mongoid-kms 0.0.19 → 0.0.20
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/mongoid/kms/version.rb +1 -1
- data/lib/mongoid/kms.rb +44 -32
- data/spec/lib/mongoid/kms_spec.rb +10 -0
- data/spec/spec_helper.rb +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0ef5d00b5940a40440f302133dffa2b364b73a86
|
|
4
|
+
data.tar.gz: b970e5a37fbf0b68aa52b7a61f7197fdf008d896
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9f5c68d2c32a9785209e2138ed795311d103cfa8071fae65875d6a0f1cc9e73b76e0b71a31252b043857ccf9d1a6107c297265a93dbaba36dcd9c64feaa05ac4
|
|
7
|
+
data.tar.gz: 4ccbbe113dd32f9a9d50aff1e6c2a41a049ebf1afc1be7e54841076d2ce8f292e0d3c037d4e712dda5db10dfd60cff68993b2a8c19ee6c89ea026d48d2edb035
|
data/lib/mongoid/kms/version.rb
CHANGED
data/lib/mongoid/kms.rb
CHANGED
|
@@ -7,7 +7,8 @@ module Mongoid
|
|
|
7
7
|
extend ActiveSupport::Concern
|
|
8
8
|
|
|
9
9
|
included do
|
|
10
|
-
|
|
10
|
+
class_attribute :kms_field_map
|
|
11
|
+
self.kms_field_map ||= {}
|
|
11
12
|
|
|
12
13
|
unless self.ancestors.include?(ActiveModel::Dirty)
|
|
13
14
|
include ActiveModel::Dirty
|
|
@@ -79,10 +80,47 @@ module Mongoid
|
|
|
79
80
|
|
|
80
81
|
# Class methods
|
|
81
82
|
module ClassMethods
|
|
82
|
-
def
|
|
83
|
-
|
|
83
|
+
def inherited(child)
|
|
84
|
+
child.kms_field_map = self.kms_field_map.clone
|
|
85
|
+
|
|
86
|
+
child.kms_field_map.each do |field_name, args|
|
|
87
|
+
child.add_secure_field(field_name, args)
|
|
88
|
+
end
|
|
84
89
|
end
|
|
85
90
|
|
|
91
|
+
def add_secure_field(field_name, args)
|
|
92
|
+
encrypted_field_name = get_encrypted_field_name(field_name)
|
|
93
|
+
|
|
94
|
+
define_attribute_methods field_name.to_sym
|
|
95
|
+
before_save :set_kms_values
|
|
96
|
+
|
|
97
|
+
kms_field_map[field_name.to_s] = {context: args.delete(:context), type: args[:type]}
|
|
98
|
+
|
|
99
|
+
field encrypted_field_name, type: Mongoid::Kms.bson_class::Binary
|
|
100
|
+
|
|
101
|
+
self.class_eval do
|
|
102
|
+
define_method(field_name) do
|
|
103
|
+
instance_variable_get("@#{field_name}") || begin
|
|
104
|
+
raw = send("kms_secure_#{field_name}")
|
|
105
|
+
|
|
106
|
+
if raw.nil?
|
|
107
|
+
raw
|
|
108
|
+
else
|
|
109
|
+
v = self.class.decrypt_field(self, field_name, raw)
|
|
110
|
+
instance_variable_set("@#{field_name}", v)
|
|
111
|
+
v
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
define_method("#{field_name}=") do |value|
|
|
117
|
+
self.send("#{field_name}_will_change!")
|
|
118
|
+
instance_variable_set("@#{field_name}", value)
|
|
119
|
+
end
|
|
120
|
+
end
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
|
|
86
124
|
def encrypt_field(object, field_name, value)
|
|
87
125
|
Mongoid::Kms.kms.encrypt({
|
|
88
126
|
key_id: Mongoid::Kms.key,
|
|
@@ -128,11 +166,11 @@ module Mongoid
|
|
|
128
166
|
end
|
|
129
167
|
|
|
130
168
|
def kms_context_array(object, field_name)
|
|
131
|
-
|
|
169
|
+
kms_field_map[field_name.to_s][:context] || []
|
|
132
170
|
end
|
|
133
171
|
|
|
134
172
|
def kms_type(field_name)
|
|
135
|
-
|
|
173
|
+
kms_field_map[field_name.to_s][:type]
|
|
136
174
|
end
|
|
137
175
|
|
|
138
176
|
def get_encrypted_field_name(field_name)
|
|
@@ -140,33 +178,7 @@ module Mongoid
|
|
|
140
178
|
end
|
|
141
179
|
|
|
142
180
|
def secure_field(field_name, args)
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
@kms_field_map[field_name.to_s] = {context: args.delete(:context), type: args.delete(:type)}
|
|
146
|
-
|
|
147
|
-
field encrypted_field_name, args.merge(type: Mongoid::Kms.bson_class::Binary)
|
|
148
|
-
|
|
149
|
-
define_attribute_methods field_name.to_sym
|
|
150
|
-
before_save :set_kms_values
|
|
151
|
-
|
|
152
|
-
define_method(field_name) do
|
|
153
|
-
instance_variable_get("@#{field_name}") || begin
|
|
154
|
-
raw = send("kms_secure_#{field_name}")
|
|
155
|
-
|
|
156
|
-
if raw.nil?
|
|
157
|
-
raw
|
|
158
|
-
else
|
|
159
|
-
v = self.class.decrypt_field(self, field_name, raw)
|
|
160
|
-
instance_variable_set("@#{field_name}", v)
|
|
161
|
-
v
|
|
162
|
-
end
|
|
163
|
-
end
|
|
164
|
-
end
|
|
165
|
-
|
|
166
|
-
define_method("#{field_name}=") do |value|
|
|
167
|
-
self.send("#{field_name}_will_change!")
|
|
168
|
-
instance_variable_set("@#{field_name}", value)
|
|
169
|
-
end
|
|
181
|
+
add_secure_field(field_name, args)
|
|
170
182
|
end
|
|
171
183
|
end
|
|
172
184
|
|
|
@@ -52,4 +52,14 @@ describe Mongoid::Kms do
|
|
|
52
52
|
expect{Mongoid::Kms.configure({region: "", key: ""})}.to raise_error(Mongoid::Kms::Errors::ConfigurationError, "Region and KMS id key are required.")
|
|
53
53
|
end
|
|
54
54
|
|
|
55
|
+
it "works with extended classes" do
|
|
56
|
+
o = ExtendedClass.new(super_secure: "batman", unsecure: "robin", timestamp: Time.now, additional_secure: "wha!")
|
|
57
|
+
o.save!
|
|
58
|
+
|
|
59
|
+
byebug
|
|
60
|
+
|
|
61
|
+
o = ExtendedClass.find(o.id)
|
|
62
|
+
expect(o.additional_secure).to eq("wha!")
|
|
63
|
+
end
|
|
64
|
+
|
|
55
65
|
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mongoid-kms
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Winslett
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-12-
|
|
11
|
+
date: 2014-12-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: mongoid
|