lockbox 0.4.3 → 0.4.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/README.md +2 -0
  4. data/SECURITY.md +3 -0
  5. data/lib/lockbox.rb +2 -0
  6. data/lib/lockbox/calculations.rb +36 -0
  7. data/lib/lockbox/carrier_wave_extensions.rb +3 -3
  8. data/lib/lockbox/model.rb +1 -1
  9. data/lib/lockbox/utils.rb +6 -2
  10. data/lib/lockbox/version.rb +1 -1
  11. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c072d4c6e5935ff9e176c0fc705c0e36228da4b1fc530a7eaf0249db57c71ddc
4
- data.tar.gz: a0d293cb80ea7050deeccd039b5e0be01d51c09577181c1d9bf9df8a520764ac
3
+ metadata.gz: 6b1676e34ca9367ec4cfd3c655d263d23082243196abe8f0a174318383f7d4b1
4
+ data.tar.gz: cdda6ac4e9dccc4ab48a67e3628212fdde369a99639cc93e569d0d623f5ab8f3
5
5
  SHA512:
6
- metadata.gz: a46270931d8c21b25090be9d1825259e872eae678ba1d1df6ca7898f0e678f81edc2f590a4338502631686be3a7b2911e736c58d9704354918b707dbaafdba41
7
- data.tar.gz: 7bd511b855d777da969ea03aa14d7ce336a9c96670f01ac3e20424bb6fe039d43f183e561a33acb5e320ac2b8230aae287d608c292c68c4a91b605dd2be0cdb9
6
+ metadata.gz: 9e747bb720312daedcb2db5458d919cb50e554b03ee04d219a3b1c2f40ca917815a066dfd767b075046f29e387d5d48a734c193a3a2c48927b5abf6e0daaa099
7
+ data.tar.gz: 2a456f05d61ecc75dfdc76aca15df194b58f91d701a28d12d3b27cc40f93f301244e4f60d506f7deae7a1b6a53afab087205aaced37a54af75f81810934ed8af
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 0.4.4 (2020-06-23)
2
+
3
+ - Added support for `pluck`
4
+
1
5
  ## 0.4.3 (2020-05-26)
2
6
 
3
7
  - Improved error message for bad key length
data/README.md CHANGED
@@ -965,3 +965,5 @@ cd lockbox
965
965
  bundle install
966
966
  bundle exec rake test
967
967
  ```
968
+
969
+ For security issues, send an email to the address on [this page](https://github.com/ankane).
data/SECURITY.md ADDED
@@ -0,0 +1,3 @@
1
+ # Security Policy
2
+
3
+ For security issues, send an email to the address on [this page](https://github.com/ankane).
data/lib/lockbox.rb CHANGED
@@ -5,6 +5,7 @@ require "securerandom"
5
5
 
6
6
  # modules
7
7
  require "lockbox/box"
8
+ require "lockbox/calculations"
8
9
  require "lockbox/encryptor"
9
10
  require "lockbox/key_generator"
10
11
  require "lockbox/io"
@@ -25,6 +26,7 @@ if defined?(ActiveSupport)
25
26
  ActiveSupport.on_load(:active_record) do
26
27
  extend Lockbox::Model
27
28
  extend Lockbox::Model::Attached
29
+ ActiveRecord::Calculations.prepend Lockbox::Calculations
28
30
  end
29
31
 
30
32
  ActiveSupport.on_load(:mongoid) do
data/lib/lockbox/calculations.rb ADDED
@@ -0,0 +1,36 @@
1
+ module Lockbox
2
+ module Calculations
3
+ def pluck(*column_names)
4
+ return super unless model.respond_to?(:lockbox_attributes)
5
+
6
+ lockbox_columns = column_names.map.with_index { |c, i| [model.lockbox_attributes[c.to_sym], i] }.select(&:first)
7
+ return super unless lockbox_columns.any?
8
+
9
+ # replace column with ciphertext column
10
+ lockbox_columns.each do |la, i|
11
+ column_names[i] = la[:encrypted_attribute]
12
+ end
13
+
14
+ # pluck
15
+ result = super(*column_names)
16
+
17
+ # decrypt result
18
+ # handle pluck to single columns and multiple
19
+ #
20
+ # we can't pass context to decrypt method
21
+ # so this won't work if any options are a symbol or proc
22
+ if column_names.size == 1
23
+ la = lockbox_columns.first.first
24
+ result.map! { |v| model.send("decrypt_#{la[:encrypted_attribute]}", v) }
25
+ else
26
+ lockbox_columns.each do |la, i|
27
+ result.each do |v|
28
+ v[i] = model.send("decrypt_#{la[:encrypted_attribute]}", v[i])
29
+ end
30
+ end
31
+ end
32
+
33
+ result
34
+ end
35
+ end
36
+ end
data/lib/lockbox/carrier_wave_extensions.rb CHANGED
@@ -5,13 +5,13 @@ module Lockbox
5
5
  before :cache, :encrypt
6
6
 
7
7
  def encrypt(file)
8
- @file = CarrierWave::SanitizedFile.new(with_notification("encrypt_file") { lockbox.encrypt_io(file) })
8
+ @file = CarrierWave::SanitizedFile.new(lockbox_notify("encrypt_file") { lockbox.encrypt_io(file) })
9
9
  end
10
10
 
11
11
  # TODO safe to memoize?
12
12
  def read
13
13
  r = super
14
- with_notification("decrypt_file") { lockbox.decrypt(r) } if r
14
+ lockbox_notify("decrypt_file") { lockbox.decrypt(r) } if r
15
15
  end
16
16
 
17
17
  def size
@@ -58,7 +58,7 @@ module Lockbox
58
58
  end
59
59
  end
60
60
 
61
- def with_notification(type)
61
+ def lockbox_notify(type)
62
62
  if defined?(ActiveSupport::Notifications)
63
63
  name = lockbox_name
64
64
 
data/lib/lockbox/model.rb CHANGED
@@ -270,7 +270,7 @@ module Lockbox
270
270
  # cache
271
271
  # decrypt method does type casting
272
272
  if respond_to?(:write_attribute_without_type_cast, true)
273
- write_attribute_without_type_cast(name, message) if !@attributes.frozen?
273
+ write_attribute_without_type_cast(name.to_s, message) if !@attributes.frozen?
274
274
  else
275
275
  raw_write_attribute(name, message) if !@attributes.frozen?
276
276
  end
data/lib/lockbox/utils.rb CHANGED
@@ -4,9 +4,13 @@ module Lockbox
4
4
  options = options.except(:attribute, :encrypted_attribute, :migrating, :attached, :type)
5
5
  options[:encode] = false unless options.key?(:encode)
6
6
  options.each do |k, v|
7
- if v.is_a?(Proc)
8
- options[k] = context.instance_exec(&v) if v.respond_to?(:call)
7
+ if v.respond_to?(:call)
8
+ # context not present for pluck
9
+ # still possible to use if not dependent on context
10
+ options[k] = context ? context.instance_exec(&v) : v.call
9
11
  elsif v.is_a?(Symbol)
12
+ # context not present for pluck
13
+ raise Error, "Not available since :#{k} depends on record" unless context
10
14
  options[k] = context.send(v)
11
15
  end
12
16
  end
data/lib/lockbox/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Lockbox
2
- VERSION = "0.4.3"
2
+ VERSION = "0.4.4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.3
4
+ version: 0.4.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-26 00:00:00.000000000 Z
11
+ date: 2020-06-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -173,6 +173,7 @@ files:
173
173
  - CHANGELOG.md
174
174
  - LICENSE.txt
175
175
  - README.md
176
+ - SECURITY.md
176
177
  - lib/generators/lockbox/audits_generator.rb
177
178
  - lib/generators/lockbox/templates/migration.rb.tt
178
179
  - lib/generators/lockbox/templates/model.rb.tt
@@ -180,6 +181,7 @@ files:
180
181
  - lib/lockbox/active_storage_extensions.rb
181
182
  - lib/lockbox/aes_gcm.rb
182
183
  - lib/lockbox/box.rb
184
+ - lib/lockbox/calculations.rb
183
185
  - lib/lockbox/carrier_wave_extensions.rb
184
186
  - lib/lockbox/encryptor.rb
185
187
  - lib/lockbox/io.rb