lockbox 0.4.3 → 0.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/README.md +2 -0
  4. data/SECURITY.md +3 -0
  5. data/lib/lockbox.rb +2 -0
  6. data/lib/lockbox/calculations.rb +36 -0
  7. data/lib/lockbox/carrier_wave_extensions.rb +3 -3
  8. data/lib/lockbox/model.rb +1 -1
  9. data/lib/lockbox/utils.rb +6 -2
  10. data/lib/lockbox/version.rb +1 -1
  11. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c072d4c6e5935ff9e176c0fc705c0e36228da4b1fc530a7eaf0249db57c71ddc
4
- data.tar.gz: a0d293cb80ea7050deeccd039b5e0be01d51c09577181c1d9bf9df8a520764ac
3
+ metadata.gz: 6b1676e34ca9367ec4cfd3c655d263d23082243196abe8f0a174318383f7d4b1
4
+ data.tar.gz: cdda6ac4e9dccc4ab48a67e3628212fdde369a99639cc93e569d0d623f5ab8f3
5
5
  SHA512:
6
- metadata.gz: a46270931d8c21b25090be9d1825259e872eae678ba1d1df6ca7898f0e678f81edc2f590a4338502631686be3a7b2911e736c58d9704354918b707dbaafdba41
7
- data.tar.gz: 7bd511b855d777da969ea03aa14d7ce336a9c96670f01ac3e20424bb6fe039d43f183e561a33acb5e320ac2b8230aae287d608c292c68c4a91b605dd2be0cdb9
6
+ metadata.gz: 9e747bb720312daedcb2db5458d919cb50e554b03ee04d219a3b1c2f40ca917815a066dfd767b075046f29e387d5d48a734c193a3a2c48927b5abf6e0daaa099
7
+ data.tar.gz: 2a456f05d61ecc75dfdc76aca15df194b58f91d701a28d12d3b27cc40f93f301244e4f60d506f7deae7a1b6a53afab087205aaced37a54af75f81810934ed8af
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 0.4.4 (2020-06-23)
2
+
3
+ - Added support for `pluck`
4
+
1
5
  ## 0.4.3 (2020-05-26)
2
6
 
3
7
  - Improved error message for bad key length
data/README.md CHANGED
@@ -965,3 +965,5 @@ cd lockbox
965
965
  bundle install
966
966
  bundle exec rake test
967
967
  ```
968
+
969
+ For security issues, send an email to the address on [this page](https://github.com/ankane).
data/SECURITY.md ADDED
@@ -0,0 +1,3 @@
1
+ # Security Policy
2
+
3
+ For security issues, send an email to the address on [this page](https://github.com/ankane).
data/lib/lockbox.rb CHANGED
@@ -5,6 +5,7 @@ require "securerandom"
5
5
 
6
6
  # modules
7
7
  require "lockbox/box"
8
+ require "lockbox/calculations"
8
9
  require "lockbox/encryptor"
9
10
  require "lockbox/key_generator"
10
11
  require "lockbox/io"
@@ -25,6 +26,7 @@ if defined?(ActiveSupport)
25
26
  ActiveSupport.on_load(:active_record) do
26
27
  extend Lockbox::Model
27
28
  extend Lockbox::Model::Attached
29
+ ActiveRecord::Calculations.prepend Lockbox::Calculations
28
30
  end
29
31
 
30
32
  ActiveSupport.on_load(:mongoid) do
data/lib/lockbox/calculations.rb ADDED
@@ -0,0 +1,36 @@
1
+ module Lockbox
2
+ module Calculations
3
+ def pluck(*column_names)
4
+ return super unless model.respond_to?(:lockbox_attributes)
5
+
6
+ lockbox_columns = column_names.map.with_index { |c, i| [model.lockbox_attributes[c.to_sym], i] }.select(&:first)
7
+ return super unless lockbox_columns.any?
8
+
9
+ # replace column with ciphertext column
10
+ lockbox_columns.each do |la, i|
11
+ column_names[i] = la[:encrypted_attribute]
12
+ end
13
+
14
+ # pluck
15
+ result = super(*column_names)
16
+
17
+ # decrypt result
18
+ # handle pluck to single columns and multiple
19
+ #
20
+ # we can't pass context to decrypt method
21
+ # so this won't work if any options are a symbol or proc
22
+ if column_names.size == 1
23
+ la = lockbox_columns.first.first
24
+ result.map! { |v| model.send("decrypt_#{la[:encrypted_attribute]}", v) }
25
+ else
26
+ lockbox_columns.each do |la, i|
27
+ result.each do |v|
28
+ v[i] = model.send("decrypt_#{la[:encrypted_attribute]}", v[i])
29
+ end
30
+ end
31
+ end
32
+
33
+ result
34
+ end
35
+ end
36
+ end
data/lib/lockbox/carrier_wave_extensions.rb CHANGED
@@ -5,13 +5,13 @@ module Lockbox
5
5
  before :cache, :encrypt
6
6
 
7
7
  def encrypt(file)
8
- @file = CarrierWave::SanitizedFile.new(with_notification("encrypt_file") { lockbox.encrypt_io(file) })
8
+ @file = CarrierWave::SanitizedFile.new(lockbox_notify("encrypt_file") { lockbox.encrypt_io(file) })
9
9
  end
10
10
 
11
11
  # TODO safe to memoize?
12
12
  def read
13
13
  r = super
14
- with_notification("decrypt_file") { lockbox.decrypt(r) } if r
14
+ lockbox_notify("decrypt_file") { lockbox.decrypt(r) } if r
15
15
  end
16
16
 
17
17
  def size
@@ -58,7 +58,7 @@ module Lockbox
58
58
  end
59
59
  end
60
60
 
61
- def with_notification(type)
61
+ def lockbox_notify(type)
62
62
  if defined?(ActiveSupport::Notifications)
63
63
  name = lockbox_name
64
64
 
data/lib/lockbox/model.rb CHANGED
@@ -270,7 +270,7 @@ module Lockbox
270
270
  # cache
271
271
  # decrypt method does type casting
272
272
  if respond_to?(:write_attribute_without_type_cast, true)
273
- write_attribute_without_type_cast(name, message) if !@attributes.frozen?
273
+ write_attribute_without_type_cast(name.to_s, message) if !@attributes.frozen?
274
274
  else
275
275
  raw_write_attribute(name, message) if !@attributes.frozen?
276
276
  end
data/lib/lockbox/utils.rb CHANGED
@@ -4,9 +4,13 @@ module Lockbox
4
4
  options = options.except(:attribute, :encrypted_attribute, :migrating, :attached, :type)
5
5
  options[:encode] = false unless options.key?(:encode)
6
6
  options.each do |k, v|
7
- if v.is_a?(Proc)
8
- options[k] = context.instance_exec(&v) if v.respond_to?(:call)
7
+ if v.respond_to?(:call)
8
+ # context not present for pluck
9
+ # still possible to use if not dependent on context
10
+ options[k] = context ? context.instance_exec(&v) : v.call
9
11
  elsif v.is_a?(Symbol)
12
+ # context not present for pluck
13
+ raise Error, "Not available since :#{k} depends on record" unless context
10
14
  options[k] = context.send(v)
11
15
  end
12
16
  end
data/lib/lockbox/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Lockbox
2
- VERSION = "0.4.3"
2
+ VERSION = "0.4.4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.3
4
+ version: 0.4.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-26 00:00:00.000000000 Z
11
+ date: 2020-06-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -173,6 +173,7 @@ files:
173
173
  - CHANGELOG.md
174
174
  - LICENSE.txt
175
175
  - README.md
176
+ - SECURITY.md
176
177
  - lib/generators/lockbox/audits_generator.rb
177
178
  - lib/generators/lockbox/templates/migration.rb.tt
178
179
  - lib/generators/lockbox/templates/model.rb.tt
@@ -180,6 +181,7 @@ files:
180
181
  - lib/lockbox/active_storage_extensions.rb
181
182
  - lib/lockbox/aes_gcm.rb
182
183
  - lib/lockbox/box.rb
184
+ - lib/lockbox/calculations.rb
183
185
  - lib/lockbox/carrier_wave_extensions.rb
184
186
  - lib/lockbox/encryptor.rb
185
187
  - lib/lockbox/io.rb