mournful_settings 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +52 -9
- data/lib/mournful_settings/setting.rb +7 -0
- data/lib/mournful_settings/version.rb +5 -1
- data/test/dummy/db/test.sqlite3.db +0 -0
- data/test/dummy/test/setting_test.rb +32 -1
- metadata +1 -1
data/README.rdoc
CHANGED
@@ -50,22 +50,28 @@ To use a stored setting, use the 'for' class method:
|
|
50
50
|
|
51
51
|
== Encryption
|
52
52
|
|
53
|
-
By default mournful settings
|
54
|
-
|
53
|
+
By default mournful settings are encrypted. You can choose not to encrypt a
|
54
|
+
setting, by setting :encrypted => false.
|
55
55
|
|
56
|
-
|
56
|
+
Setting.create(
|
57
|
+
:name => 'pi',
|
58
|
+
:value => '3.14159',
|
59
|
+
:value_type => 'number',
|
60
|
+
:encrypted => false
|
61
|
+
)
|
57
62
|
|
58
|
-
|
59
|
-
an initializer, like this:
|
63
|
+
Out of the box, encryption uses a blowfish cipher, and a generic key string.
|
60
64
|
|
61
|
-
|
65
|
+
=== Set key and cipher
|
62
66
|
|
63
|
-
|
67
|
+
If you wish to use your own encryption key, you can define the key like this:
|
64
68
|
|
65
|
-
|
69
|
+
MournfulSettings::Setting::Cipher.key = 'your key'
|
70
|
+
|
71
|
+
Mournful settings uses Ruby's OpenSSL::Cipher. If you wish to change
|
66
72
|
the cipher from blowfish, you can alter it like this:
|
67
73
|
|
68
|
-
Setting::Cipher.config = 'aes-128-cbc'
|
74
|
+
MournfulSettings::Setting::Cipher.config = 'aes-128-cbc'
|
69
75
|
|
70
76
|
To see a list of the available options use:
|
71
77
|
|
@@ -73,6 +79,43 @@ To see a list of the available options use:
|
|
73
79
|
|
74
80
|
See: http://ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/Cipher.html
|
75
81
|
|
82
|
+
=== Where to set the cipher within your app
|
83
|
+
|
84
|
+
If you use a setting in an initializer you need to ensure that your cipher
|
85
|
+
configuration is set before the setting is used. This means you either need
|
86
|
+
to order your initializers putting your mournful_settings initializer first or
|
87
|
+
define the cipher settings in a before_initialize block defined in
|
88
|
+
config/application:
|
89
|
+
|
90
|
+
module YourRailsApp
|
91
|
+
class Application < Rails::Application
|
92
|
+
|
93
|
+
.....
|
94
|
+
|
95
|
+
config.before_initialize do
|
96
|
+
MournfulSettings::Setting::Cipher.key = 'your key'
|
97
|
+
end
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
101
|
+
See: http://guides.rubyonrails.org/configuring.html#initialization-events
|
102
|
+
|
103
|
+
=== Changing key and/or cipher
|
104
|
+
|
105
|
+
If you change the cipher configuration, existing encrypted settings will break.
|
106
|
+
Therefore, to make the change after you have started using encrypted settings,
|
107
|
+
you must decrypt your settings, make the change and then re-encrypt the settings
|
108
|
+
again. To ease this task, use the Setting.recrypt_all method:
|
109
|
+
|
110
|
+
Setting.recrypt_all { Setting::Cipher.key = 'your key' }
|
111
|
+
|
112
|
+
So the process would be:
|
113
|
+
|
114
|
+
- Stop the server
|
115
|
+
- Run the recrypt task
|
116
|
+
- Add/Update the configuration code in the app
|
117
|
+
- Start the server
|
118
|
+
|
76
119
|
== Integration with ActiveAdmin
|
77
120
|
|
78
121
|
Mournful settings contains a ActiveAdmin register file, that allow settings to
|
@@ -38,6 +38,13 @@ module MournfulSettings
|
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
|
+
def self.recrypt_all &do_while_unencrypted
|
42
|
+
encrypted = where(:encrypted => true)
|
43
|
+
encrypted.each {|s| s.encrypted = false; s.save}
|
44
|
+
do_while_unencrypted.call if do_while_unencrypted
|
45
|
+
encrypted.each {|s| s.encrypted = true; s.save}
|
46
|
+
end
|
47
|
+
|
41
48
|
private
|
42
49
|
def encrypt(text)
|
43
50
|
add_separators Base64.encode64 Cipher.encrypt text.to_s
|
@@ -1,10 +1,14 @@
|
|
1
1
|
module MournfulSettings
|
2
|
-
VERSION = "0.0.
|
2
|
+
VERSION = "0.0.4"
|
3
3
|
end
|
4
4
|
|
5
5
|
# History
|
6
6
|
# =======
|
7
7
|
#
|
8
|
+
# 0.0.4: Changing cipher configuration
|
9
|
+
# ------------------------------------
|
10
|
+
# Adds facility to allow cipher to be changed with existing live data
|
11
|
+
#
|
8
12
|
# 0.0.3: Encrypted by default
|
9
13
|
# ---------------------------
|
10
14
|
# Modifies model and active admin registration file to make encrypting settings
|
Binary file
|
@@ -29,7 +29,7 @@ class SettingTest < Test::Unit::TestCase
|
|
29
29
|
end
|
30
30
|
|
31
31
|
def test_encrypted_value
|
32
|
-
assert_kind_of(String, encrypted_setting.value)
|
32
|
+
assert_kind_of(String, encrypted_setting.reload.value)
|
33
33
|
assert_equal(@value, encrypted_setting.value)
|
34
34
|
end
|
35
35
|
|
@@ -92,6 +92,37 @@ class SettingTest < Test::Unit::TestCase
|
|
92
92
|
end
|
93
93
|
end
|
94
94
|
|
95
|
+
def test_changing_cipher
|
96
|
+
cipher = 'bf-cbc'
|
97
|
+
assert_not_equal(cipher, Setting::Cipher.config)
|
98
|
+
test_encrypted_value
|
99
|
+
Setting::Cipher.config = cipher
|
100
|
+
assert_equal(cipher, Setting::Cipher.config)
|
101
|
+
assert_raise OpenSSL::Cipher::CipherError do
|
102
|
+
test_encrypted_value
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
def test_changing_key
|
107
|
+
key = 'Some new key'
|
108
|
+
assert_not_equal(key, Setting::Cipher.key)
|
109
|
+
test_encrypted_value
|
110
|
+
Setting::Cipher.key = key
|
111
|
+
assert_equal(key, Setting::Cipher.key)
|
112
|
+
assert_raise OpenSSL::Cipher::CipherError do
|
113
|
+
test_encrypted_value
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
def test_recrypt_all
|
118
|
+
key = 'Some new key'
|
119
|
+
assert_not_equal(key, Setting::Cipher.key)
|
120
|
+
test_encrypted_value
|
121
|
+
Setting.recrypt_all { Setting::Cipher.key = key }
|
122
|
+
assert_equal(key, Setting::Cipher.key)
|
123
|
+
test_encrypted_value
|
124
|
+
end
|
125
|
+
|
95
126
|
private
|
96
127
|
def text_setting
|
97
128
|
@text_setting ||= Setting.create(:name => 'text_setting', :value => 'foo', :value_type => 'text', :encrypted => false)
|