complex_config 0.11.3 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 36463346db914460243f6b82006897359d9cc23e
-  data.tar.gz: 2291339fdfeeb19917e04b74635480edec94610e
+  metadata.gz: 185f936e61f349365b82896fab33d19d19ae5d06
+  data.tar.gz: ed44eb14a555726bf98c67f1b55c3b810b09b9c7
 SHA512:
-  metadata.gz: f99da473894de17af5d3a404ab497efee39fcc43c4b412808b7d80532234c26e360d19844195148d4f60f3c4348bea4106dba2a481d3db97dc2297ead14a113a
-  data.tar.gz: ae84d09a5c8c9971ebc5c041fdd986d1dcb2e2303c7b53a3451f02827b4e43234153ece932c72e90b5096888cc1b798341c85f5d7045f3df6332041bdfc83210
+  metadata.gz: 7bdb5fdd4f6f8cfb22c7a566ccb7bb9150648c665b597b696fcb31a0e1d9b32a20aeb02ca42747f5e647516f64e932808a2b8ff04a06cba42a7e42a6551d010e
+  data.tar.gz: eedadb08ce6a0b8ec49dd0530efcbb040bb111f52f81cf3e6d01bcfbda944b17ca75362750a8420e1880229feb81133f755b91473c7d5e961ddd9cb3171c448a

data/README.md

@@ -143,6 +143,11 @@ Here is the `ComplexConfig::Plugins::MONEY` plugin for example:
     end
 
 ## Changes
+
+* 2017-11-16 Release 0.12.0
+  * Supports writing of configurations (encrypted or unencrypted)
+* 2017-11-16 Release 0.11.3
+  * Small bugfix
 * 2017-10-30 Release 0.11.2
   * Small bugfix
 * 2017-10-27 Release 0.11.1
@@ -191,7 +196,6 @@ Here is the `ComplexConfig::Plugins::MONEY` plugin for example:
   * Some small fixes for handling of arrays
 * 2014-12-15 Release 0.1.0
   * Freeze configuration by default.
-
 * 2014-12-12 Release 0.0.0
 
 ## Download

data/VERSION

@@ -1 +1 @@
-0.11.3
+0.12.0

data/complex_config.gemspec

@@ -1,18 +1,18 @@
 # -*- encoding: utf-8 -*-
-# stub: complex_config 0.11.3 ruby lib
+# stub: complex_config 0.12.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "complex_config".freeze
-  s.version = "0.11.3"
+  s.version = "0.12.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Florian Frank".freeze]
-  s.date = "2017-11-02"
+  s.date = "2017-11-16"
   s.description = "This library allows you to access configuration files via a simple interface".freeze
   s.email = "flori@ping.de".freeze
   s.extra_rdoc_files = ["README.md".freeze, "lib/complex_config.rb".freeze, "lib/complex_config/config.rb".freeze, "lib/complex_config/encryption.rb".freeze, "lib/complex_config/errors.rb".freeze, "lib/complex_config/plugins.rb".freeze, "lib/complex_config/plugins/enable.rb".freeze, "lib/complex_config/plugins/money.rb".freeze, "lib/complex_config/plugins/uri.rb".freeze, "lib/complex_config/provider.rb".freeze, "lib/complex_config/provider/shortcuts.rb".freeze, "lib/complex_config/proxy.rb".freeze, "lib/complex_config/railtie.rb".freeze, "lib/complex_config/rude.rb".freeze, "lib/complex_config/settings.rb".freeze, "lib/complex_config/shortcuts.rb".freeze, "lib/complex_config/version.rb".freeze]
-  s.files = [".gitignore".freeze, ".rspec".freeze, ".travis.yml".freeze, ".utilsrc".freeze, "COPYING".freeze, "Gemfile".freeze, "README.md".freeze, "Rakefile".freeze, "TODO.md".freeze, "VERSION".freeze, "complex_config.gemspec".freeze, "config/products.yml".freeze, "lib/complex_config.rb".freeze, "lib/complex_config/config.rb".freeze, "lib/complex_config/encryption.rb".freeze, "lib/complex_config/errors.rb".freeze, "lib/complex_config/plugins.rb".freeze, "lib/complex_config/plugins/enable.rb".freeze, "lib/complex_config/plugins/money.rb".freeze, "lib/complex_config/plugins/uri.rb".freeze, "lib/complex_config/provider.rb".freeze, "lib/complex_config/provider/shortcuts.rb".freeze, "lib/complex_config/proxy.rb".freeze, "lib/complex_config/railtie.rb".freeze, "lib/complex_config/rude.rb".freeze, "lib/complex_config/settings.rb".freeze, "lib/complex_config/shortcuts.rb".freeze, "lib/complex_config/version.rb".freeze, "spec/complex_config/config_spec.rb".freeze, "spec/complex_config/encryption_spec.rb".freeze, "spec/complex_config/plugins_spec.rb".freeze, "spec/complex_config/provider_spec.rb".freeze, "spec/complex_config/settings_spec.rb".freeze, "spec/complex_config/shortcuts_spec.rb".freeze, "spec/config/broken_config.yml".freeze, "spec/config/config.yml".freeze, "spec/spec_helper.rb".freeze]
+  s.files = [".gitignore".freeze, ".rspec".freeze, ".travis.yml".freeze, ".utilsrc".freeze, "COPYING".freeze, "Gemfile".freeze, "README.md".freeze, "Rakefile".freeze, "TODO.md".freeze, "VERSION".freeze, "complex_config.gemspec".freeze, "config/products.yml".freeze, "lib/complex_config.rb".freeze, "lib/complex_config/config.rb".freeze, "lib/complex_config/encryption.rb".freeze, "lib/complex_config/errors.rb".freeze, "lib/complex_config/plugins.rb".freeze, "lib/complex_config/plugins/enable.rb".freeze, "lib/complex_config/plugins/money.rb".freeze, "lib/complex_config/plugins/uri.rb".freeze, "lib/complex_config/provider.rb".freeze, "lib/complex_config/provider/shortcuts.rb".freeze, "lib/complex_config/proxy.rb".freeze, "lib/complex_config/railtie.rb".freeze, "lib/complex_config/rude.rb".freeze, "lib/complex_config/settings.rb".freeze, "lib/complex_config/shortcuts.rb".freeze, "lib/complex_config/version.rb".freeze, "spec/complex_config/config_spec.rb".freeze, "spec/complex_config/encryption_spec.rb".freeze, "spec/complex_config/plugins_spec.rb".freeze, "spec/complex_config/provider_spec.rb".freeze, "spec/complex_config/settings_spec.rb".freeze, "spec/complex_config/shortcuts_spec.rb".freeze, "spec/config/broken_config.yml".freeze, "spec/config/config.yml".freeze, "spec/config/with-key-file.yml.enc".freeze, "spec/config/with-key-file.yml.key".freeze, "spec/config/with-shell-script.yml.enc".freeze, "spec/config/without-key-file.yml.enc".freeze, "spec/spec_helper.rb".freeze]
   s.homepage = "https://github.com/flori/complex_config".freeze
   s.licenses = ["Apache-2.0".freeze]
   s.rdoc_options = ["--title".freeze, "ComplexConfig -- configuration library".freeze, "--main".freeze, "README.md".freeze]

data/lib/complex_config/encryption.rb

@@ -2,12 +2,10 @@ require "openssl"
 require "base64"
 
 class ComplexConfig::Encryption
-  class EncryptionError < StandardError; end
-
-  class DecryptionFailed < EncryptionError; end
-
   def initialize(secret)
     @secret = secret
+    @secret.size != 16 and raise ComplexConfig::EncryptionKeyInvalid,
+      "encryption key #{@secret.inspect} must be 16 bytes"
     @cipher = OpenSSL::Cipher.new('aes-128-gcm')
   end
 
@@ -32,7 +30,7 @@ class ComplexConfig::Encryption
     encrypted, iv, auth_tag = text.split('--').map { |v| base64_decode(v) }
 
     auth_tag.nil? || auth_tag.bytes.length != 16 and
-      raise DecryptionFailed, "auth_tag #{auth_tag.inspect} invalid"
+      raise ComplexConfig::DecryptionFailed, "auth_tag #{auth_tag.inspect} invalid"
 
     @cipher.decrypt
     @cipher.key = @secret

data/lib/complex_config/errors.rb

@@ -16,4 +16,13 @@ module ComplexConfig
 
   class ConfigurationSyntaxError < ComplexConfigError
   end
+
+  class EncryptionError < ComplexConfigError
+  end
+
+  class EncryptionKeyInvalid < EncryptionError
+  end
+
+  class DecryptionFailed < EncryptionError
+  end
 end

data/lib/complex_config/provider.rb

@@ -3,6 +3,7 @@ require 'erb'
 require 'pathname'
 require 'yaml'
 require 'mize'
+require 'tins/xt/secure_write'
 
 class ComplexConfig::Provider
   include Tins::SexySingleton
@@ -67,8 +68,7 @@ class ComplexConfig::Provider
       datas << IO.binread(pathname)
     end
     if enc_pathname = pathname.to_s + '.enc' and
-      File.exist?(enc_pathname) and
-      my_key = key(pathname)
+      File.exist?(enc_pathname) and my_key = key(pathname)
     then
       text = IO.binread(enc_pathname)
       datas << ComplexConfig::Encryption.new(my_key).decrypt(text)
@@ -98,6 +98,41 @@ class ComplexConfig::Provider
   end
   memoize method: :[]
 
+  def write_config(name, value, encrypt: false, store_key: false)
+    config_pathname = pathname(name).to_s
+    key = case encrypt
+          when :random
+            SecureRandom.random_bytes(16)
+          when true
+            key(config_pathname)
+          when String
+            encrypt
+          end
+    hex_key = nil
+    settings = ComplexConfig::Settings[value]
+    if encrypt
+      key or raise ComplexConfig::EncryptionKeyInvalid,
+        "encryption key is missing"
+      key.size != 16 and raise ComplexConfig::EncryptionKeyInvalid,
+        "encryption keys has to be of 16 bytes lenght"
+      File.secure_write(config_pathname + '.enc') do |out|
+        out.puts ComplexConfig::Encryption.new(key).encrypt(settings.to_yaml)
+      end
+      hex_key = key.unpack('H*').first
+      if store_key
+        File.secure_write(config_pathname + '.key') do |out|
+          out.puts hex_key
+        end
+      end
+    else
+      File.secure_write(config_pathname) do |out|
+        out.puts settings.to_yaml
+      end
+    end
+    flush_cache
+    hex_key
+  end
+
   def exist?(name)
     !!config(pathname(name), name)
   rescue ComplexConfig::ConfigurationFileMissing
@@ -130,8 +165,9 @@ class ComplexConfig::Provider
     key = [
       @key,
       read_key_from_file(pathname),
-      ENV['RAILS_MASTER_KEY']
-    ].compact[0, 1]
+      ENV['COMPLEX_CONFIG_KEY'],
+      ENV['RAILS_MASTER_KEY'],
+    ].compact[0, 1].map(&:strip)
     unless key.empty?
       key.pack('H*')
     end
@@ -143,7 +179,7 @@ class ComplexConfig::Provider
 
   def read_key_from_file(pathname)
     if pathname
-      IO.binread(pathname.to_s + '.key').strip
+      IO.binread(pathname.to_s + '.key')
     end
   rescue Errno::ENOENT
   end

data/lib/complex_config/settings.rb

@@ -81,6 +81,13 @@ class ComplexConfig::Settings < BasicObject
     self
   end
 
+  #def write_config(encrypt: false, store_key: false)
+  #  ::ComplexConfig::Provider.write_config(
+  #    name_prefix, self, encrypt: encrypt, store_key: store_key
+  #  )
+  #  self
+  #end
+
   def to_h
     table_enumerator.each_with_object({}) do |(k, v), h|
       h[k] =
@@ -94,6 +101,14 @@ class ComplexConfig::Settings < BasicObject
     end
   end
 
+  def ==(other)
+    to_h == other.to_h
+  end
+
+  def to_yaml
+    to_h.to_yaml
+  end
+
   def size
     each.count
   end

data/lib/complex_config/version.rb

@@ -1,6 +1,6 @@
 module ComplexConfig
   # ComplexConfig version
-  VERSION         = '0.11.3'
+  VERSION         = '0.12.0'
   VERSION_ARRAY   = VERSION.split('.').map(&:to_i) # :nodoc:
   VERSION_MAJOR   = VERSION_ARRAY[0] # :nodoc:
   VERSION_MINOR   = VERSION_ARRAY[1] # :nodoc:

data/spec/complex_config/provider_spec.rb

@@ -1,11 +1,21 @@
 require 'spec_helper'
+require 'fileutils'
 
 RSpec.describe ComplexConfig::Provider do
   let :provider do
     ComplexConfig::Provider
   end
 
+  reset_new_config = -> * {
+    provider.config_dir = Pathname.new(__FILE__).dirname.dirname + 'config'
+    provider.key = nil
+    FileUtils.rm_f(provider.config_dir + 'new_config.yml')
+    FileUtils.rm_f(provider.config_dir + 'new_config.yml.enc')
+    FileUtils.rm_f(provider.config_dir + 'new_config.yml.key')
+  }
+
   after do
+    instance_eval(&reset_new_config)
     provider.flush_cache
   end
 
@@ -92,6 +102,95 @@ RSpec.describe ComplexConfig::Provider do
     end
   end
 
+  context 'writing configurations' do
+    before do
+      provider.config_dir = Pathname.new(__FILE__).dirname.dirname + 'config'
+    end
+
+    let :config do
+      provider.config(asset('config.yml'))
+    end
+
+    it 'can be written' do
+      provider.write_config('new_config', config)
+      expect(provider.config(asset('new_config.yml'))).to eq config
+    end
+
+    it 'can be changed and written' do
+      provider.deep_freeze = false
+      config.development.config.baz = 'something else'
+      provider.write_config('new_config', config)
+      expect(provider.config(asset('new_config.yml')).development.config.baz).to eq 'something else'
+    end
+  end
+
+  context 'reading encrypted configurations' do
+    before do
+      provider.config_dir = Pathname.new(__FILE__).dirname.dirname + 'config'
+    end
+
+    let :key do
+      IO.binread(provider.config_dir + 'with-key-file.yml.key')
+    end
+
+    it 'can read when key is set by accessor' do
+      provider.key = key
+      expect(provider['without-key-file'].development.foo.bar).to eq 'baz'
+    end
+
+    it 'can read when key is in ENV var' do
+      ENV['RAILS_MASTER_KEY'] = key
+      expect(provider['without-key-file'].development.foo.bar).to eq 'baz'
+    end
+
+    it 'can read when key is stored in file' do
+      expect(provider['with-key-file'].development.foo.bar).to eq 'baz'
+    end
+
+    it 'can read when key is obtained by calling shell script' do
+      expect(provider['with-shell-script'].development.foo.bar).to eq 'baz'
+    end
+  end
+
+  context 'writing encrypted configurations' do
+    before do
+      provider.config_dir = Pathname.new(__FILE__).dirname.dirname + 'config'
+      instance_eval(&reset_new_config)
+    end
+
+    let :config do
+      provider.config(asset('config.yml'))
+    end
+
+    it 'can be written with random key' do
+      key = provider.write_config('new_config', config, encrypt: :random, store_key: false)
+      provider.key = key
+      expect(provider.config(asset('new_config.yml'))).to eq config
+    end
+
+    it 'can be written with random key and store key' do
+      provider.write_config('new_config', config, encrypt: :random, store_key: true)
+      expect(provider.config(asset('new_config.yml'))).to eq config
+    end
+
+    it 'can be written with passed key' do
+      provider.write_config('new_config', config)
+      expect(provider.config(asset('new_config.yml'))).to eq config
+    end
+
+    it 'can be written with configured key' do
+      provider.write_config('new_config', config)
+      expect(provider.config(asset('new_config.yml'))).to eq config
+    end
+
+    it 'can be changed and written' do
+      provider.deep_freeze = false
+      config.development.config.baz = 'something else'
+      provider.write_config('new_config', config)
+      expect(provider.config(asset('new_config.yml')).development.config.baz).to eq 'something else'
+    end
+  end
+
   context 'handling configuration files with []' do
     before do
       provider.config_dir = Pathname.new(__FILE__).dirname.dirname + 'config'

data/spec/config/with-key-file.yml.enc

@@ -0,0 +1 @@
+0MKZ0eU56L2MCkL143wST6kchDW/hnyGq7xm3O2NUMY1xa0PoEnZutzR3+LVGu/eWtk=--zhIiqrnKQu422P/V--p0v54ziCv+LBHmg3GYk16Q==

data/spec/config/with-key-file.yml.key

@@ -0,0 +1 @@
+90ec1139596f9dfdb51e72277735ce9a

data/spec/config/with-shell-script.yml.enc

@@ -0,0 +1 @@
+0MKZ0eU56L2MCkL143wST6kchDW/hnyGq7xm3O2NUMY1xa0PoEnZutzR3+LVGu/eWtk=--zhIiqrnKQu422P/V--p0v54ziCv+LBHmg3GYk16Q==

data/spec/config/without-key-file.yml.enc

@@ -0,0 +1 @@
+0MKZ0eU56L2MCkL143wST6kchDW/hnyGq7xm3O2NUMY1xa0PoEnZutzR3+LVGu/eWtk=--zhIiqrnKQu422P/V--p0v54ziCv+LBHmg3GYk16Q==

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: complex_config
 version: !ruby/object:Gem::Version
-  version: 0.11.3
+  version: 0.12.0
 platform: ruby
 authors:
 - Florian Frank
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-02 00:00:00.000000000 Z
+date: 2017-11-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gem_hadar
@@ -187,6 +187,10 @@ files:
 - spec/complex_config/shortcuts_spec.rb
 - spec/config/broken_config.yml
 - spec/config/config.yml
+- spec/config/with-key-file.yml.enc
+- spec/config/with-key-file.yml.key
+- spec/config/with-shell-script.yml.enc
+- spec/config/without-key-file.yml.enc
 - spec/spec_helper.rb
 homepage: https://github.com/flori/complex_config
 licenses: