mongoid-kms 0.0.13 → 0.0.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/mongoid/kms/version.rb +1 -1
- data/lib/mongoid/kms.rb +4 -2
- data/spec/lib/mongoid/kms_spec.rb +14 -2
- data/spec/spec_helper.rb +9 -4
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 49b32845a5b6f1ca1f9d205d59915df58e7425e1
|
|
4
|
+
data.tar.gz: 1c9dbdf7f83534f9b1f94d7e1e03e83d1aef930f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 85e1bf962a3660b1bd10f844c117383fb590c8777f5575e012fa1cb85a9526ef822d0c9d4066862301928fdb696009faf92ed6c7a8b86dd07387f598cf47580f
|
|
7
|
+
data.tar.gz: dd9bfa5812eccc83711c2c39538558e39a4f9950af12ee93c73cdba7d370b3acb1e8cc36cd2b8ea4a97783033b21b8ef93ea483355a6d7332a6828c2b8c62205
|
data/lib/mongoid/kms/version.rb
CHANGED
data/lib/mongoid/kms.rb
CHANGED
|
@@ -44,6 +44,8 @@ module Mongoid
|
|
|
44
44
|
plaintext: value,
|
|
45
45
|
encryption_context: kms_context(object, field_name)
|
|
46
46
|
})[:ciphertext_blob].force_encoding('UTF-8')
|
|
47
|
+
rescue ArgumentError
|
|
48
|
+
raise "Error using KMS context. If you use an object's field for context, set your encrypted fields explicitly: myobject.#{field_name} = #{value.inspect}"
|
|
47
49
|
end
|
|
48
50
|
|
|
49
51
|
def decrypt_field(object, field_name, data)
|
|
@@ -75,7 +77,7 @@ module Mongoid
|
|
|
75
77
|
instance_variable_get("@#{field_name}") || begin
|
|
76
78
|
raw = send("kms_secure_#{field_name}")
|
|
77
79
|
|
|
78
|
-
if raw.
|
|
80
|
+
if raw.nil?
|
|
79
81
|
raw
|
|
80
82
|
else
|
|
81
83
|
v = self.class.decrypt_field(self, field_name, raw)
|
|
@@ -88,7 +90,7 @@ module Mongoid
|
|
|
88
90
|
define_method("#{field_name}=") do |value|
|
|
89
91
|
instance_variable_set("@#{field_name}", value)
|
|
90
92
|
|
|
91
|
-
if value.
|
|
93
|
+
if value.nil?
|
|
92
94
|
self.send("#{encrypted_field_name}=", nil)
|
|
93
95
|
else
|
|
94
96
|
self.send("#{encrypted_field_name}=", self.class.encrypt_field(self, field_name, value))
|
|
@@ -3,7 +3,8 @@ require 'spec_helper'
|
|
|
3
3
|
describe Mongoid::Kms do
|
|
4
4
|
|
|
5
5
|
it "encrypts the secure fields" do
|
|
6
|
-
o = MyClass.new(
|
|
6
|
+
o = MyClass.new(unsecure: "robin")
|
|
7
|
+
o.secure = "batman"
|
|
7
8
|
o.save!
|
|
8
9
|
|
|
9
10
|
expect(o.secure).to eq("batman")
|
|
@@ -11,7 +12,8 @@ describe Mongoid::Kms do
|
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
it "descripts the secure fields" do
|
|
14
|
-
o = MyClass.new(
|
|
15
|
+
o = MyClass.new(unsecure: "robin")
|
|
16
|
+
o.secure = "batman"
|
|
15
17
|
o.save!
|
|
16
18
|
|
|
17
19
|
o = MyClass.find(o.id)
|
|
@@ -19,4 +21,14 @@ describe Mongoid::Kms do
|
|
|
19
21
|
expect(o.unsecure).to eq("robin")
|
|
20
22
|
end
|
|
21
23
|
|
|
24
|
+
it "encrypts teh other fields" do
|
|
25
|
+
o = OtherClass.new(unsecure: "pengiun")
|
|
26
|
+
o.super_secure = "joker"
|
|
27
|
+
o.save!
|
|
28
|
+
|
|
29
|
+
o = OtherClass.find(o.id)
|
|
30
|
+
expect(o.super_secure).to eq("joker")
|
|
31
|
+
expect(o.unsecure).to eq("pengiun")
|
|
32
|
+
end
|
|
33
|
+
|
|
22
34
|
end
|
data/spec/spec_helper.rb
CHANGED
|
@@ -9,12 +9,17 @@ class MyClass
|
|
|
9
9
|
include Mongoid::Document
|
|
10
10
|
include Mongoid::Kms
|
|
11
11
|
|
|
12
|
-
secure_field :secure, type: String, context: lambda { |d| {name: d.
|
|
12
|
+
secure_field :secure, type: String, context: lambda { |d| {name: d.unsecure} }
|
|
13
13
|
field :unsecure
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
class OtherClass
|
|
17
|
+
include Mongoid::Document
|
|
18
|
+
include Mongoid::Kms
|
|
14
19
|
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
end
|
|
20
|
+
secure_field :super_secure, type: String, context: lambda { |d| {some_name: d.unsecure} }
|
|
21
|
+
field :unsecure
|
|
18
22
|
end
|
|
19
23
|
|
|
24
|
+
|
|
20
25
|
Mongoid::Kms.configure({region: "us-east-1", key: ENV['AWS_KMS_KEY_ID']})
|