mongoid-encrypted-fields 1.3.6 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -13
- data/CHANGELOG.md +6 -0
- data/README.md +24 -21
- data/Rakefile +2 -5
- data/lib/mongoid-encrypted-fields.rb +0 -15
- data/lib/mongoid-encrypted-fields/version.rb +1 -1
- data/spec/config/mongoid.yml +2 -2
- data/spec/gemfiles/mongoid5_rails42.gemfile +6 -0
- data/spec/gemfiles/mongoid6_rails50.gemfile +6 -0
- data/spec/gemfiles/mongoid7_rails52.gemfile +6 -0
- data/spec/gemfiles/mongoid_head.gemfile +4 -0
- data/spec/mongoid-encrypted-fields/fields/model_spec.rb +2 -2
- data/spec/spec_helper.rb +4 -10
- metadata +35 -49
- data/lib/mongoid-encrypted-fields/mongoid3/validations/uniqueness.rb +0 -25
- data/lib/mongoid-encrypted-fields/mongoid4/validatable/uniqueness.rb +0 -30
- data/spec/config/mongoid5.yml +0 -6
- data/spec/mongoid-encrypted-fields/mongoid3/validations/uniqueness_spec.rb +0 -153
- data/spec/mongoid-encrypted-fields/mongoid4/validatable/uniqueness_spec.rb +0 -152
checksums.yaml
CHANGED
@@ -1,15 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
|
5
|
-
data.tar.gz: !binary |-
|
6
|
-
NWIyNTY0MmU4OTY0NTY4NDdlZGU3Yjg1Nzc3Zjc0NzljNTRiM2QyNQ==
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 28bc4a1689e6aeb467943657e296ce6c1529054a26e09c837c76a12f623752e7
|
4
|
+
data.tar.gz: f0a8359460de259dc13d3edfb8391946264cd7745a4af0bc9ed8c7e6c0d64473
|
7
5
|
SHA512:
|
8
|
-
metadata.gz:
|
9
|
-
|
10
|
-
YzYxODBiNTY0MWExNzZhYTA3OWQzNmM3ZTEwMzI0ODFiYTVlYzhjZTliNWM4
|
11
|
-
ZDlkOGE1MWFkMDAyYjZmYmJmY2IzMWIzODg0MDdhODU5ODc5Y2E=
|
12
|
-
data.tar.gz: !binary |-
|
13
|
-
NjY1ZDc4MDQ5Mjc0NDBhOGFjY2MzYzgwY2RjNjVhNzMwMjEyZDNlN2NiOTc3
|
14
|
-
YTgzYzdhNzAwYTg3ZGI2NDdlMDM3MWMzNDMyZTE5ZTAyZGZiNGNjZDMwOTY0
|
15
|
-
YTcyYjY4ZGI0OTliZmRiOWNhMzMxZTU1ZWI0YjA5OWJmMDFiM2Y=
|
6
|
+
metadata.gz: 9969796ce16d098ba5c247c27e1ff58ca8b29527ec0cd4887e83340b7760727b90916c60f00d6fce9766e0a832159721e09edb1b490d4845547f007be17603c9
|
7
|
+
data.tar.gz: 6fe8250904d109723dd30f11bafd878e6febde61977f3138d2211cce4850f9baa1b7d3983a6cf70994881b7c7ac17f84af8f99b881c9c7014891d868c362d2dd
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -18,23 +18,32 @@ Mongoid 3 supports [custom types](http://mongoid.org/en/mongoid/docs/documents.h
|
|
18
18
|
Queries encrypt data before searching the database, so equality matches work automatically.
|
19
19
|
|
20
20
|
## Prerequisites
|
21
|
-
|
22
|
-
*
|
21
|
+
|
22
|
+
* [Mongoid](http://mongoid.org) 5+
|
23
|
+
* Rails 4+
|
24
|
+
* Ruby 2.0+
|
23
25
|
* "Bring your own" encryption, see below
|
24
26
|
|
27
|
+
Mongoid 3, Mongoid 4 and Rails 3.2 are supported in version 1.x of this gem.
|
28
|
+
|
25
29
|
## Install
|
30
|
+
|
31
|
+
```ruby
|
26
32
|
gem 'mongoid-encrypted-fields'
|
33
|
+
```
|
27
34
|
|
28
35
|
## Usage
|
29
36
|
* Configure the cipher to be used for encrypting field values:
|
30
37
|
|
31
38
|
GibberishCipher can be found in examples - uses the [Gibberish](https://github.com/mdp/gibberish) gem:
|
32
|
-
|
39
|
+
|
40
|
+
```ruby
|
33
41
|
Mongoid::EncryptedFields.cipher = Gibberish.new(ENV['MY_PASSWORD'], ENV['MY_SALT'])
|
34
|
-
```
|
42
|
+
```
|
35
43
|
|
36
44
|
* Use encrypted types for fields in your models:
|
37
|
-
|
45
|
+
|
46
|
+
```ruby
|
38
47
|
class Person
|
39
48
|
include Mongoid::Document
|
40
49
|
|
@@ -42,33 +51,27 @@ Queries encrypt data before searching the database, so equality matches work aut
|
|
42
51
|
field :ssn, type: Mongoid::EncryptedString
|
43
52
|
end
|
44
53
|
```
|
54
|
+
|
45
55
|
* The field getter returns the unencrypted value:
|
46
|
-
|
56
|
+
|
57
|
+
```ruby
|
47
58
|
person = Person.new(ssn: '123456789')
|
48
59
|
person.ssn # => '123456789'
|
49
60
|
```
|
61
|
+
|
50
62
|
* The encrypted value is accessible with the "encrypted" attribute
|
51
|
-
|
63
|
+
|
64
|
+
```ruby
|
52
65
|
person.ssn.encrypted # => <encrypted string>
|
53
66
|
|
54
67
|
# It can also be accessed using the hash syntax supported by Mongoid
|
55
68
|
person[:ssn] # => <encrypted string>
|
56
69
|
```
|
70
|
+
|
57
71
|
* Finding a model by an encrypted field works automatically (equality only):
|
58
|
-
```Ruby
|
59
|
-
Person.where(ssn: '123456789').count() # ssn is encrypted before querying the database
|
60
|
-
```
|
61
|
-
* The Mongoid uniqueness validator is patched to detect encrypted fields:
|
62
|
-
```Ruby
|
63
|
-
class Person
|
64
|
-
...
|
65
|
-
field :ssn, type: Mongoid::EncryptedString
|
66
|
-
validates_uniqueness_of :ssn, case_sensitive: true # Works as expected
|
67
|
-
validates_uniqueness_of :ssn, case_sensitive: false # Raises exception - encrypted field cannot support a case insensitive match
|
68
|
-
end
|
69
72
|
|
70
|
-
|
71
|
-
Person.
|
73
|
+
```ruby
|
74
|
+
Person.where(ssn: '123456789').count() # ssn is encrypted before querying the database
|
72
75
|
```
|
73
76
|
|
74
77
|
## Known Limitations
|
@@ -79,7 +82,7 @@ Queries encrypt data before searching the database, so equality matches work aut
|
|
79
82
|
* Hash
|
80
83
|
* String
|
81
84
|
* Time
|
82
|
-
* The uniqueness validator for encrypted fields
|
85
|
+
* The uniqueness validator for encrypted fields should always be set to case-sensitive. Encrypted fields cannot support a case-insensitive match.
|
83
86
|
|
84
87
|
## Related Articles
|
85
88
|
* [Storing Encrypted Data in MongoDB](http://jerryclinesmith.me/blog/2013/03/29/storing-encrypted-data-in-mongodb/)
|
data/Rakefile
CHANGED
@@ -5,13 +5,10 @@ Bundler.setup
|
|
5
5
|
require 'rake'
|
6
6
|
require 'rspec/core/rake_task'
|
7
7
|
|
8
|
-
RSpec::Core::RakeTask.new('spec')
|
9
|
-
spec.pattern = 'spec/**/*_spec.rb'
|
10
|
-
end
|
8
|
+
RSpec::Core::RakeTask.new('spec')
|
11
9
|
|
12
10
|
RSpec::Core::RakeTask.new('spec:progress') do |spec|
|
13
11
|
spec.rspec_opts = %w(--format progress)
|
14
|
-
spec.pattern = 'spec/**/*_spec.rb'
|
15
12
|
end
|
16
13
|
|
17
|
-
task :
|
14
|
+
task default: :spec
|
@@ -13,21 +13,6 @@ module Mongoid
|
|
13
13
|
class << self
|
14
14
|
# Set cipher used for all field encryption/decryption
|
15
15
|
attr_accessor :cipher
|
16
|
-
|
17
|
-
def mongoid_major_version
|
18
|
-
@mongoid_major_version ||= ::Mongoid::VERSION[/([^\.]+)/].to_i
|
19
|
-
end
|
20
|
-
|
21
16
|
end
|
22
|
-
|
23
17
|
end
|
24
18
|
end
|
25
|
-
|
26
|
-
case ::Mongoid::EncryptedFields.mongoid_major_version
|
27
|
-
when 3
|
28
|
-
require 'mongoid-encrypted-fields/mongoid3/validations/uniqueness'
|
29
|
-
when 4, 5, 6
|
30
|
-
require 'mongoid-encrypted-fields/mongoid4/validatable/uniqueness'
|
31
|
-
else
|
32
|
-
raise "Unsupported version of Mongoid: #{::Mongoid::VERSION}"
|
33
|
-
end
|
data/spec/config/mongoid.yml
CHANGED
@@ -41,7 +41,7 @@ describe 'Single model' do
|
|
41
41
|
describe "after save" do
|
42
42
|
|
43
43
|
before(:each) do
|
44
|
-
|
44
|
+
Person.delete_all
|
45
45
|
person.save!
|
46
46
|
@persisted = Person.find(person.id)
|
47
47
|
end
|
@@ -78,7 +78,7 @@ describe 'Single model' do
|
|
78
78
|
describe "find model by encrypted field" do
|
79
79
|
|
80
80
|
before(:each) do
|
81
|
-
|
81
|
+
Person.delete_all
|
82
82
|
person.save!
|
83
83
|
end
|
84
84
|
|
data/spec/spec_helper.rb
CHANGED
@@ -9,6 +9,7 @@ end
|
|
9
9
|
require 'mongoid'
|
10
10
|
require 'rspec'
|
11
11
|
|
12
|
+
require 'encrypted_strings'
|
12
13
|
require 'mongoid-encrypted-fields'
|
13
14
|
|
14
15
|
Dir["#{File.dirname(__FILE__)}/../examples/**/*.rb"].each { |f| require f }
|
@@ -16,19 +17,12 @@ Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
|
|
16
17
|
|
17
18
|
ENV['MONGOID_ENV'] ||= 'test'
|
18
19
|
|
19
|
-
#
|
20
|
-
if Mongoid::EncryptedFields.mongoid_major_version < 5
|
21
|
-
Mongoid.load!("#{File.dirname(__FILE__)}/config/mongoid.yml")
|
22
|
-
else
|
23
|
-
Mongoid.load!("#{File.dirname(__FILE__)}/config/mongoid5.yml")
|
24
|
-
end
|
25
|
-
|
20
|
+
Mongoid.load!("#{File.dirname(__FILE__)}/config/mongoid.yml")
|
26
21
|
Mongoid::EncryptedFields.logger.level = Logger::FATAL
|
22
|
+
Mongoid.logger = Mongoid::EncryptedFields.logger
|
23
|
+
Moped.logger = Mongoid::EncryptedFields.logger if defined?(Moped)
|
27
24
|
|
28
25
|
RSpec.configure do |config|
|
29
|
-
Mongoid.logger = Mongoid::EncryptedFields.logger
|
30
|
-
Moped.logger = Mongoid::EncryptedFields.logger if defined? Moped
|
31
|
-
|
32
26
|
config.treat_symbols_as_metadata_keys_with_true_values = true
|
33
27
|
config.run_all_when_everything_filtered = true
|
34
28
|
config.filter_run :focus
|
metadata
CHANGED
@@ -1,111 +1,97 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mongoid-encrypted-fields
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 2.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Koan Health
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-05-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: mongoid
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- -
|
17
|
+
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '
|
19
|
+
version: '5'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- -
|
24
|
+
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: json
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - <
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '2'
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - <
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '2'
|
26
|
+
version: '5'
|
41
27
|
- !ruby/object:Gem::Dependency
|
42
28
|
name: rake
|
43
29
|
requirement: !ruby/object:Gem::Requirement
|
44
30
|
requirements:
|
45
|
-
- -
|
31
|
+
- - ">="
|
46
32
|
- !ruby/object:Gem::Version
|
47
33
|
version: '0'
|
48
34
|
type: :development
|
49
35
|
prerelease: false
|
50
36
|
version_requirements: !ruby/object:Gem::Requirement
|
51
37
|
requirements:
|
52
|
-
- -
|
38
|
+
- - ">="
|
53
39
|
- !ruby/object:Gem::Version
|
54
40
|
version: '0'
|
55
41
|
- !ruby/object:Gem::Dependency
|
56
42
|
name: rspec
|
57
43
|
requirement: !ruby/object:Gem::Requirement
|
58
44
|
requirements:
|
59
|
-
- -
|
45
|
+
- - ">="
|
60
46
|
- !ruby/object:Gem::Version
|
61
47
|
version: '0'
|
62
48
|
type: :development
|
63
49
|
prerelease: false
|
64
50
|
version_requirements: !ruby/object:Gem::Requirement
|
65
51
|
requirements:
|
66
|
-
- -
|
52
|
+
- - ">="
|
67
53
|
- !ruby/object:Gem::Version
|
68
54
|
version: '0'
|
69
55
|
- !ruby/object:Gem::Dependency
|
70
56
|
name: gibberish
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
72
58
|
requirements:
|
73
|
-
- -
|
59
|
+
- - ">="
|
74
60
|
- !ruby/object:Gem::Version
|
75
|
-
version: '
|
61
|
+
version: '0'
|
76
62
|
type: :development
|
77
63
|
prerelease: false
|
78
64
|
version_requirements: !ruby/object:Gem::Requirement
|
79
65
|
requirements:
|
80
|
-
- -
|
66
|
+
- - ">="
|
81
67
|
- !ruby/object:Gem::Version
|
82
|
-
version: '
|
68
|
+
version: '0'
|
83
69
|
- !ruby/object:Gem::Dependency
|
84
70
|
name: encrypted_strings
|
85
71
|
requirement: !ruby/object:Gem::Requirement
|
86
72
|
requirements:
|
87
|
-
- - ~>
|
73
|
+
- - "~>"
|
88
74
|
- !ruby/object:Gem::Version
|
89
75
|
version: '0.3'
|
90
76
|
type: :development
|
91
77
|
prerelease: false
|
92
78
|
version_requirements: !ruby/object:Gem::Requirement
|
93
79
|
requirements:
|
94
|
-
- - ~>
|
80
|
+
- - "~>"
|
95
81
|
- !ruby/object:Gem::Version
|
96
82
|
version: '0.3'
|
97
83
|
- !ruby/object:Gem::Dependency
|
98
84
|
name: simplecov
|
99
85
|
requirement: !ruby/object:Gem::Requirement
|
100
86
|
requirements:
|
101
|
-
- -
|
87
|
+
- - ">="
|
102
88
|
- !ruby/object:Gem::Version
|
103
89
|
version: '0'
|
104
90
|
type: :development
|
105
91
|
prerelease: false
|
106
92
|
version_requirements: !ruby/object:Gem::Requirement
|
107
93
|
requirements:
|
108
|
-
- -
|
94
|
+
- - ">="
|
109
95
|
- !ruby/object:Gem::Version
|
110
96
|
version: '0'
|
111
97
|
description: A library for storing encrypted data in Mongo
|
@@ -127,11 +113,12 @@ files:
|
|
127
113
|
- lib/mongoid-encrypted-fields/fields/encrypted_string.rb
|
128
114
|
- lib/mongoid-encrypted-fields/fields/encrypted_time.rb
|
129
115
|
- lib/mongoid-encrypted-fields/logging.rb
|
130
|
-
- lib/mongoid-encrypted-fields/mongoid3/validations/uniqueness.rb
|
131
|
-
- lib/mongoid-encrypted-fields/mongoid4/validatable/uniqueness.rb
|
132
116
|
- lib/mongoid-encrypted-fields/version.rb
|
133
117
|
- spec/config/mongoid.yml
|
134
|
-
- spec/
|
118
|
+
- spec/gemfiles/mongoid5_rails42.gemfile
|
119
|
+
- spec/gemfiles/mongoid6_rails50.gemfile
|
120
|
+
- spec/gemfiles/mongoid7_rails52.gemfile
|
121
|
+
- spec/gemfiles/mongoid_head.gemfile
|
135
122
|
- spec/mongoid-encrypted-fields/fields/encrypted_date_spec.rb
|
136
123
|
- spec/mongoid-encrypted-fields/fields/encrypted_datetime_spec.rb
|
137
124
|
- spec/mongoid-encrypted-fields/fields/encrypted_field_spec.rb
|
@@ -139,8 +126,6 @@ files:
|
|
139
126
|
- spec/mongoid-encrypted-fields/fields/encrypted_string_spec.rb
|
140
127
|
- spec/mongoid-encrypted-fields/fields/encrypted_time_spec.rb
|
141
128
|
- spec/mongoid-encrypted-fields/fields/model_spec.rb
|
142
|
-
- spec/mongoid-encrypted-fields/mongoid3/validations/uniqueness_spec.rb
|
143
|
-
- spec/mongoid-encrypted-fields/mongoid4/validatable/uniqueness_spec.rb
|
144
129
|
- spec/spec_helper.rb
|
145
130
|
- spec/support/models/person.rb
|
146
131
|
homepage: https://github.com/KoanHealth/mongoid-encrypted-fields
|
@@ -153,31 +138,32 @@ require_paths:
|
|
153
138
|
- lib
|
154
139
|
required_ruby_version: !ruby/object:Gem::Requirement
|
155
140
|
requirements:
|
156
|
-
- -
|
141
|
+
- - ">="
|
157
142
|
- !ruby/object:Gem::Version
|
158
|
-
version:
|
143
|
+
version: 2.0.0
|
159
144
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
160
145
|
requirements:
|
161
|
-
- -
|
146
|
+
- - ">="
|
162
147
|
- !ruby/object:Gem::Version
|
163
148
|
version: 1.3.6
|
164
149
|
requirements: []
|
165
150
|
rubyforge_project:
|
166
|
-
rubygems_version: 2.
|
151
|
+
rubygems_version: 2.7.6
|
167
152
|
signing_key:
|
168
153
|
specification_version: 4
|
169
154
|
summary: Custom types for storing encrypted data
|
170
155
|
test_files:
|
156
|
+
- spec/spec_helper.rb
|
171
157
|
- spec/config/mongoid.yml
|
172
|
-
- spec/
|
173
|
-
- spec/
|
174
|
-
- spec/
|
158
|
+
- spec/gemfiles/mongoid_head.gemfile
|
159
|
+
- spec/gemfiles/mongoid5_rails42.gemfile
|
160
|
+
- spec/gemfiles/mongoid6_rails50.gemfile
|
161
|
+
- spec/gemfiles/mongoid7_rails52.gemfile
|
162
|
+
- spec/support/models/person.rb
|
175
163
|
- spec/mongoid-encrypted-fields/fields/encrypted_field_spec.rb
|
164
|
+
- spec/mongoid-encrypted-fields/fields/encrypted_time_spec.rb
|
176
165
|
- spec/mongoid-encrypted-fields/fields/encrypted_hash_spec.rb
|
166
|
+
- spec/mongoid-encrypted-fields/fields/encrypted_date_spec.rb
|
177
167
|
- spec/mongoid-encrypted-fields/fields/encrypted_string_spec.rb
|
178
|
-
- spec/mongoid-encrypted-fields/fields/
|
168
|
+
- spec/mongoid-encrypted-fields/fields/encrypted_datetime_spec.rb
|
179
169
|
- spec/mongoid-encrypted-fields/fields/model_spec.rb
|
180
|
-
- spec/mongoid-encrypted-fields/mongoid3/validations/uniqueness_spec.rb
|
181
|
-
- spec/mongoid-encrypted-fields/mongoid4/validatable/uniqueness_spec.rb
|
182
|
-
- spec/spec_helper.rb
|
183
|
-
- spec/support/models/person.rb
|
@@ -1,25 +0,0 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
|
-
module Mongoid
|
4
|
-
module Validations
|
5
|
-
|
6
|
-
# Monkey-patch for Mongoid's uniqueness validator to enforce that the :case_sensitive option does not work
|
7
|
-
# for encrypted fields; they must always be case-sensitive.
|
8
|
-
# Patch is confirmed to work on Mongoid >= 3.0.0
|
9
|
-
class UniquenessValidator
|
10
|
-
|
11
|
-
def setup_with_validation(klass)
|
12
|
-
setup_without_validation(klass)
|
13
|
-
return if case_sensitive?
|
14
|
-
attributes.each do |attribute|
|
15
|
-
field_type = @klass.fields[@klass.database_field_name(attribute)].options[:type]
|
16
|
-
raise ArgumentError, "Encrypted field :#{attribute} cannot support case insensitive uniqueness" if field_type && field_type.method_defined?(:encrypted)
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
alias_method :setup_without_validation, :setup
|
21
|
-
alias_method :setup, :setup_with_validation
|
22
|
-
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
|
-
module Mongoid
|
4
|
-
module Validatable
|
5
|
-
|
6
|
-
# Monkey-patch for Mongoid's uniqueness validator to enforce that the :case_sensitive option does not work
|
7
|
-
# for encrypted fields; they must always be case-sensitive.
|
8
|
-
# Patch is confirmed to work on Mongoid >= 4.0.0
|
9
|
-
class UniquenessValidator
|
10
|
-
attr_reader :klass
|
11
|
-
|
12
|
-
# Older versions of Mongoid's UniquenessValidator have a klass variable to reference the validating document
|
13
|
-
# This was later replaced in ActiveModel with options[:class]
|
14
|
-
def initialize(options={})
|
15
|
-
@klass = options[:class] if options.key?(:class)
|
16
|
-
super
|
17
|
-
end
|
18
|
-
|
19
|
-
def check_validity!
|
20
|
-
return if case_sensitive?
|
21
|
-
return unless klass
|
22
|
-
attributes.each do |attribute|
|
23
|
-
field_type = klass.fields[klass.database_field_name(attribute)].options[:type]
|
24
|
-
raise ArgumentError, "Encrypted field :#{attribute} cannot support case insensitive uniqueness" if field_type && field_type.method_defined?(:encrypted)
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
data/spec/config/mongoid5.yml
DELETED
@@ -1,153 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
if Mongoid::EncryptedFields.mongoid_major_version == 3
|
4
|
-
describe Mongoid::Validations::UniquenessValidator do
|
5
|
-
|
6
|
-
before(:all) do
|
7
|
-
Mongoid::EncryptedFields.cipher = GibberishCipher.new('my test password', 'weaksalt')
|
8
|
-
end
|
9
|
-
|
10
|
-
before(:each) do
|
11
|
-
Mongoid.purge!
|
12
|
-
Mongoid::IdentityMap.clear
|
13
|
-
end
|
14
|
-
|
15
|
-
describe "#valid?" do
|
16
|
-
|
17
|
-
let(:person) do
|
18
|
-
Person.new(name: "bill", ssn: "abc456789", credit_card: "12345678", phone_number: "12345678")
|
19
|
-
end
|
20
|
-
|
21
|
-
after do
|
22
|
-
Person.reset_callbacks(:validate)
|
23
|
-
end
|
24
|
-
|
25
|
-
context "when the value is in conflict" do
|
26
|
-
|
27
|
-
context "when the field is not encrypted" do
|
28
|
-
|
29
|
-
context "when the validation is case-sensitive" do
|
30
|
-
|
31
|
-
before do
|
32
|
-
Person.validates_uniqueness_of :name, case_sensitive: true
|
33
|
-
Person.create!(name: "bill")
|
34
|
-
end
|
35
|
-
|
36
|
-
it "correctly detects a uniqueness conflict" do
|
37
|
-
expect(person).to_not be_valid
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
context "when the validation is case-insensitive" do
|
42
|
-
|
43
|
-
before do
|
44
|
-
Person.validates_uniqueness_of :name, case_sensitive: false
|
45
|
-
Person.create!(name: "BiLl")
|
46
|
-
end
|
47
|
-
|
48
|
-
it "behaves as case-insensitive" do
|
49
|
-
expect(person).to_not be_valid
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
context "when the field is encrypted" do
|
55
|
-
|
56
|
-
context "when the validation is case-sensitive" do
|
57
|
-
|
58
|
-
before do
|
59
|
-
Person.validates_uniqueness_of :ssn
|
60
|
-
Person.create!(ssn: "abc456789")
|
61
|
-
end
|
62
|
-
|
63
|
-
it "behaves as case-sensitive" do
|
64
|
-
expect(person).not_to be_valid
|
65
|
-
end
|
66
|
-
end
|
67
|
-
|
68
|
-
context "when the validation is case-insensitive" do
|
69
|
-
|
70
|
-
it "throws an exception" do
|
71
|
-
expect { Person.validates_uniqueness_of :ssn, case_sensitive: false }.to raise_error 'Encrypted field :ssn cannot support case insensitive uniqueness'
|
72
|
-
end
|
73
|
-
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
context "when the value is not conflict" do
|
79
|
-
|
80
|
-
context "when the field is not encrypted" do
|
81
|
-
|
82
|
-
before do
|
83
|
-
Person.validates_uniqueness_of :name
|
84
|
-
Person.create!(name: "ted")
|
85
|
-
end
|
86
|
-
|
87
|
-
it "correctly detects a uniqueness conflict" do
|
88
|
-
expect(person).to be_valid
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
|
-
context "when the field is encrypted" do
|
93
|
-
|
94
|
-
before do
|
95
|
-
Person.validates_uniqueness_of :ssn
|
96
|
-
Person.create!(ssn: "223456789")
|
97
|
-
end
|
98
|
-
|
99
|
-
it "correctly detects a uniqueness conflict" do
|
100
|
-
expect(person).to be_valid
|
101
|
-
end
|
102
|
-
end
|
103
|
-
end
|
104
|
-
|
105
|
-
context "when the field name is aliased" do
|
106
|
-
|
107
|
-
context "when the aliased name is used" do
|
108
|
-
|
109
|
-
context "when the field is encrypted" do
|
110
|
-
|
111
|
-
it "throws an exception" do
|
112
|
-
expect { Person.validates_uniqueness_of :credit_card, case_sensitive: false }.to raise_error 'Encrypted field :credit_card cannot support case insensitive uniqueness'
|
113
|
-
end
|
114
|
-
end
|
115
|
-
|
116
|
-
context "when the field is not encrypted" do
|
117
|
-
|
118
|
-
before do
|
119
|
-
Person.validates_uniqueness_of :phone_number, case_sensitive: false
|
120
|
-
Person.create!(phone_number: "12345678")
|
121
|
-
end
|
122
|
-
|
123
|
-
it "correctly detects a uniqueness conflict" do
|
124
|
-
expect(person).to_not be_valid
|
125
|
-
end
|
126
|
-
end
|
127
|
-
end
|
128
|
-
|
129
|
-
context "when the underlying name is used" do
|
130
|
-
|
131
|
-
context "when the field is encrypted" do
|
132
|
-
|
133
|
-
it "throws an exception" do
|
134
|
-
expect { Person.validates_uniqueness_of :cc, case_sensitive: false }.to raise_error 'Encrypted field :cc cannot support case insensitive uniqueness'
|
135
|
-
end
|
136
|
-
end
|
137
|
-
|
138
|
-
context "when the field is not encrypted" do
|
139
|
-
|
140
|
-
before do
|
141
|
-
Person.validates :ph, uniqueness: {case_sensitive: false}
|
142
|
-
Person.create!(phone_number: "12345678")
|
143
|
-
end
|
144
|
-
|
145
|
-
it "correctly detects a uniqueness conflict" do
|
146
|
-
expect(person).to_not be_valid
|
147
|
-
end
|
148
|
-
end
|
149
|
-
end
|
150
|
-
end
|
151
|
-
end
|
152
|
-
end
|
153
|
-
end
|
@@ -1,152 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
if Mongoid::EncryptedFields.mongoid_major_version >= 4
|
4
|
-
describe Mongoid::Validatable::UniquenessValidator do
|
5
|
-
|
6
|
-
before(:all) do
|
7
|
-
Mongoid::EncryptedFields.cipher = GibberishCipher.new('my test password', 'weaksalt')
|
8
|
-
end
|
9
|
-
|
10
|
-
before(:each) do
|
11
|
-
Mongoid.purge!
|
12
|
-
end
|
13
|
-
|
14
|
-
describe "#valid?" do
|
15
|
-
|
16
|
-
let(:person) do
|
17
|
-
Person.new(name: "bill", ssn: "abc456789", credit_card: "12345678", phone_number: "12345678")
|
18
|
-
end
|
19
|
-
|
20
|
-
after do
|
21
|
-
Person.reset_callbacks(:validate)
|
22
|
-
end
|
23
|
-
|
24
|
-
context "when the value is in conflict" do
|
25
|
-
|
26
|
-
context "when the field is not encrypted" do
|
27
|
-
|
28
|
-
context "when the validation is case-sensitive" do
|
29
|
-
|
30
|
-
before do
|
31
|
-
Person.validates_uniqueness_of :name, case_sensitive: true
|
32
|
-
Person.create!(name: "bill")
|
33
|
-
end
|
34
|
-
|
35
|
-
it "correctly detects a uniqueness conflict" do
|
36
|
-
expect(person).to_not be_valid
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
context "when the validation is case-insensitive" do
|
41
|
-
|
42
|
-
before do
|
43
|
-
Person.validates_uniqueness_of :name, case_sensitive: false
|
44
|
-
Person.create!(name: "BiLl")
|
45
|
-
end
|
46
|
-
|
47
|
-
it "behaves as case-insensitive" do
|
48
|
-
expect(person).to_not be_valid
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
|
53
|
-
context "when the field is encrypted" do
|
54
|
-
|
55
|
-
context "when the validation is case-sensitive" do
|
56
|
-
|
57
|
-
before do
|
58
|
-
Person.validates_uniqueness_of :ssn
|
59
|
-
Person.create!(ssn: "abc456789")
|
60
|
-
end
|
61
|
-
|
62
|
-
it "behaves as case-sensitive" do
|
63
|
-
expect(person).not_to be_valid
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
context "when the validation is case-insensitive" do
|
68
|
-
|
69
|
-
it "throws an exception" do
|
70
|
-
expect { Person.validates_uniqueness_of :ssn, case_sensitive: false }.to raise_error 'Encrypted field :ssn cannot support case insensitive uniqueness'
|
71
|
-
end
|
72
|
-
|
73
|
-
end
|
74
|
-
end
|
75
|
-
end
|
76
|
-
|
77
|
-
context "when the value is not conflict" do
|
78
|
-
|
79
|
-
context "when the field is not encrypted" do
|
80
|
-
|
81
|
-
before do
|
82
|
-
Person.validates_uniqueness_of :name
|
83
|
-
Person.create!(name: "ted")
|
84
|
-
end
|
85
|
-
|
86
|
-
it "correctly detects a uniqueness conflict" do
|
87
|
-
expect(person).to be_valid
|
88
|
-
end
|
89
|
-
end
|
90
|
-
|
91
|
-
context "when the field is encrypted" do
|
92
|
-
|
93
|
-
before do
|
94
|
-
Person.validates_uniqueness_of :ssn
|
95
|
-
Person.create!(ssn: "223456789")
|
96
|
-
end
|
97
|
-
|
98
|
-
it "correctly detects a uniqueness conflict" do
|
99
|
-
expect(person).to be_valid
|
100
|
-
end
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
context "when the field name is aliased" do
|
105
|
-
|
106
|
-
context "when the aliased name is used" do
|
107
|
-
|
108
|
-
context "when the field is encrypted" do
|
109
|
-
|
110
|
-
it "throws an exception" do
|
111
|
-
expect { Person.validates_uniqueness_of :credit_card, case_sensitive: false }.to raise_error 'Encrypted field :credit_card cannot support case insensitive uniqueness'
|
112
|
-
end
|
113
|
-
end
|
114
|
-
|
115
|
-
context "when the field is not encrypted" do
|
116
|
-
|
117
|
-
before do
|
118
|
-
Person.validates_uniqueness_of :phone_number, case_sensitive: false
|
119
|
-
Person.create!(phone_number: "12345678")
|
120
|
-
end
|
121
|
-
|
122
|
-
it "correctly detects a uniqueness conflict" do
|
123
|
-
expect(person).to_not be_valid
|
124
|
-
end
|
125
|
-
end
|
126
|
-
end
|
127
|
-
|
128
|
-
context "when the underlying name is used" do
|
129
|
-
|
130
|
-
context "when the field is encrypted" do
|
131
|
-
|
132
|
-
it "throws an exception" do
|
133
|
-
expect { Person.validates_uniqueness_of :cc, case_sensitive: false }.to raise_error 'Encrypted field :cc cannot support case insensitive uniqueness'
|
134
|
-
end
|
135
|
-
end
|
136
|
-
|
137
|
-
context "when the field is not encrypted" do
|
138
|
-
|
139
|
-
before do
|
140
|
-
Person.validates :ph, uniqueness: {case_sensitive: false}
|
141
|
-
Person.create!(phone_number: "12345678")
|
142
|
-
end
|
143
|
-
|
144
|
-
it "correctly detects a uniqueness conflict" do
|
145
|
-
expect(person).to_not be_valid
|
146
|
-
end
|
147
|
-
end
|
148
|
-
end
|
149
|
-
end
|
150
|
-
end
|
151
|
-
end
|
152
|
-
end
|