hypershield 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e1222f7f264c0a8892096edecd7b6cc71a79fb2f1a7c81f7f5be42ecc9c19291
-  data.tar.gz: e661dabb10c803a25a71effde3b70dab5ff26c7a4bfe470f2f8fdcba9a7fb4a5
+  metadata.gz: 00b099534fb260d68ee6bbca50a415d78f82d7fe9024775d27b49ead519b1e52
+  data.tar.gz: 9bb5c84b8a84404f787f385c141fcfb862a41df9a76366f9d7dbb3c2b762c352
 SHA512:
-  metadata.gz: '078a50cf334a8b95d9355a2265f15f2633dacc16be8f560bbdec9dcae346d90ef308581dfe8d6fdc76e9b8975bc9f000dfd062e153a80277d3784a5c6bee6a99'
-  data.tar.gz: 3feac1364504a11be41725e84913d48fc418ab13fa8082feabf9091e38b658a208461519f9956f2a9728105aa89c5af9a7dd04872c45bd2b045bca2eaf790457
+  metadata.gz: 192f7058ccaf64897274e24ceffef1623fb192aae272f8930a5681ed7f6a07f0bb5161964b9eb2cc278415c35c70e831cede4a58d332f476610c44720533c436
+  data.tar.gz: 9268101459ca8d4f45c51e9be2dec4b60786c22d5c2fd69d83bd7d0f7174ac5f18ae3f308aeb949146cdb189563db8fe7fb3c7b20d569c21fe59927ea27e4ff2

data/CHANGELOG.md

@@ -1,8 +1,15 @@
-## 0.1.1
+## 0.2.0 (2020-03-12)
+
+- Only update views that have changed
+- Added `hypershield:refresh:dry_run` rake task
+- Added `enabled` option
+- Added generator
+
+## 0.1.1 (2019-09-20)
 
 - Fixed error with MySQL 8
 - Added `log_sql` option
 
-## 0.1.0
+## 0.1.0 (2018-04-01)
 
 - First release

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2018-2019 Andrew Kane
+Copyright (c) 2018-2020 Andrew Kane
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -19,6 +19,39 @@ By default, it hides columns with:
 
 Give database users access to these views instead of the original tables.
 
+## Installation
+
+Add this line to your application’s Gemfile:
+
+```ruby
+gem 'hypershield'
+```
+
+And run:
+
+```sh
+rails generate hypershield:install
+```
+
+Hypershield is disabled in non-production environments by default. You can do a dry run with:
+
+```sh
+rake hypershield:refresh:dry_run
+```
+
+Next, set up your production database.
+
+- [Postgres](#postgres)
+- [MySQL](#mysql)
+
+When that’s done, deploy to production and run:
+
+```sh
+rails db:migrate
+```
+
+The schema will automatically refresh.
+
 ## Database Setup
 
 ### Postgres
@@ -69,50 +102,32 @@ And connect as the user and make sure there’s no access the original tables
 SELECT * FROM mydb.users LIMIT 1;
 ```
 
-## Installation
-
-Add this line to your application’s Gemfile:
-
-```ruby
-gem 'hypershield', group: :production
-```
-
-Refresh the schema
-
-```sh
-rake hypershield:refresh
-```
-
-And query away on your shielded views
-
-```sql
-SELECT * FROM users LIMIT 1;
-```
-
-When you run database migrations, the schema is automatically refreshed.
-
 ## Configuration
 
+Set configuration in `config/initializers/hypershield.rb`.
+
 Specify the schema to use and columns to show and hide
 
 ```ruby
 Hypershield.schemas = {
   hypershield: {
-    hide: %w(encrypted password token secret),
-    show: %w(ahoy_visits.visit_token)
+    hide: ["encrypted", "password", "token", "secret"],
+    show: ["ahoy_visits.visitor_token", "ahoy_visits.visit_token"]
   }
 }
 ```
 
-Log Hypershield SQL statements [master]
+Log Hypershield SQL statements
 
 ```ruby
 Hypershield.log_sql = true
 ```
 
-## TODO
+Enable or disable Hypershield in an environment
 
-- Create CLI
+```ruby
+Hypershield.enabled = Rails.env.production?
+```
 
 ## History
 
@@ -126,3 +141,11 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
 - Fix bugs and [submit pull requests](https://github.com/ankane/hypershield/pulls)
 - Write, clarify, or fix documentation
 - Suggest or add new features
+
+To get started with development:
+
+```sh
+git clone https://github.com/ankane/hypershield.git
+cd hypershield
+bundle install
+```

data/lib/generators/hypershield/install_generator.rb

@@ -0,0 +1,13 @@
+require "rails/generators"
+
+module Hypershield
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.join(__dir__, "templates")
+
+      def create_initializer
+        template "initializer.rb", "config/initializers/hypershield.rb"
+      end
+    end
+  end
+end

data/lib/generators/hypershield/templates/initializer.rb

@@ -0,0 +1,17 @@
+# Specify which environments to use Hypershield
+Hypershield.enabled = Rails.env.production?
+
+# Specify the schema to use and columns to show and hide
+Hypershield.schemas = {
+  hypershield: {
+    # columns to hide
+    # matches table.column
+    hide: ["encrypted", "password", "token", "secret"],
+    # overrides hide
+    # matches table.column
+    show: []
+  }
+}
+
+# Log SQL statements
+Hypershield.log_sql = false

data/lib/hypershield.rb

@@ -10,15 +10,16 @@ require "hypershield/engine" if defined?(Rails)
 
 module Hypershield
   class << self
-    attr_accessor :schemas, :log_sql
+    attr_accessor :enabled, :log_sql, :schemas
   end
+  self.enabled = true
+  self.log_sql = false
   self.schemas = {
     hypershield: {
       hide: %w(encrypted password token secret),
       show: []
     }
   }
-  self.log_sql = false
 
   class << self
     def drop_view(view)
@@ -27,7 +28,7 @@ module Hypershield
       end
     end
 
-    def refresh
+    def refresh(dry_run: false)
       if adapter_name =~ /sqlite/i
         raise "Adapter not supported: #{adapter_name}"
       end
@@ -39,31 +40,40 @@ module Hypershield
           hide = config[:hide].to_a
           show = config[:show].to_a
 
+          hypershield_tables = tables(schema)
+
           tables.sort_by { |k, _| k }.each do |table, columns|
             next if table == "pg_stat_statements"
 
-            statements << "DROP VIEW IF EXISTS #{quote_ident(schema)}.#{quote_ident(table)} CASCADE"
-
             columns.reject! do |column|
               hide.any? { |m| "#{table}.#{column}".include?(m) } &&
                 !show.any? { |m| "#{table}.#{column}".include?(m) }
             end
 
+            # if the hypershield view has the same columns, assume it doesn't need updated
+            # this may not necessarily be true if someone manually updates the view
+            # we could check the view definition, but this is harder as the database normalizes it
+            next if hypershield_tables[table] == columns
+
+            statements << "DROP VIEW IF EXISTS #{quote_ident(schema)}.#{quote_ident(table)} CASCADE"
+
             if columns.any?
               statements << "CREATE VIEW #{quote_ident(schema)}.#{quote_ident(table)} AS SELECT #{columns.map { |c| quote_ident(c) }.join(", ")} FROM #{quote_ident(table)}"
             end
           end
         end
 
-        if statements.any?
-          connection.transaction do
-            if mysql?
-              statements.each do |statement|
-                execute(statement)
-              end
-            else
-              execute(statements.join(";\n"))
-            end
+        if dry_run
+          if statements.any?
+            puts statements.map { |v| "#{v};" }.join("\n")
+          end
+        else
+          # originally this was performed in a transaction
+          # however, this appears to cause issues in certain situations - see #5 and #6
+          # this shouldn't be a huge issue now that we only update specific views
+          # we already drop views outside of the transaction when migrations are run
+          statements.each do |statement|
+            execute(statement)
           end
         end
       end
@@ -97,14 +107,17 @@ module Hypershield
       adapter_name =~ /mysql/i
     end
 
-    def tables
-      # TODO make schema configurable
-      schema =
-        if mysql?
-          "database()"
-        else
-          "'public'"
-        end
+    def tables(schema = nil)
+      if schema
+        schema = quote(schema)
+      else
+        schema =
+          if mysql?
+            "database()"
+          else
+            "'public'"
+          end
+      end
 
       query = <<-SQL
         SELECT
@@ -133,6 +146,10 @@ module Hypershield
       connection.execute(sql)
     end
 
+    def quote(literal)
+      connection.quote(literal)
+    end
+
     def quote_ident(ident)
       connection.quote_table_name(ident.to_s)
     end

data/lib/hypershield/version.rb

@@ -1,3 +1,3 @@
 module Hypershield
-  VERSION = "0.1.1"
+  VERSION = "0.2.0"
 end

data/lib/tasks/hypershield.rake

@@ -1,15 +1,23 @@
 namespace :hypershield do
   task refresh: :environment do
+    abort "Hypershield is not enabled in this environment. Do a dry run with: rake hypershield:refresh:dry_run" unless Hypershield.enabled
+
     $stderr.puts "[hypershield] Refreshing schemas"
     Hypershield.refresh
     $stderr.puts "[hypershield] Success!"
   end
+
+  namespace :refresh do
+    task dry_run: :environment do
+      Hypershield.refresh(dry_run: true)
+    end
+  end
 end
 
 Rake::Task["db:migrate"].enhance do
-  Rake::Task["hypershield:refresh"].invoke
+  Rake::Task["hypershield:refresh"].invoke if Hypershield.enabled
 end
 
 Rake::Task["db:rollback"].enhance do
-  Rake::Task["hypershield:refresh"].invoke
+  Rake::Task["hypershield:refresh"].invoke if Hypershield.enabled
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hypershield
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-09-20 00:00:00.000000000 Z
+date: 2020-03-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -117,6 +117,8 @@ files:
 - CHANGELOG.md
 - LICENSE.txt
 - README.md
+- lib/generators/hypershield/install_generator.rb
+- lib/generators/hypershield/templates/initializer.rb
 - lib/hypershield.rb
 - lib/hypershield/engine.rb
 - lib/hypershield/migration.rb
@@ -141,7 +143,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Shield sensitive data in Postgres and MySQL