+      def generator_exists?(type)
+        all_generators.key?(type.to_sym)
+      end
+
+      # Reset custom generators (useful for testing)
+      #
+      def reset_custom_generators!
+        @custom_generators = {}
+      end
+
+      def anonymize_model(model_instance)
+        klass = model_instance.class
+        return model_instance unless klass.respond_to?(:encrypted_columns_metadata)
+
+        generators = all_generators
+
+        klass.encrypted_columns_metadata.each do |column_name, column_type|
+          generator = generators[column_type] || generators[:text]
+          model_instance.send("#{column_name}=", generator.call)
+        end
+
+        model_instance
+      end
+
+      def anonymize_model!(model_instance)
+        anonymize_model(model_instance)
+        model_instance.save!
+      end
+    end
+  end
+end

data/lib/column_anonymizer/encryptable.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module ColumnAnonymizer
+  module Encryptable
+    extend ActiveSupport::Concern
+
+    class_methods do
+      def encrypted_columns_metadata
+        @encrypted_columns_metadata ||= load_encrypted_columns_from_yaml
+      end
+
+      def reload_encrypted_columns_metadata!
+        ColumnAnonymizer::SchemaLoader.reload_schema!
+        @encrypted_columns_metadata = load_encrypted_columns_from_yaml
+      end
+
+      private
+
+      def load_encrypted_columns_from_yaml
+        schema = ColumnAnonymizer::SchemaLoader.schema_for_model(name)
+        schema.transform_keys(&:to_sym).transform_values(&:to_sym)
+      end
+    end
+  end
+end

data/lib/column_anonymizer/railtie.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module ColumnAnonymizer
+  class Railtie < Rails::Railtie
+    initializer "column_anonymizer.active_record" do
+      ActiveSupport.on_load(:active_record) do
+        include ColumnAnonymizer::Encryptable
+      end
+    end
+
+    rake_tasks do
+      load File.expand_path('../tasks/column_anonymizer.rake', __dir__)
+    end
+  end
+end

data/lib/column_anonymizer/schema_loader.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+module ColumnAnonymizer
+  class SchemaLoader
+    class << self
+      def load_schema
+        return @schema if defined?(@schema)
+
+        file_path = schema_file_path
+
+        if File.exist?(file_path)
+          @schema = YAML.load_file(file_path) || {}
+          Rails.logger.info "[ColumnAnonymizer] Loaded schema from #{file_path}" if defined?(Rails)
+        else
+          if defined?(Rails)
+            Rails.logger.warn "[ColumnAnonymizer] Schema file not found: #{file_path}"
+          end
+          @schema = {}
+        end
+
+        @schema
+      end
+
+      def reload_schema!
+        remove_instance_variable(:@schema) if defined?(@schema)
+        load_schema
+      end
+
+      def schema_file_path
+        if defined?(Rails)
+          Rails.root.join('config', 'encrypted_columns.yml').to_s
+        else
+          File.join(Dir.pwd, 'config', 'encrypted_columns.yml')
+        end
+      end
+
+      def schema_for_model(model_name)
+        load_schema[model_name.to_s] || {}
+      end
+    end
+  end
+end

data/lib/column_anonymizer/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module ColumnAnonymizer
+  VERSION = "0.1.0"
+end

data/lib/column_anonymizer.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+require_relative "column_anonymizer/version"
+require_relative "column_anonymizer/schema_loader"
+require_relative "column_anonymizer/encryptable"
+require_relative "column_anonymizer/anonymizer"
+require_relative "column_anonymizer/railtie" if defined?(Rails::Railtie)
+module ColumnAnonymizer
+  class Error < StandardError; end
+end

data/lib/generators/column_anonymizer/initializer/initializer_generator.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'rails/generators'
+
+module ColumnAnonymizer
+  module Generators
+    class InitializerGenerator < Rails::Generators::Base
+      source_root File.expand_path('templates', __dir__)
+
+      desc "Creates an initializer for registering custom anonymization generators"
+
+      def create_initializer_file
+        template 'column_anonymizer.rb', 'config/initializers/column_anonymizer.rb'
+      end
+
+      def show_instructions
+        say "\n✅ Initializer created at config/initializers/column_anonymizer.rb", :green
+        say "\nYou can now register custom anonymization generators:", :cyan
+        say "  ColumnAnonymizer::Anonymizer.register(:custom_type) do", :yellow
+        say "    # Return your custom anonymized value", :yellow
+        say "  end", :yellow
+      end
+    end
+  end
+end

data/lib/generators/column_anonymizer/initializer/templates/column_anonymizer.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+# Column Anonymizer - Custom Generator Configuration
+#
+# Register custom anonymization generators for use in your encrypted_columns.yml
+#
+# Example:
+#   User:
+#     credit_card: credit_card  # Uses the custom generator defined below
+#
+
+# Simple generator with a block
+ColumnAnonymizer::Anonymizer.register(:credit_card) do
+  # Generate a fake credit card number (masked)
+  "XXXX-XXXX-XXXX-#{rand(1000..9999)}"
+end
+
+# Generator using Faker (if available)
+# ColumnAnonymizer::Anonymizer.register(:company_name) do
+#   Faker::Company.name
+# end
+
+# Generator with custom logic
+# ColumnAnonymizer::Anonymizer.register(:employee_id) do
+#   "EMP-#{SecureRandom.hex(4).upcase}"
+# end
+
+# Generator with complex formatting
+# ColumnAnonymizer::Anonymizer.register(:license_plate) do
+#   letters = ('A'..'Z').to_a.sample(3).join
+#   numbers = rand(100..999)
+#   "#{letters}-#{numbers}"
+# end
+
+# Generator that uses Rails helpers or models
+# ColumnAnonymizer::Anonymizer.register(:department_name) do
+#   Department.active.pluck(:name).sample || "General"
+# end
+
+# Generator with callable object
+# class CustomGenerator
+#   def self.call
+#     "CUSTOM-#{Time.now.to_i}"
+#   end
+# end
+# ColumnAnonymizer::Anonymizer.register(:timestamp_id, CustomGenerator)
+
+# Generator for specific format requirements
+# ColumnAnonymizer::Anonymizer.register(:account_number) do
+#   prefix = "ACC"
+#   middle = Time.now.year
+#   suffix = rand(10000..99999)
+#   "#{prefix}#{middle}#{suffix}"
+# end
+
+# You can also use lambda syntax
+# ColumnAnonymizer::Anonymizer.register(:uuid, -> { SecureRandom.uuid })
+
+# ============================================================================
+# Available Built-in Types (no need to register these):
+# ============================================================================
+# :email       - Generates fake email addresses
+# :phone       - Generates fake phone numbers
+# :ssn         - Generates fake SSN
+# :name        - Generates fake full names
+# :first_name  - Generates fake first names
+# :last_name   - Generates fake last names
+# :address     - Generates fake addresses
+# :text        - Generates lorem ipsum text
+# ============================================================================
+
+# To use your custom types, add them to config/encrypted_columns.yml:
+#
+#   User:
+#     credit_card_number: credit_card
+#     employee_id: employee_id
+#     license_number: license_plate

data/lib/generators/column_anonymizer/install/README

@@ -0,0 +1,46 @@
+===============================================================================
+
+ColumnAnonymizer has been installed!
+
+The configuration file has been created at:
+
+  config/encrypted_columns.yml
+
+Next steps:
+
+1. Define your encrypted column types in config/encrypted_columns.yml
+
+   Example:
+   User:
+     email: email
+     phone_number: phone
+     ssn: ssn
+
+   OR use the automatic scanner to discover encrypted columns:
+
+   rails generate column_anonymizer:scan
+
+   This will scan your models for any 'encrypts' calls and automatically
+   add them to your config file with intelligent type guessing!
+
+2. Use standard Rails encryption in your models:
+
+   class User < ApplicationRecord
+     encrypts :email
+     encrypts :phone_number
+     encrypts :ssn
+   end
+
+3. Anonymize data when needed:
+
+   user = User.first
+   ColumnAnonymizer::Anonymizer.anonymize_model!(user)
+
+Useful commands:
+
+  rails generate column_anonymizer:scan        # Scan models and update config
+  rails generate column_anonymizer:install --scan  # Install and scan in one step
+
+For more information, see: https://github.com/hunter-kendall/column_anonymizer
+
+===============================================================================

data/lib/generators/column_anonymizer/install/install_generator.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'rails/generators'
+
+module ColumnAnonymizer
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.expand_path('templates', __dir__)
+
+      desc "Creates a ColumnAnonymizer configuration file at config/encrypted_columns.yml"
+
+      class_option :scan, type: :boolean, default: false,
+                   desc: "Automatically scan models for encrypted attributes and populate the config"
+
+      def create_config_file
+        template 'encrypted_columns.yml', 'config/encrypted_columns.yml'
+      end
+
+      def scan_models_if_requested
+        if options[:scan]
+          say "\n🔎 Running model scan...", :cyan
+          invoke 'column_anonymizer:scan'
+        else
+          say "\n💡 Tip: Run with --scan to automatically discover encrypted columns:", :yellow
+          say "   rails generate column_anonymizer:install --scan", :yellow
+          say "\n   Or scan later with:", :yellow
+          say "   rails generate column_anonymizer:scan", :yellow
+        end
+      end
+
+      def show_readme
+        readme "README" if behavior == :invoke
+      end
+    end
+  end
+end

data/lib/generators/column_anonymizer/install/templates/encrypted_columns.yml

@@ -0,0 +1,29 @@
+# Encrypted Columns Schema
+#
+# Define the types for your encrypted columns here.
+# This allows the anonymizer to generate appropriate fake data.
+#
+# Structure:
+#   ModelName:
+#     column_name: column_type
+#
+# Available types:
+#   - email       : Generates user_abc123@example.com
+#   - phone       : Generates +15551234567
+#   - ssn         : Generates 123-45-6789
+#   - name        : Generates Anonymous User abc123
+#   - first_name  : Generates John, Jane, Alex, etc.
+#   - last_name   : Generates Smith, Johnson, etc.
+#   - address     : Generates 1234 Anonymous St, City, ST 12345
+#   - text        : Generates generic anonymized text (default)
+#
+# Example:
+# User:
+#   email: email
+#   phone_number: phone
+#   ssn: ssn
+#   full_name: name
+#
+# Account:
+#   bank_account_number: text
+#   routing_number: text

data/lib/generators/column_anonymizer/scan/scan_generator.rb

@@ -0,0 +1,250 @@
+# frozen_string_literal: true
+
+require 'rails/generators'
+require 'yaml'
+
+module ColumnAnonymizer
+  module Generators
+    class ScanGenerator < Rails::Generators::Base
+      desc "Scans Rails models for encrypted attributes and updates config/encrypted_columns.yml"
+
+      def scan_and_update_config
+        config_path = Rails.root.join('config', 'encrypted_columns.yml')
+
+        # Load existing config or create empty hash
+        existing_config = if File.exist?(config_path)
+          YAML.load_file(config_path) || {}
+        else
+          {}
+        end
+
+        say "🔍 Scanning models for encrypted attributes...", :cyan
+
+        # Scan all models
+        discovered_encryptions = scan_models
+
+        if discovered_encryptions.empty?
+          say "⚠️  No encrypted attributes found in models", :yellow
+          return
+        end
+
+        # Find what's new and needs to be added
+        additions = calculate_additions(existing_config, discovered_encryptions)
+
+        if additions.empty?
+          say "ℹ️  All discovered columns are already configured", :yellow
+          return
+        end
+
+        # Append new entries to the file
+        append_to_config(config_path, additions)
+
+        say "✅ Scanned #{discovered_encryptions.keys.size} model(s) with encrypted attributes", :green
+        say "📝 Appended #{count_additions(additions)} new column(s) to config/encrypted_columns.yml", :green
+
+        # Show what was found
+        discovered_encryptions.each do |model_name, columns|
+          say "   #{model_name}: #{columns.keys.join(', ')}", :blue
+        end
+      end
+
+      private
+
+      def scan_models
+        encryptions = {}
+
+        # Ensure models are loaded
+        Rails.application.eager_load! if defined?(Rails)
+
+        # Get all model files
+        model_files = Dir[Rails.root.join('app/models/**/*.rb')]
+
+        model_files.each do |file|
+          content = File.read(file)
+
+          # Extract class name from file
+          model_name = extract_model_name(file, content)
+          next unless model_name
+
+          # Find all encrypts calls (single and multiple attributes)
+          encrypted_columns = extract_encrypted_columns(content)
+
+          if encrypted_columns.any?
+            encryptions[model_name] = encrypted_columns.each_with_object({}) do |col, hash|
+              hash[col] = guess_type(col)
+            end
+          end
+        end
+
+        encryptions
+      end
+
+      def extract_model_name(file, content)
+        # First try to extract from class definition
+        if content =~ /class\s+(\w+)\s*</
+          return $1
+        end
+
+        # Fallback to filename
+        File.basename(file, '.rb').camelize
+      end
+
+      def extract_encrypted_columns(content)
+        columns = []
+
+        # Match encrypts :column_name
+        content.scan(/encrypts\s+:(\w+)/).each do |match|
+          columns << match[0]
+        end
+
+        # Match encrypts :col1, :col2, :col3
+        content.scan(/encrypts\s+(:\w+(?:\s*,\s*:\w+)*)/).each do |match|
+          match[0].scan(/:(\w+)/).each do |col|
+            columns << col[0] unless columns.include?(col[0])
+          end
+        end
+
+        columns.uniq
+      end
+
+      def calculate_additions(existing, discovered)
+        additions = {}
+
+        discovered.each do |model, columns|
+          columns.each do |column, type|
+            if existing.dig(model, column)
+              # Column already exists, skip it
+              say "   ℹ️  Skipping #{model}.#{column} (already configured as '#{existing[model][column]}')", :yellow
+            else
+              # New column to add
+              additions[model] ||= {}
+              additions[model][column] = type
+              say "   ➕ Adding #{model}.#{column} as '#{type}'", :green
+            end
+          end
+        end
+
+        additions
+      end
+
+      def append_to_config(config_path, additions)
+        # If file doesn't exist, create it with YAML dump
+        unless File.exist?(config_path)
+          File.write(config_path, YAML.dump(additions))
+          return
+        end
+
+        # Read the existing file content
+        existing_content = File.read(config_path)
+
+        # Load existing config to check which models already exist
+        existing_config = YAML.load_file(config_path) || {}
+
+        # Determine if file is empty or has content
+        if existing_content.strip.empty? || existing_content.strip == "---"
+          # File is empty, write as new YAML
+          File.write(config_path, YAML.dump(additions))
+          return
+        end
+
+        # Separate additions into new models and columns for existing models
+        new_models = {}
+        columns_for_existing = {}
+
+        additions.each do |model, columns|
+          if existing_config.key?(model)
+            # Model exists, add columns to it
+            columns_for_existing[model] = columns
+          else
+            # New model
+            new_models[model] = columns
+          end
+        end
+
+        # Handle columns for existing models by inserting them under the model
+        unless columns_for_existing.empty?
+          lines = existing_content.lines
+          modified_lines = []
+          i = 0
+
+          while i < lines.length
+            line = lines[i]
+            modified_lines << line
+
+            # Check if this line is a model declaration that we need to add columns to
+            if line =~ /^(\w+):\s*$/
+              model_name = $1
+              if columns_for_existing.key?(model_name)
+                # Find the indentation level and add columns after this model's existing columns
+                i += 1
+                # Skip existing columns of this model
+                while i < lines.length && lines[i] =~ /^\s{2,}\w+:/
+                  modified_lines << lines[i]
+                  i += 1
+                end
+
+                # Add new columns for this model
+                columns_for_existing[model_name].each do |column, type|
+                  modified_lines << "  #{column}: #{type}\n"
+                end
+
+                # Continue from current position (already incremented)
+                next
+              end
+            end
+
+            i += 1
+          end
+
+          existing_content = modified_lines.join
+        end
+
+        # Append completely new models at the end
+        unless new_models.empty?
+          File.open(config_path, 'w') do |file|
+            file.write(existing_content)
+            # Add a newline if file doesn't end with one
+            file.write("\n") unless existing_content.end_with?("\n")
+
+            new_models.each do |model, columns|
+              file.write("\n") # Extra newline before new model
+              file.write("#{model}:\n")
+              columns.each do |column, type|
+                file.write("  #{column}: #{type}\n")
+              end
+            end
+          end
+        else
+          # Only added columns to existing models, write the modified content
+          File.write(config_path, existing_content)
+        end
+      end
+
+      def count_additions(additions)
+        additions.values.sum { |columns| columns.size }
+      end
+
+      def guess_type(column_name)
+        col = column_name.to_s.downcase
+
+        case col
+        when /email/ then 'email'
+        when /phone|mobile|cell|telephone/ then 'phone'
+        when /ssn|social_security/ then 'ssn'
+        when /first_name|fname/ then 'first_name'
+        when /last_name|lname|surname/ then 'last_name'
+        when /^name$|full_name|fullname/ then 'name'
+        when /address|street|addr/ then 'address'
+        when /city/ then 'text'
+        when /state|province/ then 'text'
+        when /zip|postal/ then 'text'
+        when /card_number|credit_card|cc_number/ then 'text'
+        when /cvv|cvc/ then 'text'
+        when /password/ then 'text'
+        when /token|secret/ then 'text'
+        else 'text'
+        end
+      end
+    end
+  end
+end