mongoid-kms 0.0.19 → 0.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/mongoid/kms/version.rb +1 -1
- data/lib/mongoid/kms.rb +44 -32
- data/spec/lib/mongoid/kms_spec.rb +10 -0
- data/spec/spec_helper.rb +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0ef5d00b5940a40440f302133dffa2b364b73a86
|
|
4
|
+
data.tar.gz: b970e5a37fbf0b68aa52b7a61f7197fdf008d896
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9f5c68d2c32a9785209e2138ed795311d103cfa8071fae65875d6a0f1cc9e73b76e0b71a31252b043857ccf9d1a6107c297265a93dbaba36dcd9c64feaa05ac4
|
|
7
|
+
data.tar.gz: 4ccbbe113dd32f9a9d50aff1e6c2a41a049ebf1afc1be7e54841076d2ce8f292e0d3c037d4e712dda5db10dfd60cff68993b2a8c19ee6c89ea026d48d2edb035
|
data/lib/mongoid/kms/version.rb
CHANGED
data/lib/mongoid/kms.rb
CHANGED
|
@@ -7,7 +7,8 @@ module Mongoid
|
|
|
7
7
|
extend ActiveSupport::Concern
|
|
8
8
|
|
|
9
9
|
included do
|
|
10
|
-
|
|
10
|
+
class_attribute :kms_field_map
|
|
11
|
+
self.kms_field_map ||= {}
|
|
11
12
|
|
|
12
13
|
unless self.ancestors.include?(ActiveModel::Dirty)
|
|
13
14
|
include ActiveModel::Dirty
|
|
@@ -79,10 +80,47 @@ module Mongoid
|
|
|
79
80
|
|
|
80
81
|
# Class methods
|
|
81
82
|
module ClassMethods
|
|
82
|
-
def
|
|
83
|
-
|
|
83
|
+
def inherited(child)
|
|
84
|
+
child.kms_field_map = self.kms_field_map.clone
|
|
85
|
+
|
|
86
|
+
child.kms_field_map.each do |field_name, args|
|
|
87
|
+
child.add_secure_field(field_name, args)
|
|
88
|
+
end
|
|
84
89
|
end
|
|
85
90
|
|
|
91
|
+
def add_secure_field(field_name, args)
|
|
92
|
+
encrypted_field_name = get_encrypted_field_name(field_name)
|
|
93
|
+
|
|
94
|
+
define_attribute_methods field_name.to_sym
|
|
95
|
+
before_save :set_kms_values
|
|
96
|
+
|
|
97
|
+
kms_field_map[field_name.to_s] = {context: args.delete(:context), type: args[:type]}
|
|
98
|
+
|
|
99
|
+
field encrypted_field_name, type: Mongoid::Kms.bson_class::Binary
|
|
100
|
+
|
|
101
|
+
self.class_eval do
|
|
102
|
+
define_method(field_name) do
|
|
103
|
+
instance_variable_get("@#{field_name}") || begin
|
|
104
|
+
raw = send("kms_secure_#{field_name}")
|
|
105
|
+
|
|
106
|
+
if raw.nil?
|
|
107
|
+
raw
|
|
108
|
+
else
|
|
109
|
+
v = self.class.decrypt_field(self, field_name, raw)
|
|
110
|
+
instance_variable_set("@#{field_name}", v)
|
|
111
|
+
v
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
define_method("#{field_name}=") do |value|
|
|
117
|
+
self.send("#{field_name}_will_change!")
|
|
118
|
+
instance_variable_set("@#{field_name}", value)
|
|
119
|
+
end
|
|
120
|
+
end
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
|
|
86
124
|
def encrypt_field(object, field_name, value)
|
|
87
125
|
Mongoid::Kms.kms.encrypt({
|
|
88
126
|
key_id: Mongoid::Kms.key,
|
|
@@ -128,11 +166,11 @@ module Mongoid
|
|
|
128
166
|
end
|
|
129
167
|
|
|
130
168
|
def kms_context_array(object, field_name)
|
|
131
|
-
|
|
169
|
+
kms_field_map[field_name.to_s][:context] || []
|
|
132
170
|
end
|
|
133
171
|
|
|
134
172
|
def kms_type(field_name)
|
|
135
|
-
|
|
173
|
+
kms_field_map[field_name.to_s][:type]
|
|
136
174
|
end
|
|
137
175
|
|
|
138
176
|
def get_encrypted_field_name(field_name)
|
|
@@ -140,33 +178,7 @@ module Mongoid
|
|
|
140
178
|
end
|
|
141
179
|
|
|
142
180
|
def secure_field(field_name, args)
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
@kms_field_map[field_name.to_s] = {context: args.delete(:context), type: args.delete(:type)}
|
|
146
|
-
|
|
147
|
-
field encrypted_field_name, args.merge(type: Mongoid::Kms.bson_class::Binary)
|
|
148
|
-
|
|
149
|
-
define_attribute_methods field_name.to_sym
|
|
150
|
-
before_save :set_kms_values
|
|
151
|
-
|
|
152
|
-
define_method(field_name) do
|
|
153
|
-
instance_variable_get("@#{field_name}") || begin
|
|
154
|
-
raw = send("kms_secure_#{field_name}")
|
|
155
|
-
|
|
156
|
-
if raw.nil?
|
|
157
|
-
raw
|
|
158
|
-
else
|
|
159
|
-
v = self.class.decrypt_field(self, field_name, raw)
|
|
160
|
-
instance_variable_set("@#{field_name}", v)
|
|
161
|
-
v
|
|
162
|
-
end
|
|
163
|
-
end
|
|
164
|
-
end
|
|
165
|
-
|
|
166
|
-
define_method("#{field_name}=") do |value|
|
|
167
|
-
self.send("#{field_name}_will_change!")
|
|
168
|
-
instance_variable_set("@#{field_name}", value)
|
|
169
|
-
end
|
|
181
|
+
add_secure_field(field_name, args)
|
|
170
182
|
end
|
|
171
183
|
end
|
|
172
184
|
|
|
@@ -52,4 +52,14 @@ describe Mongoid::Kms do
|
|
|
52
52
|
expect{Mongoid::Kms.configure({region: "", key: ""})}.to raise_error(Mongoid::Kms::Errors::ConfigurationError, "Region and KMS id key are required.")
|
|
53
53
|
end
|
|
54
54
|
|
|
55
|
+
it "works with extended classes" do
|
|
56
|
+
o = ExtendedClass.new(super_secure: "batman", unsecure: "robin", timestamp: Time.now, additional_secure: "wha!")
|
|
57
|
+
o.save!
|
|
58
|
+
|
|
59
|
+
byebug
|
|
60
|
+
|
|
61
|
+
o = ExtendedClass.find(o.id)
|
|
62
|
+
expect(o.additional_secure).to eq("wha!")
|
|
63
|
+
end
|
|
64
|
+
|
|
55
65
|
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mongoid-kms
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Winslett
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-12-
|
|
11
|
+
date: 2014-12-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: mongoid
|