lockbox 0.6.3 → 0.6.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +19 -0
- data/LICENSE.txt +1 -1
- data/README.md +10 -4
- data/lib/lockbox/model.rb +43 -6
- data/lib/lockbox/version.rb +1 -1
- data/lib/lockbox.rb +7 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2b85dd2a91e0fbb6e687dc63a36915c3b67552320f417fe4caed9f27c5b8fbfc
|
|
4
|
+
data.tar.gz: 807037af47e0ee9fae9ed93d95ad0253b68bd6c6ab13ee53ce2cc8de0536e926
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 429401bd5b38388d43a07bfbc8cbe4acdac73718e05c5043276092ac0d992f439721beeb2d36320a84b69cd24687838edd9a59f28a39ac7f7797502911bd708a
|
|
7
|
+
data.tar.gz: 412a3eacac1489f931ea1cae22f628fe73eeb9a1d01b568c385f37ede3281f657235ed16b831c2c9c46348d23bb1e6d62a4e5ea857a2e619d0087f4e4e4b89ce
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,21 @@
|
|
|
1
|
+
## 0.6.7 (2022-01-25)
|
|
2
|
+
|
|
3
|
+
- Added warning for attributes with `default` option
|
|
4
|
+
- Removing warning for Active Record 5.0 (still supported)
|
|
5
|
+
|
|
6
|
+
## 0.6.6 (2021-09-27)
|
|
7
|
+
|
|
8
|
+
- Fixed `attribute?` method for `boolean` and `integer` types
|
|
9
|
+
|
|
10
|
+
## 0.6.5 (2021-07-07)
|
|
11
|
+
|
|
12
|
+
- Fixed issue with `pluck` extension not loading in some cases
|
|
13
|
+
|
|
14
|
+
## 0.6.4 (2021-04-05)
|
|
15
|
+
|
|
16
|
+
- Fixed in place changes in callbacks
|
|
17
|
+
- Fixed `[]` method for encrypted attributes
|
|
18
|
+
|
|
1
19
|
## 0.6.3 (2021-03-30)
|
|
2
20
|
|
|
3
21
|
- Fixed empty arrays and hashes
|
|
@@ -12,6 +30,7 @@
|
|
|
12
30
|
## 0.6.1 (2020-12-03)
|
|
13
31
|
|
|
14
32
|
- Added integration with Rails credentials
|
|
33
|
+
- Added warning for unsupported versions of Active Record
|
|
15
34
|
- Fixed in place changes for Active Record 6.1
|
|
16
35
|
- Fixed error with `content_type` method for CarrierWave < 2
|
|
17
36
|
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -16,7 +16,7 @@ Learn [the principles behind it](https://ankane.org/modern-encryption-rails), [h
|
|
|
16
16
|
Add this line to your application’s Gemfile:
|
|
17
17
|
|
|
18
18
|
```ruby
|
|
19
|
-
gem
|
|
19
|
+
gem "lockbox"
|
|
20
20
|
```
|
|
21
21
|
|
|
22
22
|
## Key Generation
|
|
@@ -87,6 +87,8 @@ class User < ApplicationRecord
|
|
|
87
87
|
end
|
|
88
88
|
```
|
|
89
89
|
|
|
90
|
+
**Note:** With Rails 7, use `lockbox_encrypts` instead of `encrypts`
|
|
91
|
+
|
|
90
92
|
You can use `email` just like any other attribute.
|
|
91
93
|
|
|
92
94
|
```ruby
|
|
@@ -336,9 +338,9 @@ def license
|
|
|
336
338
|
end
|
|
337
339
|
```
|
|
338
340
|
|
|
339
|
-
|
|
341
|
+
Use `filename` to specify a filename or `disposition: "inline"` to show inline.
|
|
340
342
|
|
|
341
|
-
|
|
343
|
+
#### Migrating Existing Files
|
|
342
344
|
|
|
343
345
|
Lockbox makes it easy to encrypt existing files without downtime.
|
|
344
346
|
|
|
@@ -403,6 +405,8 @@ def license
|
|
|
403
405
|
end
|
|
404
406
|
```
|
|
405
407
|
|
|
408
|
+
Use `filename` to specify a filename or `disposition: "inline"` to show inline.
|
|
409
|
+
|
|
406
410
|
#### Migrating Existing Files
|
|
407
411
|
|
|
408
412
|
Encrypt existing files without downtime. Create a new encrypted uploader:
|
|
@@ -478,6 +482,8 @@ def license
|
|
|
478
482
|
end
|
|
479
483
|
```
|
|
480
484
|
|
|
485
|
+
Use `filename` to specify a filename or `disposition: "inline"` to show inline.
|
|
486
|
+
|
|
481
487
|
#### Non-Models
|
|
482
488
|
|
|
483
489
|
Generate a key
|
|
@@ -713,7 +719,7 @@ brew install libsodium
|
|
|
713
719
|
And add to your Gemfile:
|
|
714
720
|
|
|
715
721
|
```ruby
|
|
716
|
-
gem
|
|
722
|
+
gem "rbnacl"
|
|
717
723
|
```
|
|
718
724
|
|
|
719
725
|
Then add to your model:
|
data/lib/lockbox/model.rb
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module Lockbox
|
|
2
2
|
module Model
|
|
3
|
-
def
|
|
3
|
+
def lockbox_encrypts(*attributes, **options)
|
|
4
4
|
# support objects
|
|
5
5
|
# case options[:type]
|
|
6
6
|
# when Date
|
|
@@ -149,16 +149,38 @@ module Lockbox
|
|
|
149
149
|
# needed for in-place modifications
|
|
150
150
|
# assigned attributes are encrypted on assignment
|
|
151
151
|
# and then again here
|
|
152
|
-
|
|
152
|
+
def lockbox_sync_attributes
|
|
153
153
|
self.class.lockbox_attributes.each do |_, lockbox_attribute|
|
|
154
154
|
attribute = lockbox_attribute[:attribute]
|
|
155
155
|
|
|
156
|
-
if attribute_changed_in_place?(attribute)
|
|
156
|
+
if attribute_changed_in_place?(attribute) || (send("#{attribute}_changed?") && !send("#{lockbox_attribute[:encrypted_attribute]}_changed?"))
|
|
157
157
|
send("#{attribute}=", send(attribute))
|
|
158
158
|
end
|
|
159
159
|
end
|
|
160
160
|
end
|
|
161
161
|
|
|
162
|
+
# safety check
|
|
163
|
+
[:_create_record, :_update_record].each do |method_name|
|
|
164
|
+
unless private_method_defined?(method_name) || method_defined?(method_name)
|
|
165
|
+
raise Lockbox::Error, "Expected #{method_name} to be defined. Please report an issue."
|
|
166
|
+
end
|
|
167
|
+
end
|
|
168
|
+
|
|
169
|
+
def _create_record(*)
|
|
170
|
+
lockbox_sync_attributes
|
|
171
|
+
super
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
def _update_record(*)
|
|
175
|
+
lockbox_sync_attributes
|
|
176
|
+
super
|
|
177
|
+
end
|
|
178
|
+
|
|
179
|
+
def [](attr_name)
|
|
180
|
+
send(attr_name) if self.class.lockbox_attributes.any? { |_, la| la[:attribute] == attr_name.to_s }
|
|
181
|
+
super
|
|
182
|
+
end
|
|
183
|
+
|
|
162
184
|
def update_columns(attributes)
|
|
163
185
|
return super unless attributes.is_a?(Hash)
|
|
164
186
|
|
|
@@ -287,6 +309,21 @@ module Lockbox
|
|
|
287
309
|
super()
|
|
288
310
|
end
|
|
289
311
|
end
|
|
312
|
+
|
|
313
|
+
define_method("#{name}?") do
|
|
314
|
+
# uses public_send, so we don't need to preload attribute
|
|
315
|
+
query_attribute(name)
|
|
316
|
+
end
|
|
317
|
+
|
|
318
|
+
user_provided_default =
|
|
319
|
+
if ActiveRecord::VERSION::STRING >= "5.2"
|
|
320
|
+
ActiveModel::Attribute::UserProvidedDefault
|
|
321
|
+
else
|
|
322
|
+
ActiveRecord::Attribute::UserProvidedDefault
|
|
323
|
+
end
|
|
324
|
+
if _default_attributes[name.to_s].is_a?(user_provided_default)
|
|
325
|
+
warn "[lockbox] WARNING: attributes with `:default` option are not supported. Use `after_initialize` instead."
|
|
326
|
+
end
|
|
290
327
|
else
|
|
291
328
|
# keep this module dead simple
|
|
292
329
|
# Mongoid uses changed_attributes to calculate keys to update
|
|
@@ -326,10 +363,10 @@ module Lockbox
|
|
|
326
363
|
send("reset_#{encrypted_attribute}_to_default!")
|
|
327
364
|
send(name)
|
|
328
365
|
end
|
|
329
|
-
end
|
|
330
366
|
|
|
331
|
-
|
|
332
|
-
|
|
367
|
+
define_method("#{name}?") do
|
|
368
|
+
send("#{encrypted_attribute}?")
|
|
369
|
+
end
|
|
333
370
|
end
|
|
334
371
|
|
|
335
372
|
define_method("#{name}=") do |message|
|
data/lib/lockbox/version.rb
CHANGED
data/lib/lockbox.rb
CHANGED
|
@@ -28,17 +28,21 @@ end
|
|
|
28
28
|
if defined?(ActiveSupport.on_load)
|
|
29
29
|
ActiveSupport.on_load(:active_record) do
|
|
30
30
|
# TODO raise error in 0.7.0
|
|
31
|
-
if ActiveRecord::VERSION::STRING.to_f
|
|
31
|
+
if ActiveRecord::VERSION::STRING.to_f < 5.0
|
|
32
32
|
warn "Active Record version (#{ActiveRecord::VERSION::STRING}) not supported in this version of Lockbox (#{Lockbox::VERSION})"
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
extend Lockbox::Model
|
|
36
36
|
extend Lockbox::Model::Attached
|
|
37
|
-
|
|
37
|
+
# alias_method is private in Ruby < 2.5
|
|
38
|
+
singleton_class.send(:alias_method, :encrypts, :lockbox_encrypts) if ActiveRecord::VERSION::MAJOR < 7
|
|
39
|
+
ActiveRecord::Relation.prepend Lockbox::Calculations
|
|
38
40
|
end
|
|
39
41
|
|
|
40
42
|
ActiveSupport.on_load(:mongoid) do
|
|
41
43
|
Mongoid::Document::ClassMethods.include(Lockbox::Model)
|
|
44
|
+
# alias_method is private in Ruby < 2.5
|
|
45
|
+
Mongoid::Document::ClassMethods.send(:alias_method, :encrypts, :lockbox_encrypts)
|
|
42
46
|
end
|
|
43
47
|
end
|
|
44
48
|
|
|
@@ -106,7 +110,7 @@ module Lockbox
|
|
|
106
110
|
|
|
107
111
|
def self.encrypts_action_text_body(**options)
|
|
108
112
|
ActiveSupport.on_load(:action_text_rich_text) do
|
|
109
|
-
ActionText::RichText.
|
|
113
|
+
ActionText::RichText.lockbox_encrypts :body, **options
|
|
110
114
|
end
|
|
111
115
|
end
|
|
112
116
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lockbox
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.6.
|
|
4
|
+
version: 0.6.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-01-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email: andrew@ankane.org
|
|
@@ -58,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
58
58
|
- !ruby/object:Gem::Version
|
|
59
59
|
version: '0'
|
|
60
60
|
requirements: []
|
|
61
|
-
rubygems_version: 3.
|
|
61
|
+
rubygems_version: 3.3.3
|
|
62
62
|
signing_key:
|
|
63
63
|
specification_version: 4
|
|
64
64
|
summary: Modern encryption for Ruby and Rails
|