lockbox 0.6.3 → 0.6.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +19 -0
- data/LICENSE.txt +1 -1
- data/README.md +10 -4
- data/lib/lockbox/model.rb +43 -6
- data/lib/lockbox/version.rb +1 -1
- data/lib/lockbox.rb +7 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2b85dd2a91e0fbb6e687dc63a36915c3b67552320f417fe4caed9f27c5b8fbfc
|
|
4
|
+
data.tar.gz: 807037af47e0ee9fae9ed93d95ad0253b68bd6c6ab13ee53ce2cc8de0536e926
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 429401bd5b38388d43a07bfbc8cbe4acdac73718e05c5043276092ac0d992f439721beeb2d36320a84b69cd24687838edd9a59f28a39ac7f7797502911bd708a
|
|
7
|
+
data.tar.gz: 412a3eacac1489f931ea1cae22f628fe73eeb9a1d01b568c385f37ede3281f657235ed16b831c2c9c46348d23bb1e6d62a4e5ea857a2e619d0087f4e4e4b89ce
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,21 @@
|
|
|
1
|
+
## 0.6.7 (2022-01-25)
|
|
2
|
+
|
|
3
|
+
- Added warning for attributes with `default` option
|
|
4
|
+
- Removing warning for Active Record 5.0 (still supported)
|
|
5
|
+
|
|
6
|
+
## 0.6.6 (2021-09-27)
|
|
7
|
+
|
|
8
|
+
- Fixed `attribute?` method for `boolean` and `integer` types
|
|
9
|
+
|
|
10
|
+
## 0.6.5 (2021-07-07)
|
|
11
|
+
|
|
12
|
+
- Fixed issue with `pluck` extension not loading in some cases
|
|
13
|
+
|
|
14
|
+
## 0.6.4 (2021-04-05)
|
|
15
|
+
|
|
16
|
+
- Fixed in place changes in callbacks
|
|
17
|
+
- Fixed `[]` method for encrypted attributes
|
|
18
|
+
|
|
1
19
|
## 0.6.3 (2021-03-30)
|
|
2
20
|
|
|
3
21
|
- Fixed empty arrays and hashes
|
|
@@ -12,6 +30,7 @@
|
|
|
12
30
|
## 0.6.1 (2020-12-03)
|
|
13
31
|
|
|
14
32
|
- Added integration with Rails credentials
|
|
33
|
+
- Added warning for unsupported versions of Active Record
|
|
15
34
|
- Fixed in place changes for Active Record 6.1
|
|
16
35
|
- Fixed error with `content_type` method for CarrierWave < 2
|
|
17
36
|
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -16,7 +16,7 @@ Learn [the principles behind it](https://ankane.org/modern-encryption-rails), [h
|
|
|
16
16
|
Add this line to your application’s Gemfile:
|
|
17
17
|
|
|
18
18
|
```ruby
|
|
19
|
-
gem
|
|
19
|
+
gem "lockbox"
|
|
20
20
|
```
|
|
21
21
|
|
|
22
22
|
## Key Generation
|
|
@@ -87,6 +87,8 @@ class User < ApplicationRecord
|
|
|
87
87
|
end
|
|
88
88
|
```
|
|
89
89
|
|
|
90
|
+
**Note:** With Rails 7, use `lockbox_encrypts` instead of `encrypts`
|
|
91
|
+
|
|
90
92
|
You can use `email` just like any other attribute.
|
|
91
93
|
|
|
92
94
|
```ruby
|
|
@@ -336,9 +338,9 @@ def license
|
|
|
336
338
|
end
|
|
337
339
|
```
|
|
338
340
|
|
|
339
|
-
|
|
341
|
+
Use `filename` to specify a filename or `disposition: "inline"` to show inline.
|
|
340
342
|
|
|
341
|
-
|
|
343
|
+
#### Migrating Existing Files
|
|
342
344
|
|
|
343
345
|
Lockbox makes it easy to encrypt existing files without downtime.
|
|
344
346
|
|
|
@@ -403,6 +405,8 @@ def license
|
|
|
403
405
|
end
|
|
404
406
|
```
|
|
405
407
|
|
|
408
|
+
Use `filename` to specify a filename or `disposition: "inline"` to show inline.
|
|
409
|
+
|
|
406
410
|
#### Migrating Existing Files
|
|
407
411
|
|
|
408
412
|
Encrypt existing files without downtime. Create a new encrypted uploader:
|
|
@@ -478,6 +482,8 @@ def license
|
|
|
478
482
|
end
|
|
479
483
|
```
|
|
480
484
|
|
|
485
|
+
Use `filename` to specify a filename or `disposition: "inline"` to show inline.
|
|
486
|
+
|
|
481
487
|
#### Non-Models
|
|
482
488
|
|
|
483
489
|
Generate a key
|
|
@@ -713,7 +719,7 @@ brew install libsodium
|
|
|
713
719
|
And add to your Gemfile:
|
|
714
720
|
|
|
715
721
|
```ruby
|
|
716
|
-
gem
|
|
722
|
+
gem "rbnacl"
|
|
717
723
|
```
|
|
718
724
|
|
|
719
725
|
Then add to your model:
|
data/lib/lockbox/model.rb
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module Lockbox
|
|
2
2
|
module Model
|
|
3
|
-
def
|
|
3
|
+
def lockbox_encrypts(*attributes, **options)
|
|
4
4
|
# support objects
|
|
5
5
|
# case options[:type]
|
|
6
6
|
# when Date
|
|
@@ -149,16 +149,38 @@ module Lockbox
|
|
|
149
149
|
# needed for in-place modifications
|
|
150
150
|
# assigned attributes are encrypted on assignment
|
|
151
151
|
# and then again here
|
|
152
|
-
|
|
152
|
+
def lockbox_sync_attributes
|
|
153
153
|
self.class.lockbox_attributes.each do |_, lockbox_attribute|
|
|
154
154
|
attribute = lockbox_attribute[:attribute]
|
|
155
155
|
|
|
156
|
-
if attribute_changed_in_place?(attribute)
|
|
156
|
+
if attribute_changed_in_place?(attribute) || (send("#{attribute}_changed?") && !send("#{lockbox_attribute[:encrypted_attribute]}_changed?"))
|
|
157
157
|
send("#{attribute}=", send(attribute))
|
|
158
158
|
end
|
|
159
159
|
end
|
|
160
160
|
end
|
|
161
161
|
|
|
162
|
+
# safety check
|
|
163
|
+
[:_create_record, :_update_record].each do |method_name|
|
|
164
|
+
unless private_method_defined?(method_name) || method_defined?(method_name)
|
|
165
|
+
raise Lockbox::Error, "Expected #{method_name} to be defined. Please report an issue."
|
|
166
|
+
end
|
|
167
|
+
end
|
|
168
|
+
|
|
169
|
+
def _create_record(*)
|
|
170
|
+
lockbox_sync_attributes
|
|
171
|
+
super
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
def _update_record(*)
|
|
175
|
+
lockbox_sync_attributes
|
|
176
|
+
super
|
|
177
|
+
end
|
|
178
|
+
|
|
179
|
+
def [](attr_name)
|
|
180
|
+
send(attr_name) if self.class.lockbox_attributes.any? { |_, la| la[:attribute] == attr_name.to_s }
|
|
181
|
+
super
|
|
182
|
+
end
|
|
183
|
+
|
|
162
184
|
def update_columns(attributes)
|
|
163
185
|
return super unless attributes.is_a?(Hash)
|
|
164
186
|
|
|
@@ -287,6 +309,21 @@ module Lockbox
|
|
|
287
309
|
super()
|
|
288
310
|
end
|
|
289
311
|
end
|
|
312
|
+
|
|
313
|
+
define_method("#{name}?") do
|
|
314
|
+
# uses public_send, so we don't need to preload attribute
|
|
315
|
+
query_attribute(name)
|
|
316
|
+
end
|
|
317
|
+
|
|
318
|
+
user_provided_default =
|
|
319
|
+
if ActiveRecord::VERSION::STRING >= "5.2"
|
|
320
|
+
ActiveModel::Attribute::UserProvidedDefault
|
|
321
|
+
else
|
|
322
|
+
ActiveRecord::Attribute::UserProvidedDefault
|
|
323
|
+
end
|
|
324
|
+
if _default_attributes[name.to_s].is_a?(user_provided_default)
|
|
325
|
+
warn "[lockbox] WARNING: attributes with `:default` option are not supported. Use `after_initialize` instead."
|
|
326
|
+
end
|
|
290
327
|
else
|
|
291
328
|
# keep this module dead simple
|
|
292
329
|
# Mongoid uses changed_attributes to calculate keys to update
|
|
@@ -326,10 +363,10 @@ module Lockbox
|
|
|
326
363
|
send("reset_#{encrypted_attribute}_to_default!")
|
|
327
364
|
send(name)
|
|
328
365
|
end
|
|
329
|
-
end
|
|
330
366
|
|
|
331
|
-
|
|
332
|
-
|
|
367
|
+
define_method("#{name}?") do
|
|
368
|
+
send("#{encrypted_attribute}?")
|
|
369
|
+
end
|
|
333
370
|
end
|
|
334
371
|
|
|
335
372
|
define_method("#{name}=") do |message|
|
data/lib/lockbox/version.rb
CHANGED
data/lib/lockbox.rb
CHANGED
|
@@ -28,17 +28,21 @@ end
|
|
|
28
28
|
if defined?(ActiveSupport.on_load)
|
|
29
29
|
ActiveSupport.on_load(:active_record) do
|
|
30
30
|
# TODO raise error in 0.7.0
|
|
31
|
-
if ActiveRecord::VERSION::STRING.to_f
|
|
31
|
+
if ActiveRecord::VERSION::STRING.to_f < 5.0
|
|
32
32
|
warn "Active Record version (#{ActiveRecord::VERSION::STRING}) not supported in this version of Lockbox (#{Lockbox::VERSION})"
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
extend Lockbox::Model
|
|
36
36
|
extend Lockbox::Model::Attached
|
|
37
|
-
|
|
37
|
+
# alias_method is private in Ruby < 2.5
|
|
38
|
+
singleton_class.send(:alias_method, :encrypts, :lockbox_encrypts) if ActiveRecord::VERSION::MAJOR < 7
|
|
39
|
+
ActiveRecord::Relation.prepend Lockbox::Calculations
|
|
38
40
|
end
|
|
39
41
|
|
|
40
42
|
ActiveSupport.on_load(:mongoid) do
|
|
41
43
|
Mongoid::Document::ClassMethods.include(Lockbox::Model)
|
|
44
|
+
# alias_method is private in Ruby < 2.5
|
|
45
|
+
Mongoid::Document::ClassMethods.send(:alias_method, :encrypts, :lockbox_encrypts)
|
|
42
46
|
end
|
|
43
47
|
end
|
|
44
48
|
|
|
@@ -106,7 +110,7 @@ module Lockbox
|
|
|
106
110
|
|
|
107
111
|
def self.encrypts_action_text_body(**options)
|
|
108
112
|
ActiveSupport.on_load(:action_text_rich_text) do
|
|
109
|
-
ActionText::RichText.
|
|
113
|
+
ActionText::RichText.lockbox_encrypts :body, **options
|
|
110
114
|
end
|
|
111
115
|
end
|
|
112
116
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lockbox
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.6.
|
|
4
|
+
version: 0.6.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-01-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email: andrew@ankane.org
|
|
@@ -58,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
58
58
|
- !ruby/object:Gem::Version
|
|
59
59
|
version: '0'
|
|
60
60
|
requirements: []
|
|
61
|
-
rubygems_version: 3.
|
|
61
|
+
rubygems_version: 3.3.3
|
|
62
62
|
signing_key:
|
|
63
63
|
specification_version: 4
|
|
64
64
|
summary: Modern encryption for Ruby and Rails
|