lockbox 0.6.1 → 0.6.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 723ecf0e8367d053e2e80afddfa954559901f1b8c44d3a7cdb3ad562b3f5135a
-  data.tar.gz: 6c512616214fa1fdca743539769e1d2bd5f91135337a904b89ba58273dc9dbc5
+  metadata.gz: 4ba37bc916c02e18555640f29e47483898a96e04b75639b49ce9a0003fbaa443
+  data.tar.gz: 750a53ca3201e51b6dc0221305d4c021d64716a163a2e0cfc98c11ec8d1b6af8
 SHA512:
-  metadata.gz: 440177ac7cbe84f4e20eeedffe3045060debab17f178631bcba0b631e2e4c656bce1c0977f3af9dc84ce06788cf370626fed9053d3a4503632bc3daa0b6ab43d
-  data.tar.gz: ab23683aa75ff078b88cdfb65f29564691f5785b49549fa1d9286baf11a9959f7d49f0a21a7c84d10dd7d181c8affd05ca739769cdbe68193e4fb211f9a932af
+  metadata.gz: b4e23752c311bf6b161e6817ab204ba0b5936594db5c2509c3f5ef6e354c169097a1c799d7b5147daa0d68982f072d1d22363019c6881566403517f97a5f2c45
+  data.tar.gz: 51ab913facdc34aea3e3ef263dab2fa5c3852aa052de80804ec29019c2517df9244eefb8c15e6f2c1ca0059bfd4f9cc020ce00fff543874f6461faeec1e78443

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.6.2 (2020-02-08)
+
+- Added `inet` type
+- Fixed error when `lockbox` key in Rails credentials has a string value
+- Fixed deprecation warning with Active Record 6.1
+
 ## 0.6.1 (2020-12-03)
 
 - Added integration with Rails credentials

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2018-2020 Andrew Kane
+Copyright (c) 2018-2021 Andrew Kane
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -27,7 +27,7 @@ Generate a key
 Lockbox.generate_key
 ```
 
-Store the key with your other secrets. This is typically Rails credentials or an environment variable ([dotenv](https://github.com/bkeepers/dotenv) is great for this). Be sure to use different keys in development and production. Keys don’t need to be hex-encoded, but it’s often easier to store them this way.
+Store the key with your other secrets. This is typically Rails credentials or an environment variable ([dotenv](https://github.com/bkeepers/dotenv) is great for this). Be sure to use different keys in development and production.
 
 Set the following environment variable with your key (you can use this one in development)
 
@@ -121,6 +121,7 @@ class User < ApplicationRecord
   encrypts :properties, type: :json
   encrypts :settings, type: :hash
   encrypts :messages, type: :array
+  encrypts :ip, type: :inet
 end
 ```
 
@@ -1086,12 +1087,29 @@ end
 
 ## Upgrading
 
+### 0.6.0
+
+0.6.0 adds `encrypted: true` to Active Storage metadata for new files. This field is informational, but if you prefer to add it to existing files, use:
+
+```ruby
+User.with_attached_license.find_each do |user|
+  next unless user.license.attached?
+
+  metadata = user.license.metadata
+  unless metadata["encrypted"]
+    user.license.blob.update!(metadata: metadata.merge("encrypted" => true))
+  end
+end
+```
+
 ### 0.3.6
 
 0.3.6 makes content type detection more reliable for Active Storage. You can check and update the content type of existing files with:
 
 ```ruby
-User.find_each do |user|
+User.with_attached_license.find_each do |user|
+  next unless user.license.attached?
+
   license = user.license
   content_type = Marcel::MimeType.for(license.download, name: license.filename.to_s)
   if content_type != license.content_type

data/lib/generators/lockbox/audits_generator.rb

@@ -16,9 +16,7 @@ module Lockbox
       end
 
       def data_type
-        # use connection_config instead of connection.adapter
-        # so database connection isn't needed
-        case ActiveRecord::Base.connection_config[:adapter].to_s
+        case adapter
         when /postg/i # postgres, postgis
           "jsonb"
         when /mysql/i
@@ -27,6 +25,16 @@ module Lockbox
           "text"
         end
       end
+
+      # use connection_config instead of connection.adapter
+      # so database connection isn't needed
+      def adapter
+        if ActiveRecord::VERSION::STRING.to_f >= 6.1
+          ActiveRecord::Base.connection_db_config.adapter.to_s
+        else
+          ActiveRecord::Base.connection_config[:adapter].to_s
+        end
+      end
     end
   end
 end

data/lib/lockbox/model.rb

@@ -22,7 +22,8 @@ module Lockbox
       # end
 
       custom_type = options[:type].respond_to?(:serialize) && options[:type].respond_to?(:deserialize)
-      raise ArgumentError, "Unknown type: #{options[:type]}" unless custom_type || [nil, :string, :boolean, :date, :datetime, :time, :integer, :float, :binary, :json, :hash, :array].include?(options[:type])
+      valid_types = [nil, :string, :boolean, :date, :datetime, :time, :integer, :float, :binary, :json, :hash, :array, :inet]
+      raise ArgumentError, "Unknown type: #{options[:type]}" unless custom_type || valid_types.include?(options[:type])
 
       activerecord = defined?(ActiveRecord::Base) && self < ActiveRecord::Base
       raise ArgumentError, "Type not supported yet with Mongoid" if options[:type] && !activerecord
@@ -426,6 +427,14 @@ module Lockbox
                 message = ActiveRecord::Type::Float.new.serialize(message)
                 # double precision, big endian
                 message = [message].pack("G") unless message.nil?
+              when :inet
+                unless message.nil?
+                  ip = message.is_a?(IPAddr) ? message : (IPAddr.new(message) rescue nil)
+                  # same format as Postgres, with ipv4 padded to 16 bytes
+                  # family, netmask, ip
+                  # return nil for invalid IP like Active Record
+                  message = ip ? [ip.ipv4? ? 0 : 1, ip.prefix, ip.hton].pack("CCa16") : nil
+                end
               when :string, :binary
                 # do nothing
                 # encrypt will convert to binary
@@ -472,6 +481,11 @@ module Lockbox
               when :binary
                 # do nothing
                 # decrypt returns binary string
+              when :inet
+                family, prefix, addr = message.unpack("CCa16")
+                len = family == 0 ? 4 : 16
+                message = IPAddr.new_ntoh(addr.first(len))
+                message.prefix = prefix
               else
                 # use original name for serialized attributes
                 type = (try(:attribute_types) || {})[original_name.to_s]

data/lib/lockbox/railtie.rb

@@ -2,7 +2,8 @@ module Lockbox
   class Railtie < Rails::Railtie
     initializer "lockbox" do |app|
       if defined?(Rails.application.credentials)
-        Lockbox.master_key ||= Rails.application.credentials.dig(:lockbox, :master_key)
+        # needs to work when lockbox key has a string value
+        Lockbox.master_key ||= Rails.application.credentials.try(:lockbox).try(:fetch, :master_key, nil)
       end
 
       require "lockbox/carrier_wave_extensions" if defined?(CarrierWave)

data/lib/lockbox/version.rb

@@ -1,3 +1,3 @@
 module Lockbox
-  VERSION = "0.6.1"
+  VERSION = "0.6.2"
 end

metadata

@@ -1,199 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: lockbox
 version: !ruby/object:Gem::Version
-  version: 0.6.1
+  version: 0.6.2
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-12-04 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: carrierwave
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: combustion
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.3'
-- !ruby/object:Gem::Dependency
-  name: rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rbnacl
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '6'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '6'
-- !ruby/object:Gem::Dependency
-  name: sqlite3
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: pg
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: mysql2
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: shrine
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: shrine-mongoid
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: benchmark-ips
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+date: 2021-02-08 00:00:00.000000000 Z
+dependencies: []
 description:
-email: andrew@chartkick.com
+email: andrew@ankane.org
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -240,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.3
 signing_key:
 specification_version: 4
 summary: Modern encryption for Ruby and Rails