mongoid-encrypted-fields 1.1.0 → 1.2.0

data/.gitignore

@@ -2,7 +2,9 @@
 *.rbc
 .bundle
 .config
+.sw?
 .yardoc
+.*.sw?
 Gemfile.lock
 InstalledFiles
 _yardoc
@@ -17,4 +19,4 @@ test/version_tmp
 tmp
 
 #Ignore IDEA directory
-/.idea
+/.idea

data/CHANGLOG.md

@@ -1,5 +1,9 @@
 # Revision history
 
+## 1.2 - Add EncryptedHash
+
+* Accepted [pull request](https://github.com/KoanHealth/mongoid-encrypted-fields/pull/4) from ashirazi to add support for encrypted hashes
+
 ## 1.1 - Breaking changes - PLEASE READ
 
 ### encrypted-strings gem

data/README.md

@@ -51,6 +51,12 @@ Queries encrypt data before searching the database, so equality matches work aut
 
 ## Known Limitations
 * Single cipher for all encrypted fields
+* Currently can encrypt these [Mongoid types](http://mongoid.org/en/mongoid/docs/documents.html#fields)
+  * Date
+  * DateTime
+  * Hash
+  * String
+  * Time
 
 ## Copyright
 (c) 2012 Koan Health. See LICENSE.txt for further details.

data/Rakefile

@@ -1 +1,8 @@
 require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new do |task|
+  task.rspec_opts = ["-c", "-f progress", "-r ./spec/spec_helper.rb"]
+  task.pattern    = 'spec/**/*_spec.rb'
+end
+

data/examples/gibberish_cipher.rb

@@ -1,7 +1,7 @@
 require 'gibberish/aes'
 
-# Gibberish uses a unique salt for every encryption, but we need the same text to return the same ciphertext
-# so Searching for encrypted field will work
+# Gibberish uses a unique salt for every encryption, but we need the same text
+# to return the same ciphertext so Searching for encrypted field will work
 class GibberishCipher < Gibberish::AES
 
   SALT = "OU812FTW" # TODO: If you use this example class, make a unique 8-byte salt for your project
@@ -11,9 +11,9 @@ class GibberishCipher < Gibberish::AES
     @salt = options[:salt] || SALT
   end
 
-  def generate_salt
+  def generate_salt(supplied_salt)
     return @salt if @salt
     super
   end
 
-end
+end

data/lib/mongoid-encrypted-fields.rb

@@ -1,6 +1,7 @@
 require 'mongoid-encrypted-fields/version'
 require 'mongoid-encrypted-fields/logging'
 require 'mongoid-encrypted-fields/fields/encrypted_field'
+require 'mongoid-encrypted-fields/fields/encrypted_hash'
 require 'mongoid-encrypted-fields/fields/encrypted_string'
 require 'mongoid-encrypted-fields/fields/encrypted_date'
 require 'mongoid-encrypted-fields/fields/encrypted_date_time'
@@ -15,4 +16,4 @@ module Mongoid
     end
 
   end
-end
+end

data/lib/mongoid-encrypted-fields/fields/encrypted_field.rb

@@ -1,4 +1,5 @@
-require "base64"
+require 'active_support/concern'
+require 'base64'
 
 module Mongoid
   module EncryptedField
@@ -6,10 +7,10 @@ module Mongoid
 
     def encrypted
       if frozen?
-        @encrypted ||= self.class.encrypt(to_s)
+        @encrypted ||= self.class.encrypt(raw_value)
       else
         # We are mutable - need to encrypt whenever asked
-        self.class.encrypt(to_s)
+        self.class.encrypt(raw_value)
       end
     end
 
@@ -18,6 +19,11 @@ module Mongoid
       encrypted
     end
 
+    # Provide string to be encrypted and stored in Mongo DB
+    def raw_value
+      to_s
+    end
+
     module ClassMethods
 
       # Get the object as it was stored in the database, and instantiate this custom class from it.
@@ -72,4 +78,4 @@ module Mongoid
     end
 
   end
-end
+end

data/lib/mongoid-encrypted-fields/fields/encrypted_hash.rb

@@ -0,0 +1,48 @@
+# encoding: utf-8
+#
+# Used to store an encrypted hash in Mongo
+#
+# Usage:
+# field :address, type: Mongoid::EncryptedHash
+#
+# Set with an unencrypted hash
+# p = Person.new()
+# p.address = {street: "123 Main St", city: "Springdale", state: "MD"}
+#
+# Get returns the unencrypted hash
+# puts p.address -> {:street=>"123 Main St", :city=>"Springdale", :state=>"MD"}
+#
+# Use the encrypted property to see the encrypted value
+# puts p.address.encrypted -> '....'
+require 'yaml'
+
+module Mongoid
+  class EncryptedHash < ::Hash
+    include Mongoid::EncryptedField
+
+    # Return value to be encrypted
+    def raw_value
+      to_yaml
+    end
+
+    class << self
+
+      # converts from a plain Hash to an EncryptedHash
+      def from_hash(h)
+        self[h.to_hash]
+      end
+
+      # Takes an object representation (Hash or string) and converts it to an
+      # EncryptedHash.
+      def convert(object)
+        case object
+          when Hash
+            from_hash(object)
+          else
+            from_hash(::YAML.load(object))
+        end
+      end
+
+    end
+  end
+end

data/lib/mongoid-encrypted-fields/logging.rb

@@ -1,3 +1,5 @@
+require 'logger'
+
 module Mongoid
   module EncryptedFields
     # Contains behavior for logging.

data/lib/mongoid-encrypted-fields/version.rb

@@ -1,5 +1,5 @@
 module Mongoid
   module EncryptedFields
-      VERSION = "1.1.0"
+      VERSION = '1.2.0'
   end
 end

data/mongoid-encrypted-fields.gemspec

@@ -17,10 +17,10 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
 
-  gem.add_dependency "rake"
   gem.add_dependency "mongoid", "~> 3"
 
+  gem.add_development_dependency "rake"
   gem.add_development_dependency "rspec"
-  gem.add_development_dependency "gibberish", "~> 1.2"
+  gem.add_development_dependency "gibberish", "~> 1.2.2"
   gem.add_development_dependency "encrypted_strings", "~> 0.3"
 end

data/spec/mongoid-encrypted-fields/fields/encrypted_hash_spec.rb

@@ -0,0 +1,69 @@
+require 'spec_helper'
+
+module Mongoid
+  describe EncryptedHash do
+
+    before(:all) do
+      Mongoid::EncryptedFields.cipher = GibberishCipher.new('my test password')
+    end
+
+    subject { Mongoid::EncryptedHash }
+    let(:raw) { {street: "123 Main St", city: "Springdale", state: "MD"} }
+    let(:encrypted) { Mongoid::EncryptedHash.mongoize({street: "123 Main St", city: "Springdale", state: "MD"}) }
+
+    it "returns the same hash" do
+      subject.from_hash(raw).should eq(raw)
+    end
+
+    it "should encrypt the hash" do
+      subject.from_hash(raw).encrypted.should eq(encrypted)
+    end
+
+    it "nil should fail" do
+      -> { subject.from_hash(nil) }.should raise_error()
+    end
+
+    describe "demongoize" do
+
+      it "nil should return nil" do
+        subject.demongoize(nil).should be_nil
+      end
+
+      it "blank string should return blank string" do
+        subject.demongoize('').should eq('')
+      end
+
+      it "invalid hash should fail" do
+        -> { subject.demongoize('not a hash') }.should raise_error
+      end
+
+      it "encrypted hash should return unencrypted hash" do
+        decrypted = subject.demongoize(encrypted)
+        decrypted.is_a?(subject).should be_true
+        decrypted.should eq(raw)
+      end
+
+    end
+
+    describe "mongoize" do
+
+      it "encrypted hash should return encrypted" do
+        subject.mongoize(subject.from_hash(raw)).should eq(encrypted)
+      end
+
+      it "encrypted hash should return itself" do
+        subject.mongoize(encrypted).should eq(encrypted)
+      end
+
+      it "nil should return nil" do
+        subject.mongoize(nil).should eq(nil)
+      end
+
+      it "valid hash should return encrypted" do
+        subject.mongoize(raw).should eq(encrypted)
+      end
+
+    end
+
+  end
+end

data/spec/mongoid-encrypted-fields/fields/model_spec.rb

@@ -10,7 +10,9 @@ describe 'Single model' do
   let (:ssn_encrypted) { Mongoid::EncryptedString.mongoize(ssn) }
   let (:birth_date) { 20.years.ago.to_date }
   let (:birth_date_encrypted) { Mongoid::EncryptedDate.mongoize(birth_date) }
-  let (:person) { Person.new(name: 'John Doe', ssn: ssn, birth_date: birth_date) }
+  let (:address) { {street: '123 Main St', city: 'Anytown', state: 'TX' } }
+  let (:address_encrypted) { Mongoid::EncryptedHash.mongoize(address) }
+  let (:person) { Person.new(name: 'John Doe', ssn: ssn, birth_date: birth_date, address: address) }
 
   it "model stores encrypted ssn" do
     person.attributes['ssn'].should eq(ssn_encrypted)
@@ -20,6 +22,10 @@ describe 'Single model' do
     person.attributes['birth_date'].should eq(birth_date_encrypted)
   end
 
+  it "model stores encrypted address" do
+    person.attributes['address'].should eq(address_encrypted)
+  end
+
   it "ssn getter returns raw value" do
     person.ssn.should eq(ssn)
   end
@@ -28,6 +34,10 @@ describe 'Single model' do
     person.birth_date.should eq(birth_date)
   end
 
+  it "address getter returns raw value" do
+    person.address.should eq(address)
+  end
+
   describe "after save" do
 
     before(:each) do
@@ -44,6 +54,10 @@ describe 'Single model' do
       @persisted.attributes['birth_date'].should eq(birth_date_encrypted)
     end
 
+    it "encrypted address is persisted" do
+      @persisted.attributes['address'].should eq(address_encrypted)
+    end
+
     it "encrypted ssn getter returns raw value" do
       @persisted.ssn.should eq(ssn)
     end
@@ -52,6 +66,10 @@ describe 'Single model' do
       @persisted.birth_date.should eq(birth_date)
     end
 
+    it "encrypted address getter returns raw value" do
+      @persisted.address.should eq(address)
+    end
+
   end
 
   describe "find model by encrypted field" do

data/spec/support/models/person.rb

@@ -4,5 +4,6 @@ class Person
   field :name, type: String
   field :ssn, type: Mongoid::EncryptedString
   field :birth_date, type: Mongoid::EncryptedDate
+  field :address, type: Mongoid::EncryptedHash
 
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mongoid-encrypted-fields
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,40 +9,40 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-02-03 00:00:00.000000000 Z
+date: 2013-03-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: mongoid
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: mongoid
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ~>
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: '3'
-  type: :runtime
+        version: '0'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ~>
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -66,7 +66,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: 1.2.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -74,7 +74,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: 1.2.2
 - !ruby/object:Gem::Dependency
   name: encrypted_strings
   requirement: !ruby/object:Gem::Requirement
@@ -113,6 +113,7 @@ files:
 - lib/mongoid-encrypted-fields/fields/encrypted_date.rb
 - lib/mongoid-encrypted-fields/fields/encrypted_date_time.rb
 - lib/mongoid-encrypted-fields/fields/encrypted_field.rb
+- lib/mongoid-encrypted-fields/fields/encrypted_hash.rb
 - lib/mongoid-encrypted-fields/fields/encrypted_string.rb
 - lib/mongoid-encrypted-fields/fields/encrypted_time.rb
 - lib/mongoid-encrypted-fields/logging.rb
@@ -122,6 +123,7 @@ files:
 - spec/mongoid-encrypted-fields/fields/encrypted_date_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_datetime_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_field_spec.rb
+- spec/mongoid-encrypted-fields/fields/encrypted_hash_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_string_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_time_spec.rb
 - spec/mongoid-encrypted-fields/fields/model_spec.rb
@@ -141,7 +143,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -323082810856718661
+      hash: -3259061833501052041
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -150,7 +152,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -323082810856718661
+      hash: -3259061833501052041
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.25
@@ -162,6 +164,7 @@ test_files:
 - spec/mongoid-encrypted-fields/fields/encrypted_date_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_datetime_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_field_spec.rb
+- spec/mongoid-encrypted-fields/fields/encrypted_hash_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_string_spec.rb
 - spec/mongoid-encrypted-fields/fields/encrypted_time_spec.rb
 - spec/mongoid-encrypted-fields/fields/model_spec.rb