lockbox 1.3.0 → 1.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: db8c162439dc5376d1aabf48af3925fd2d7a5129e3902b49b973dce9eda16a77
-  data.tar.gz: 2e82dc5026e09fdaee0bb1baddabc9b0f8294f38cf613ee09368d62aa39c4ff4
+  metadata.gz: b4771553bf23214b514e9a4a5c94ce665d234d34969f9a3941ea68bdc6729ed4
+  data.tar.gz: a921894d4f3f43d5245a91941e06f79ea652f09c9c77ccf8dc7e442d1dbda0e5
 SHA512:
-  metadata.gz: e8d6d9a2c4661767c01ab8874f29c3fd705712d4f3d6d153e09b4c7ad6441bb0812d45c6cf526d3a59177ae23c44289b1aa375e462303c17fcb952edd4641a8e
-  data.tar.gz: 2e5cd80ddca65447f10a666b5568bbdeff449bf6517c944a67f6fdfdd5ff253e7560569133216a5459d1519ad3bb72b5cabd17065240a2aa1091750e21b4c26c
+  metadata.gz: 90fef82d743a0172a61728fd9f314eca597d43820e87aeb9cb77330e4ec824919d354b81cf4c6c9c2b1c8cedcebb8916425fed5e469b24ea11b6a2e8730feb6f
+  data.tar.gz: fe874ec6aa3f563927f2ea1743d34a795468846ce74cc9e1a0467e41757721d40c8449d7093b158f63f92b8566ea578cf88e5f2b0a8caefc9facee2a8b731afa

data/CHANGELOG.md

@@ -1,3 +1,26 @@
+## 1.4.1 (2024-09-09)
+
+- Fixed error message for previews for Active Storage 7.1.4
+
+## 1.4.0 (2024-08-09)
+
+- Added support for Active Record 7.2
+- Added support for Mongoid 9
+- Fixed error when `decryption_key` option is a proc or symbol and returns `nil`
+
+## 1.3.3 (2024-02-07)
+
+- Added warning for encrypting store attributes
+
+## 1.3.2 (2024-01-10)
+
+- Fixed issue with serialized attributes
+
+## 1.3.1 (2024-01-06)
+
+- Fixed error with `array` and `hash` types and no default column serializer with Rails 7.1
+- Fixed Action Text deserialization with Rails 7.1
+
 ## 1.3.0 (2023-07-02)
 
 - Added support for CarrierWave 3

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2018-2022 Andrew Kane
+Copyright (c) 2018-2024 Andrew Kane
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -9,7 +9,7 @@
 
 Learn [the principles behind it](https://ankane.org/modern-encryption-rails), [how to secure emails with Devise](https://ankane.org/securing-user-emails-lockbox), and [how to secure sensitive data in Rails](https://ankane.org/sensitive-data-rails).
 
-[![Build Status](https://github.com/ankane/lockbox/workflows/build/badge.svg?branch=master)](https://github.com/ankane/lockbox/actions)
+[![Build Status](https://github.com/ankane/lockbox/actions/workflows/build.yml/badge.svg)](https://github.com/ankane/lockbox/actions)
 
 ## Installation
 
@@ -72,7 +72,7 @@ Then follow the instructions below for the data you want to encrypt.
 Create a migration with:
 
 ```ruby
-class AddEmailCiphertextToUsers < ActiveRecord::Migration[7.0]
+class AddEmailCiphertextToUsers < ActiveRecord::Migration[7.2]
   def change
     add_column :users, :email_ciphertext, :text
   end
@@ -140,6 +140,8 @@ class User < ApplicationRecord
 end
 ```
 
+For [Active Record Store](https://api.rubyonrails.org/classes/ActiveRecord/Store.html), encrypt the column rather than individual accessors.
+
 For [StoreModel](https://github.com/DmitryTsepelev/store_model), use:
 
 ```ruby
@@ -192,7 +194,7 @@ class User < ApplicationRecord
   has_encrypted :email
 
   # remove this line after dropping email column
-  self.ignored_columns = ["email"]
+  self.ignored_columns += ["email"]
 end
 ```
 
@@ -249,7 +251,7 @@ User.decrypt_email_ciphertext(user.email_ciphertext)
 Create a migration with:
 
 ```ruby
-class AddBodyCiphertextToRichTexts < ActiveRecord::Migration[7.0]
+class AddBodyCiphertextToRichTexts < ActiveRecord::Migration[7.2]
   def change
     add_column :action_text_rich_texts, :body_ciphertext, :text
   end
@@ -380,7 +382,7 @@ Encryption is applied to all versions after processing.
 You can mount the uploader [as normal](https://github.com/carrierwaveuploader/carrierwave#activerecord). With Active Record, this involves creating a migration:
 
 ```ruby
-class AddLicenseToUsers < ActiveRecord::Migration[7.0]
+class AddLicenseToUsers < ActiveRecord::Migration[7.2]
   def change
     add_column :users, :license, :string
   end
@@ -908,7 +910,7 @@ end
 You can use `binary` columns for the ciphertext instead of `text` columns.
 
 ```ruby
-class AddEmailCiphertextToUsers < ActiveRecord::Migration[7.0]
+class AddEmailCiphertextToUsers < ActiveRecord::Migration[7.2]
   def change
     add_column :users, :email_ciphertext, :binary
   end
@@ -959,7 +961,7 @@ end
 Create a migration with:
 
 ```ruby
-class MigrateToLockbox < ActiveRecord::Migration[7.0]
+class MigrateToLockbox < ActiveRecord::Migration[7.2]
   def change
     add_column :users, :name_ciphertext, :text
     add_column :users, :email_ciphertext, :text
@@ -992,7 +994,7 @@ end
 Then remove the previous gem from your Gemfile and drop its columns.
 
 ```ruby
-class RemovePreviousEncryptedColumns < ActiveRecord::Migration[7.0]
+class RemovePreviousEncryptedColumns < ActiveRecord::Migration[7.2]
   def change
     remove_column :users, :encrypted_name, :text
     remove_column :users, :encrypted_name_iv, :text
@@ -1014,21 +1016,6 @@ class User < ApplicationRecord
 end
 ```
 
-### 0.6.0
-
-0.6.0 adds `encrypted: true` to Active Storage metadata for new files. This field is informational, but if you prefer to add it to existing files, use:
-
-```ruby
-User.with_attached_license.find_each do |user|
-  next unless user.license.attached?
-
-  metadata = user.license.metadata
-  unless metadata["encrypted"]
-    user.license.blob.update!(metadata: metadata.merge("encrypted" => true))
-  end
-end
-```
-
 ## History
 
 View the [changelog](https://github.com/ankane/lockbox/blob/master/CHANGELOG.md)

data/lib/lockbox/active_storage_extensions.rb

@@ -124,6 +124,13 @@ module Lockbox
         super
       end
 
+      if ActiveStorage::VERSION::STRING.to_f == 7.1 && ActiveStorage.version >= "7.1.4"
+        def transform_variants_later
+          blob.instance_variable_set(:@lockbox_encrypted, true) if Utils.encrypted_options(record, name)
+          super
+        end
+      end
+
       if ActiveStorage::VERSION::MAJOR >= 6
         def open(**options)
           blob.open(**options) do |file|
@@ -150,6 +157,12 @@ module Lockbox
     end
 
     module Blob
+      if ActiveStorage::VERSION::STRING.to_f == 7.1 && ActiveStorage.version >= "7.1.4"
+        def preview_image_needed_before_processing_variants?
+          !instance_variable_defined?(:@lockbox_encrypted) && super
+        end
+      end
+
       private
 
       def extract_content_type(io)

data/lib/lockbox/carrier_wave_extensions.rb

@@ -79,7 +79,7 @@ module Lockbox
             while uploader.parent_version
               uploader = uploader.parent_version
             end
-            uploader.class.name.sub(/Uploader\z/, "").underscore
+            uploader.class.name.delete_suffix("Uploader").underscore
           end
         end
 

data/lib/lockbox/migrator.rb

@@ -2,7 +2,7 @@ module Lockbox
   class Migrator
     def initialize(relation, batch_size:)
       @relation = relation
-      @transaction = @relation.respond_to?(:transaction)
+      @transaction = @relation.respond_to?(:transaction) && !mongoid_relation?(base_relation)
       @batch_size = batch_size
     end
 

data/lib/lockbox/model.rb

@@ -137,13 +137,16 @@ module Lockbox
                 # essentially a no-op if already loaded
                 # an exception is thrown if decryption fails
                 self.class.lockbox_attributes.each do |_, lockbox_attribute|
-                  # don't try to decrypt if no decryption key given
-                  next if lockbox_attribute[:algorithm] == "hybrid" && lockbox_attribute[:decryption_key].nil?
-
                   # it is possible that the encrypted attribute is not loaded, eg.
                   # if the record was fetched partially (`User.select(:id).first`).
                   # accessing a not loaded attribute raises an `ActiveModel::MissingAttributeError`.
-                  send(lockbox_attribute[:attribute]) if has_attribute?(lockbox_attribute[:encrypted_attribute])
+                  if has_attribute?(lockbox_attribute[:encrypted_attribute])
+                    begin
+                      send(lockbox_attribute[:attribute])
+                    rescue ArgumentError => e
+                      raise e if e.message != "No decryption key set"
+                    end
+                  end
                 end
                 super
               end
@@ -230,6 +233,20 @@ module Lockbox
               end
 
               if ActiveRecord::VERSION::MAJOR >= 6
+                if ActiveRecord::VERSION::STRING.to_f >= 7.2
+                  def self.insert(attributes, **options)
+                    super(lockbox_map_record_attributes(attributes), **options)
+                  end
+
+                  def self.insert!(attributes, **options)
+                    super(lockbox_map_record_attributes(attributes), **options)
+                  end
+
+                  def self.upsert(attributes, **options)
+                    super(lockbox_map_record_attributes(attributes, check_readonly: true), **options)
+                  end
+                end
+
                 def self.insert_all(attributes, **options)
                   super(lockbox_map_attributes(attributes), **options)
                 end
@@ -248,30 +265,37 @@ module Lockbox
                   return records unless records.is_a?(Array)
 
                   records.map do |attributes|
-                    # transform keys like Active Record
-                    attributes = attributes.transform_keys do |key|
-                      n = key.to_s
-                      attribute_aliases[n] || n
-                    end
+                    lockbox_map_record_attributes(attributes, check_readonly: false)
+                  end
+                end
 
-                    lockbox_attributes = self.lockbox_attributes.slice(*attributes.keys.map(&:to_sym))
-                    lockbox_attributes.each do |key, lockbox_attribute|
-                      attribute = key.to_s
-                      # check read only
-                      # users should mark both plaintext and ciphertext columns
-                      if check_readonly && readonly_attributes.include?(attribute) && !readonly_attributes.include?(lockbox_attribute[:encrypted_attribute].to_s)
-                        warn "[lockbox] WARNING: Mark attribute as readonly: #{lockbox_attribute[:encrypted_attribute]}"
-                      end
-
-                      message = attributes[attribute]
-                      attributes.delete(attribute) unless lockbox_attribute[:migrating]
-                      encrypted_attribute = lockbox_attribute[:encrypted_attribute]
-                      ciphertext = send("generate_#{encrypted_attribute}", message)
-                      attributes[encrypted_attribute] = ciphertext
+                # private
+                def self.lockbox_map_record_attributes(attributes, check_readonly: false)
+                  return attributes unless attributes.is_a?(Hash)
+
+                  # transform keys like Active Record
+                  attributes = attributes.transform_keys do |key|
+                    n = key.to_s
+                    attribute_aliases[n] || n
+                  end
+
+                  lockbox_attributes = self.lockbox_attributes.slice(*attributes.keys.map(&:to_sym))
+                  lockbox_attributes.each do |key, lockbox_attribute|
+                    attribute = key.to_s
+                    # check read only
+                    # users should mark both plaintext and ciphertext columns
+                    if check_readonly && readonly_attributes.include?(attribute) && !readonly_attributes.include?(lockbox_attribute[:encrypted_attribute].to_s)
+                      warn "[lockbox] WARNING: Mark attribute as readonly: #{lockbox_attribute[:encrypted_attribute]}"
                     end
 
-                    attributes
+                    message = attributes[attribute]
+                    attributes.delete(attribute) unless lockbox_attribute[:migrating]
+                    encrypted_attribute = lockbox_attribute[:encrypted_attribute]
+                    ciphertext = send("generate_#{encrypted_attribute}", message)
+                    attributes[encrypted_attribute] = ciphertext
                   end
+
+                  attributes
                 end
               end
             else
@@ -289,8 +313,18 @@ module Lockbox
           @lockbox_attributes[original_name] = options
 
           if activerecord
+            # warn on store attributes
+            if stored_attributes.any? { |k, v| v.include?(name) }
+              warn "[lockbox] WARNING: encrypting store accessors is not supported. Encrypt the column instead."
+            end
+
             # warn on default attributes
-            if attributes_to_define_after_schema_loads.key?(name.to_s)
+            if ActiveRecord::VERSION::STRING.to_f >= 7.2
+              # TODO improve
+              if pending_attribute_modifications.any? { |v| v.is_a?(ActiveModel::AttributeRegistration::ClassMethods::PendingDefault) && v.name == name.to_s }
+                warn "[lockbox] WARNING: attributes with `:default` option are not supported. Use `after_initialize` instead."
+              end
+            elsif attributes_to_define_after_schema_loads.key?(name.to_s)
               opt = attributes_to_define_after_schema_loads[name.to_s][1]
 
               has_default =
@@ -324,13 +358,43 @@ module Lockbox
               attribute name, attribute_type
 
               if ActiveRecord::VERSION::STRING.to_f >= 7.1
-                serialize name, coder: JSON if options[:type] == :json
-                serialize name, type: Hash if options[:type] == :hash
-                serialize name, type: Array if options[:type] == :array
+                case options[:type]
+                when :json
+                  serialize name, coder: JSON
+                when :hash
+                  serialize name, type: Hash, coder: default_column_serializer || YAML
+                when :array
+                  serialize name, type: Array, coder: default_column_serializer || YAML
+                end
               else
-                serialize name, JSON if options[:type] == :json
-                serialize name, Hash if options[:type] == :hash
-                serialize name, Array if options[:type] == :array
+                case options[:type]
+                when :json
+                  serialize name, JSON
+                when :hash
+                  serialize name, Hash
+                when :array
+                  serialize name, Array
+                end
+              end
+            elsif ActiveRecord::VERSION::STRING.to_f >= 7.2
+              decorate_attributes([name]) do |attr_name, cast_type|
+                if cast_type.instance_of?(ActiveRecord::Type::Value)
+                  original_type = pending_attribute_modifications.find { |v| v.is_a?(ActiveModel::AttributeRegistration::ClassMethods::PendingType) && v.name == original_name.to_s && !v.type.nil? }&.type
+                  if original_type
+                    original_type
+                  elsif options[:migrating]
+                    cast_type
+                  else
+                    ActiveRecord::Type::String.new
+                  end
+                elsif cast_type.is_a?(ActiveRecord::Type::Serialized) && cast_type.subtype.instance_of?(ActiveModel::Type::Value)
+                  # hack to set string type after serialize
+                  # otherwise, type gets set to ActiveModel::Type::Value
+                  # which always returns false for changed_in_place?
+                  ActiveRecord::Type::Serialized.new(ActiveRecord::Type::String.new, cast_type.coder)
+                else
+                  cast_type
+                end
               end
             elsif !attributes_to_define_after_schema_loads.key?(name.to_s)
               # when migrating it's best to specify the type directly
@@ -345,8 +409,7 @@ module Lockbox
                 attribute name, :string
               end
             else
-              # hack for Active Record 6.1
-              # to set string type after serialize
+              # hack for Active Record 6.1+ to set string type after serialize
               # otherwise, type gets set to ActiveModel::Type::Value
               # which always returns false for changed_in_place?
               # earlier versions of Active Record take the previous code path
@@ -432,12 +495,12 @@ module Lockbox
             # decrypt first for dirty tracking
             # don't raise error if can't decrypt previous
             # don't try to decrypt if no decryption key given
-            unless options[:algorithm] == "hybrid" && options[:decryption_key].nil?
-              begin
-                send(name)
-              rescue Lockbox::DecryptionError
-                warn "[lockbox] Decrypting previous value failed"
-              end
+            begin
+              send(name)
+            rescue Lockbox::DecryptionError
+              warn "[lockbox] Decrypting previous value failed"
+            rescue ArgumentError => e
+              raise e if e.message != "No decryption key set"
             end
 
             send("lockbox_direct_#{name}=", message)
@@ -499,6 +562,9 @@ module Lockbox
                     clear_attribute_change(name)
                   end
                 end
+
+                # ensure same object is returned as next call
+                message = super()
               else
                 instance_variable_set("@#{name}", message)
               end
@@ -615,6 +681,10 @@ module Lockbox
               else
                 # use original name for serialized attributes if no type specified
                 type = (try(:attribute_types) || {})[(options[:type] ? name : original_name).to_s]
+                # for Action Text
+                if activerecord && type.is_a?(ActiveRecord::Type::Serialized) && defined?(ActionText::Content) && type.coder == ActionText::Content
+                  message.force_encoding(Encoding::UTF_8)
+                end
                 message = type.deserialize(message) if type
                 message.force_encoding(Encoding::UTF_8) if !type || type.is_a?(ActiveModel::Type::String)
               end
@@ -647,7 +717,8 @@ module Lockbox
     end
 
     def lockbox_encrypts(*attributes, **options)
-      ActiveSupport::Deprecation.warn("`#{__callee__}` is deprecated in favor of `has_encrypted`")
+      deprecator = ActiveSupport::VERSION::STRING.to_f >= 7.2 ? ActiveSupport.deprecator : ActiveSupport::Deprecation
+      deprecator.warn("`#{__callee__}` is deprecated in favor of `has_encrypted`")
       has_encrypted(*attributes, **options)
     end
 

data/lib/lockbox/version.rb

@@ -1,3 +1,3 @@
 module Lockbox
-  VERSION = "1.3.0"
+  VERSION = "1.4.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lockbox
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.1
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-02 00:00:00.000000000 Z
+date: 2024-09-09 00:00:00.000000000 Z
 dependencies: []
 description:
 email: andrew@ankane.org
@@ -58,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
+rubygems_version: 3.5.16
 signing_key:
 specification_version: 4
 summary: Modern encryption for Ruby and Rails